Check an IP Address, Domain Name, Subnet, or ASN

66.132.172.40 was found in our database!

$ whois 66.132.172.40

country·🇺🇸 United States

isp·Censys, Inc.

asn·AS398324

network·Standard

$ sikker risk 66.132.172.40scoring →

confidence

76%High

first_seen·Mar 19, 2026

last_seen·1h ago

sessions·24

events·24

$ sikker protocols 66.132.172.40

HTTPS

9 / 9

HTTP

5 / 5

DOCKER

5 / 5

SMTP

2 / 2

MSSQL

1 / 1

REDIS

1 / 1

TELNET

1 / 1

$ sikker summary 66.132.172.40

66.132.172.40 has a threat confidence score of 76%. This IP address from United States (AS398324, Censys, Inc.) has been observed in 24 honeypot sessions targeting HTTPS, HTTP, DOCKER, SMTP, MSSQL and 2 other protocols. First observed on March 19, 2026, most recently active March 21, 2026.

$ sikker behaviors 66.132.172.40catalog →

infoHttp Root Path Request3x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoSmtp Censys Tls Capability Probe2x

SMTP interaction identified as an internet-wide scanning probe originating from Censys infrastructure. The client announces itself via EHLO www.censys.io and issues a STARTTLS request to verify TLS upgrade support and collect service capability metadata. This pattern reflects automated reconnaissance and exposure mapping rather than direct exploitation, but still represents active external probing of the SMTP service.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 66.132.172.40

docker_get_method25 docker_bad_request_uri15 http_method_get3 smtp_ehlo_greeting2 smtp_starttls_upgrade_request2 smtp_ehlo_censys_scanner_identifier2 redis_ping1 https_path_root1 redis_info_uppercase1 https_path_bad_request1 redis_nonexistent_command1

$ sikker related 66.132.172.40

🇺🇸·More threats fromUnited States→AS·More threats fromCensys, Inc.→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→DOCK·More threats targetingDOCKER→SMTP·More threats targetingSMTP→MSSQ·More threats targetingMSSQL→REDI·More threats targetingREDIS→TELN·More threats targetingTELNET→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
206.168.34.201	50%	2,106
206.168.34.223	50%	1,787
206.168.34.196	50%	1,898
167.94.138.124	49%	1,717
66.132.172.39	72%	24

IP Address	Confidence	Events
167.94.146.60	50%	3,023
198.143.191.202	98%	84,628
43.162.109.139	96%	2,378
20.102.112.104	82%	1,222
167.94.146.62	50%	3,057