Check an IP Address, Domain Name, Subnet, or ASN

66.132.195.101 was found in our database!

$ whois 66.132.195.101

country·🇺🇸 United States

network·Standard

$ sikker risk 66.132.195.101scoring →

confidence

82%Very High

first_seen·Mar 23, 2026

last_seen·24m ago

sessions·50

events·50

$ sikker protocols 66.132.195.101

HTTP

16 / 16

HTTPS

13 / 13

SMTP

6 / 6

DOCKER

5 / 5

SSH

3 / 3

TELNET

3 / 3

SIP

2 / 2

SMB

1 / 1

MSSQL

1 / 1

$ sikker summary 66.132.195.101

66.132.195.101 has a threat confidence score of 82%. This IP address from United States has been observed in 50 honeypot sessions targeting HTTP, HTTPS, SMTP, DOCKER, SSH and 4 other protocols. First observed on March 23, 2026, most recently active March 25, 2026.

$ sikker behaviors 66.132.195.101catalog →

infoHttp Root Path Request8x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttp Bad Request Route Probe2x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoSmtp Censys Tls Capability Probe1x

SMTP interaction identified as an internet-wide scanning probe originating from Censys infrastructure. The client announces itself via EHLO www.censys.io and issues a STARTTLS request to verify TLS upgrade support and collect service capability metadata. This pattern reflects automated reconnaissance and exposure mapping rather than direct exploitation, but still represents active external probing of the SMTP service.

$ sikker primitives 66.132.195.101

docker_get_method27 docker_bad_request_uri16 http_method_get10 smtp_ehlo_greeting2 http_path_bad_request2 smtp_ehlo_censys_scanner_identifier2 https_path_root1 smtp_starttls_upgrade_request1 sip_call_id_alphanumeric_entropy1

$ sikker related 66.132.195.101

🇺🇸·More threats fromUnited States→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→SMTP·More threats targetingSMTP→DOCK·More threats targetingDOCKER→SSH·More threats targetingSSH→TELN·More threats targetingTELNET→SIP·More threats targetingSIP→SMB·More threats targetingSMB→MSSQ·More threats targetingMSSQL→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
205.210.31.86	96%	317
92.118.39.62	100%	377,780
172.86.72.120	43%	2
205.210.31.79	91%	293
20.168.122.88	62%	138