Check an IP Address, Domain Name, Subnet, or ASN

66.228.53.136 was found in our database!

$ whois 66.228.53.136

country·🇺🇸 United States

city·Richardson

isp·Akamai Connected Cloud

asn·AS63949

network·Standard

$ sikker risk 66.228.53.136scoring →

confidence

85%Very High

first_seen·Jan 21, 2026

last_seen·39m ago

sessions·427

events·670

$ sikker protocols 66.228.53.136

SSH

77 / 97

FTP

18 / 81

REDIS

34 / 80

HTTPS

51 / 72

SIP

50 / 66

HTTP

41 / 66

RTSP

28 / 52

IMAP

20 / 36

SMB

26 / 26

TELNET

18 / 26

POSTGRES

22 / 22

DOCKER

10 / 12

MONGODB

12 / 12

MSSQL

10 / 10

ELASTICSEARCH

7 / 7

TR069

1 / 3

RDP

2 / 2

$ sikker summary 66.228.53.136

66.228.53.136 has a threat confidence score of 85%. This IP address from United States (AS63949, Akamai Connected Cloud) has been observed in 427 honeypot sessions targeting SSH, FTP, REDIS, HTTPS, SIP and 12 other protocols. First observed on January 21, 2026, most recently active March 21, 2026.

$ sikker behaviors 66.228.53.136catalog →

lowFtp Control Channel Protocol Anomaly4x

FTP session where an empty control-channel command is observed in conjunction with non-printable binary data on the control channel. This pattern reflects malformed or non-FTP-compliant input, commonly seen during TLS handshake attempts on plaintext endpoints, protocol confusion, or automated scanner misfires.

infoHttp Root Path Request23x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request22x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 66.228.53.136

http_method_get23 https_path_root22 docker_get_method10 ftp_control_channel_binary_payload9 elastic_root_path_probe7 elastic_http_get_request7 empty_ftp_command6 redis_command_http_host_header_port_63795

$ sikker related 66.228.53.136

Report IP WHOIS Lookup →

IP Address	Confidence	Events
192.81.129.190	45%	25
172.237.74.237	96%	1,599
45.33.12.214	73%	1,641
45.79.115.59	85%	1,274
45.33.109.8	74%	1,520

IP Address	Confidence	Events
206.168.34.63	49%	1,849
159.89.236.241	98%	368
159.65.221.230	77%	131
20.163.2.42	88%	185
184.105.247.254	100%	2,419