Check an IP Address, Domain Name, Subnet, or ASN

173.255.237.49 was found in our database!

$ whois 173.255.237.49

country·🇺🇸 United States

city·Cedar Knolls

isp·Akamai Connected Cloud

asn·AS63949

network·Standard

$ sikker risk 173.255.237.49scoring →

confidence

85%Very High

first_seen·Jan 21, 2026

last_seen·23h ago

first_reported·Mar 11, 2026

last_reported·24d ago

sessions·246

events·313

reports·1

$ sikker protocols 173.255.237.49

SSH

56 / 75

IMAP

18 / 39

FTP

25 / 37

HTTPS

35 / 35

POSTGRES

30 / 33

TELNET

24 / 24

HTTP

21 / 21

RTSP

20 / 20 / 1r

DOCKER

2 / 14

MONGODB

8 / 8

SMB

7 / 7

$ sikker summary 173.255.237.49

173.255.237.49 has a threat confidence score of 85%. This IP address from United States (AS63949, Akamai Connected Cloud) has been observed in 246 honeypot sessions and reported 1 times targeting SSH, IMAP, FTP, HTTPS, POSTGRES and 6 other protocols. First observed on January 21, 2026, most recently active April 4, 2026.

$ sikker behaviors 173.255.237.49catalog →

lowRtsp Options Probe6x

Client sends RTSP OPTIONS requests to check supported methods and confirm that an RTSP service is exposed, then disconnects without attempting authentication or stream setup. This pattern is typically associated with automated reconnaissance or internet-wide scanning rather than active stream access.

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoDocker Invalid Protocol Probe1x

Client repeatedly sends GET requests to the /bad-request Docker API endpoint, indicating malformed or incompatible traffic against the Docker daemon. This pattern is typically associated with generic internet scanning or tools attempting HTTP interaction without speaking the proper Docker API protocol.

$ sikker primitives 173.255.237.49

docker_get_method84 docker_bad_request_uri70 rtsp_options9 https_path_root4 https_method_options4 ftp_control_channel_binary_payload2 http_method_get1 imap_capability_probe1 imap_command_authenticate1 mongodb_serverstatus_float_command1

$ sikker reports 173.255.237.49submit →

Showing 1 of 1 report from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 11, 2026, 23:42	Brute Force	RTSP	SikkerGuard: 4 blocked packets

$ sikker related 173.255.237.49

Report IP WHOIS Lookup →

IP Address	Confidence	Events
172.237.74.237	96%	2,950
172.233.41.28	30%	2
172.104.100.117	80%	3,108
172.104.210.209	24%	5
172.104.210.163	32%	2

IP Address	Confidence	Events
162.216.150.134	71%	136
188.213.202.46	85%	1,237
64.62.156.88	51%	88
198.235.24.26	97%	267
173.245.76.90	98%	129,577