Check an IP Address, Domain Name, Subnet, or ASN

173.255.232.124 was found in our database!

$ whois 173.255.232.124

country·🇺🇸 United States

city·Cedar Knolls

isp·Akamai Connected Cloud

asn·AS63949

network·Standard

$ sikker risk 173.255.232.124scoring →

confidence

76%High

first_seen·Feb 27, 2026

last_seen·1h ago

sessions·148

events·148

$ sikker protocols 173.255.232.124

REDIS

78 / 78

MSSQL

35 / 35

HTTP

11 / 11

HTTPS

10 / 10

RDP

9 / 9

SSH

1 / 1

SMTP

1 / 1

TELNET

1 / 1

MONGODB

1 / 1

ELASTICSEARCH

1 / 1

$ sikker summary 173.255.232.124

173.255.232.124 has a threat confidence score of 76%. This IP address from United States (AS63949, Akamai Connected Cloud) has been observed in 148 honeypot sessions targeting REDIS, MSSQL, HTTP, HTTPS, RDP and 5 other protocols. First observed on February 27, 2026, most recently active April 19, 2026.

$ sikker behaviors 173.255.232.124catalog →

mediumRdp Nla Ntlm Authentication Attempt1x

Identifies RDP clients attempting authentication using Network Level Authentication (NLA) with the NTLM challenge-response protocol. This occurs during the CredSSP negotiation phase before a remote desktop session is established and indicates an active credential authentication attempt against the RDP service

infoHttp Root Path Request4x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttp Http Method Get3x

HTTP request using GET method.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 173.255.232.124

http_method_get6 https_path_root6 elastic_http_get_request4 mongodb_ismaster1 rdp_nla_ntlm_auth1 elastic_root_path_probe1 elastic_nodes_enumeration1 https_request_path_my_policy1

$ sikker related 173.255.232.124

🇺🇸·More threats fromUnited States→AS·More threats fromAkamai Connected Cloud→REDI·More threats targetingREDIS→MSSQ·More threats targetingMSSQL→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→RDP·More threats targetingRDP→SSH·More threats targetingSSH→SMTP·More threats targetingSMTP→TELN·More threats targetingTELNET→MONG·More threats targetingMONGODB→ELAS·More threats targetingELASTICSEARCH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
172.104.100.117	80%	3,671
172.104.11.4	93%	2,044
172.236.127.133	91%	1,019
66.228.53.157	90%	1,011
66.228.53.204	92%	1,214

IP Address	Confidence	Events
195.184.76.75	79%	120
184.105.139.68	100%	3,133
64.62.156.24	100%	2,102
209.127.178.131	95%	2,347
65.49.1.156	69%	96