Check an IP Address, Domain Name, Subnet, or ASN

104.248.51.150 was found in our database!

$ whois 104.248.51.150

country·🇺🇸 United States

city·North Bergen

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 104.248.51.150scoring →

confidence

61%High

first_seen·Feb 27, 2026

last_seen·1h ago

sessions·57

events·57

$ sikker protocols 104.248.51.150

REDIS

39 / 39

RDP

11 / 11

HTTPS

6 / 6

MONGODB

1 / 1

$ sikker summary 104.248.51.150

104.248.51.150 has a threat confidence score of 61%. This IP address from United States (AS14061, DigitalOcean, LLC) has been observed in 57 honeypot sessions targeting REDIS, RDP, HTTPS, MONGODB protocols. First observed on February 27, 2026, most recently active March 21, 2026.

$ sikker behaviors 104.248.51.150catalog →

mediumRdp Nla Ntlm Authentication Attempt1x

Identifies RDP clients attempting authentication using Network Level Authentication (NLA) with the NTLM challenge-response protocol. This occurs during the CredSSP negotiation phase before a remote desktop session is established and indicates an active credential authentication attempt against the RDP service

infoHttps Direct Bad Request Endpoint Access1x

Identifies direct HTTPS requests to the /bad-request path, indicating manual or automated probing of error-handling routes rather than normal application flow.

$ sikker primitives 104.248.51.150

rdp_nla_ntlm_auth1 https_path_bad_request1

$ sikker related 104.248.51.150

🇺🇸·More threats fromUnited States→AS·More threats fromDigitalOcean, LLC→REDI·More threats targetingREDIS→RDP·More threats targetingRDP→HTTP·More threats targetingHTTPS→MONG·More threats targetingMONGODB→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
206.81.13.84	99%	519
167.172.141.250	79%	87
188.166.241.2	90%	328
138.197.16.14	92%	1,248
165.22.218.119	79%	9,930

IP Address	Confidence	Events
157.254.223.77	95%	613
45.205.1.20	80%	397
206.81.13.84	99%	519
167.172.141.250	79%	87
96.0.160.144	87%	19,918