Check an IP Address, Domain Name, Subnet, or ASN

66.132.195.47 was found in our database!

$ whois 66.132.195.47

country·🇺🇸 United States

network·Standard

$ sikker risk 66.132.195.47scoring →

confidence

85%Very High

first_seen·Mar 22, 2026

last_seen·1h ago

sessions·58

events·58

$ sikker protocols 66.132.195.47

HTTPS

22 / 22

HTTP

19 / 19

POSTGRES

7 / 7

RDP

6 / 6

DOCKER

2 / 2

SMB

1 / 1

MSSQL

1 / 1

$ sikker summary 66.132.195.47

66.132.195.47 has a threat confidence score of 85%. This IP address from United States has been observed in 58 honeypot sessions targeting HTTPS, HTTP, POSTGRES, RDP, DOCKER and 2 other protocols. First observed on March 22, 2026, most recently active March 25, 2026.

$ sikker behaviors 66.132.195.47catalog →

mediumRdp Legacy Plaintext Authentication Attempt1x

Identifies RDP clients attempting authentication using the legacy RDP security mode where credentials are exchanged through the older RDP security layer instead of Network Level Authentication (NLA). This indicates the client negotiated legacy plaintext authentication during the RDP security handshake

infoHttp Root Path Request6x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Bad Request Route Probe1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 66.132.195.47

http_method_get13 docker_get_method10 docker_bad_request_uri6 http_path_bad_request5 https_path_root2 https_path_bad_request1 rdp_legacy_plaintext_authenthication1

$ sikker related 66.132.195.47

🇺🇸·More threats fromUnited States→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→POST·More threats targetingPOSTGRES→RDP·More threats targetingRDP→DOCK·More threats targetingDOCKER→SMB·More threats targetingSMB→MSSQ·More threats targetingMSSQL→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
192.210.186.10	96%	300
92.118.39.63	100%	56,271
92.118.39.62	100%	377,519
45.61.184.223	99%	10,298
216.247.208.231	100%	93