66.132.186.175
IP Intelligence Briefing: 66.132.186.175
Date: 2026-06-18
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership: Censys, Inc. (ASN 398324)
- Geolocation: Miami, FL, US (latitude 25.7617, longitude -80.1918)
- Network Role: Firewalled / No Services (no open ports, no TLS/HTTP services)
- Threat Indicators:
- Listed in 8 threat feeds (2 high-severity, 3 medium, 3 low).
- No direct malicious indicators (no spam, Tor, or known attacker flags).
- DNS PTR record: `175.186.132.66.censys-scanner.com` (linked to Censys scanning infrastructure).
---
**2. Observation History**
- Recent Activity (2026-06-18):
- Flagged in 8 threat feeds (e.g., AbuseIPDB, Cisco Talos).
- Subnet abuse density: 0.5833 (high risk for the /24 network).
- Long-Term Trends:
- First observed in June 2026.
- No persistent malicious behavior detected.
---
**3. Network Relationships**
- Connected Entities:
- Hostname: `175.186.132.66.censys-scanner.com` (Censys scanning infrastructure).
- Subnet: `66.132.186.0/24` (classified as "high_abuse" with 28 malicious siblings).
- Shared ASN: ASN 398324 (Censys, Inc.).
---
**4. Neighborhood Analysis**
- Subnet: `66.132.186.0/24` (48 total IPs, 29 active).
- Risk Distribution:
- 47 IPs in subnet have medium risk (score 50).
- 0 high-risk IPs (abuse density: 0.5833).
- Notable Neighbors:
- `66.132.186.159`, `66.132.186.160`, and others share similar risk profiles.
---
**5. Actionable Insights**
- SOC Recommendations:
- Monitor the `66.132.186.0/24` subnet for suspicious activity due to high abuse density.
- Investigate Censys scanning infrastructure (`175.186.132.66.censys-scanner.com`) to confirm legitimacy.
- Block or restrict traffic from this subnet if unauthorized scanning is detected.
- Context:
- Censys is a legitimate cybersecurity company, but its scanning activities may raise alerts. Verify if this IP is part of authorized network discovery.
---
Conclusion: This IP is part of a high-abuse subnet linked to Censys, Inc. While no direct malicious activity is confirmed, its association with multiple threat feeds warrants closer scrutiny. Monitor the subnet and validate scanning activities to mitigate potential risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Censys, Inc. |
| ASN | AS398324 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 175.186.132.66.censys-scanner.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 175.186.132.66.censys-scanner.com |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 3 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 21% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:32 UTC |
| Last Seen | 2026-06-25 14:02:47 UTC |
| Profile Built | 2026-06-23 20:24:12 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 25 |
Full dossier details are available via our API.