Check an IP Address, Domain Name, Subnet, or ASN

75.119.132.166 was found in our database!

$ whois 75.119.132.166

country·🇫🇷 France

city·Lauterbourg

isp·Contabo GmbH

asn·AS51167

network·Standard

$ sikker risk 75.119.132.166scoring →

confidence

94%Very High

first_seen·Mar 14, 2026

last_seen·1h ago

sessions·36

events·36

$ sikker protocols 75.119.132.166

DOCKER

9 / 9

HTTPS

8 / 8

SSH

7 / 7

HTTP

6 / 6

TELNET

6 / 6

$ sikker summary 75.119.132.166

75.119.132.166 has a threat confidence score of 94%. This IP address from France (AS51167, Contabo GmbH) has been observed in 36 honeypot sessions targeting DOCKER, HTTPS, SSH, HTTP, TELNET protocols. Detected attack patterns include http mass web rce exploitation scanning. First observed on March 14, 2026, most recently active March 25, 2026.

$ sikker behaviors 75.119.132.166catalog →

highHttp Mass Web Rce Exploitation Scanning6x

Coordinated automated exploitation attempts targeting public-facing web services, including PHPUnit eval-stdin access, PHP-CGI argument injection, Docker API exposure, directory traversal, ThinkPHP invokeFunction abuse, and command execution patterns (wget/curl pipe to shell). Identifies opportunistic bot-driven RCE scanning and framework-specific exploit chaining against internet-exposed applications.

$ sikker primitives 75.119.132.166

http_method_get252 http_php_echo_md5_hello_phpunit_marker222 docker_post_method27 docker_container_exec_path18 https_query_thinkphp_invokefunction_md5_probe16 https_body_wget_curl_pipe_to_sh_apache_selfrep16 https_php_ini_directive_injection_allow_url_include_auto_prepend_file16 http_body_wget_curl_pipe_to_sh_selfrep12 telnet_echo_hex_escape_sequence_output12 http_thinkphp_invokefunction_call_user_func_array_md512 http_php_cgi_allow_url_include_auto_prepend_input_injection12 docker_get_method9 docker_exec_start_endpoint9 docker_list_containers_endpoint9 https_path_root8 https_phpunit_eval_stdin_rce_probe8 https_cgi_bin_percent_encoded_directory_traversal_bin_sh8 telnet_command_sh6 telnet_command_shell6 telnet_command_enable6

$ sikker related 75.119.132.166

🇫🇷·More threats fromFrance→AS·More threats fromContabo GmbH→DOCK·More threats targetingDOCKER→HTTP·More threats targetingHTTPS→SSH·More threats targetingSSH→HTTP·More threats targetingHTTP→TELN·More threats targetingTELNET→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
158.220.86.73	95%	1,013
84.247.165.192	94%	157
109.205.180.231	95%	330
194.163.159.77	95%	738
38.242.146.40	98%	80

IP Address	Confidence	Events
54.38.41.116	87%	33,591
51.83.143.139	90%	78,438
51.77.145.89	100%	235
51.75.194.10	100%	1,014
161.97.132.79	98%	64,947