Check an IP Address, Domain Name, Subnet, or ASN

137.184.145.117 was found in our database!

$ whois 137.184.145.117

country·🇺🇸 United States

city·North Bergen

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 137.184.145.117scoring →

confidence

73%High

first_seen·Feb 27, 2026

last_seen·1h ago

sessions·133

events·133

$ sikker protocols 137.184.145.117

REDIS

77 / 77

MSSQL

35 / 35

HTTPS

12 / 12

RDP

4 / 4

ELASTICSEARCH

3 / 3

SMTP

1 / 1

MONGODB

1 / 1

$ sikker summary 137.184.145.117

137.184.145.117 has a threat confidence score of 73%. This IP address from United States (AS14061, DigitalOcean, LLC) has been observed in 133 honeypot sessions targeting REDIS, MSSQL, HTTPS, RDP, ELASTICSEARCH and 2 other protocols. First observed on February 27, 2026, most recently active April 6, 2026.

$ sikker behaviors 137.184.145.117catalog →

mediumRdp Nla Ntlm Authentication Attempt1x

Identifies RDP clients attempting authentication using Network Level Authentication (NLA) with the NTLM challenge-response protocol. This occurs during the CredSSP negotiation phase before a remote desktop session is established and indicates an active credential authentication attempt against the RDP service

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoSmtp Tls Capability Probe1x

Automated SMTP interaction performing a minimal capability check by issuing EHLO followed by a STARTTLS upgrade request and immediately terminating the session. This pattern is commonly associated with internet-wide scanners, security research crawlers, or opportunistic bots verifying whether an SMTP service supports encrypted communication. The absence of authentication attempts or message submission indicates reconnaissance or service fingerprinting rather than active abuse.

$ sikker primitives 137.184.145.117

elastic_http_get_request42 elastic_http_bad_request_path_probe36 elastic_root_path_probe6 https_path_root1 rdp_nla_ntlm_auth1 smtp_ehlo_greeting1 smtp_starttls_upgrade_request1

$ sikker related 137.184.145.117

🇺🇸·More threats fromUnited States→AS·More threats fromDigitalOcean, LLC→REDI·More threats targetingREDIS→MSSQ·More threats targetingMSSQL→HTTP·More threats targetingHTTPS→RDP·More threats targetingRDP→ELAS·More threats targetingELASTICSEARCH→SMTP·More threats targetingSMTP→MONG·More threats targetingMONGODB→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
206.81.29.46	85%	414
147.182.196.210	71%	21
104.131.0.219	75%	49
67.205.182.17	64%	11
104.248.14.7	78%	117

IP Address	Confidence	Events
64.62.156.222	100%	1,923
38.146.219.190	53%	13
209.222.101.54	99%	58,014
43.162.109.139	96%	3,548
65.49.1.182	100%	1,827