Check an IP Address, Domain Name, Subnet, or ASN

66.228.53.4 was found in our database!

$ whois 66.228.53.4

country·🇺🇸 United States

city·Richardson

isp·Akamai Connected Cloud

asn·AS63949

network·Standard

$ sikker risk 66.228.53.4scoring →

confidence

84%Very High

first_seen·Jan 20, 2026

last_seen·55m ago

sessions·456

events·678

$ sikker protocols 66.228.53.4

SSH

76 / 92

REDIS

24 / 81

RTSP

32 / 71

HTTPS

46 / 69

IMAP

41 / 60

SIP

40 / 55

HTTP

39 / 53

SMB

40 / 40

TELNET

26 / 36

FTP

12 / 34

MSSQL

26 / 26

POSTGRES

20 / 20

MONGODB

10 / 12

ELASTICSEARCH

9 / 9

RDP

6 / 6

DOCKER

6 / 6

WINRM

2 / 5

TR069

1 / 3

$ sikker summary 66.228.53.4

66.228.53.4 has a threat confidence score of 84%. This IP address from United States (AS63949, Akamai Connected Cloud) has been observed in 456 honeypot sessions targeting SSH, REDIS, RTSP, HTTPS, IMAP and 13 other protocols. First observed on January 20, 2026, most recently active March 22, 2026.

$ sikker behaviors 66.228.53.4catalog →

lowFtp Control Channel Protocol Anomaly3x

FTP session where an empty control-channel command is observed in conjunction with non-printable binary data on the control channel. This pattern reflects malformed or non-FTP-compliant input, commonly seen during TLS handshake attempts on plaintext endpoints, protocol confusion, or automated scanner misfires.

infoHttp Root Path Request27x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request20x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 66.228.53.4

http_method_get27 https_path_root20 elastic_root_path_probe9 elastic_http_get_request9 ftp_control_channel_binary_payload7 docker_get_method6 empty_ftp_command6 redis_command_http_host_header_port_63794

$ sikker related 66.228.53.4

Report IP WHOIS Lookup →

IP Address	Confidence	Events
172.236.228.227	91%	1,769
172.236.228.218	89%	1,803
66.228.53.162	79%	649
172.235.40.131	96%	1,930
172.237.74.237	96%	2,335

IP Address	Confidence	Events
43.162.109.139	96%	3,015
68.68.101.178	93%	5,674
208.3.195.65	100%	98,774
38.54.50.81	97%	2,942
172.190.24.225	75%	19