Check an IP Address, Domain Name, Subnet, or ASN

23.239.29.89 was found in our database!

$ whois 23.239.29.89

country·🇺🇸 United States

city·Richardson

isp·Akamai Connected Cloud

asn·AS63949

network·Standard

$ sikker risk 23.239.29.89scoring →

confidence

77%High

first_seen·Feb 26, 2026

last_seen·1h ago

first_reported·Mar 20, 2026

last_reported·Mar 20, 2026

sessions·193

events·193

reports·1

$ sikker protocols 23.239.29.89

MONGODB

158 / 158

RDP

12 / 12

FTP

11 / 11

HTTPS

10 / 10

ELASTICSEARCH

2 / 2

DOCKER

0 / 0 / 1r

$ sikker summary 23.239.29.89

23.239.29.89 has a threat confidence score of 77%. This IP address from United States (AS63949, Akamai Connected Cloud) has been observed in 193 honeypot sessions and reported 1 times targeting MONGODB, RDP, FTP, HTTPS, ELASTICSEARCH and 1 other protocols. First observed on February 26, 2026, most recently active April 30, 2026.

$ sikker behaviors 23.239.29.89catalog →

mediumRdp Nla Ntlm Authentication Attempt2x

Identifies RDP clients attempting authentication using Network Level Authentication (NLA) with the NTLM challenge-response protocol. This occurs during the CredSSP negotiation phase before a remote desktop session is established and indicates an active credential authentication attempt against the RDP service

$ sikker primitives 23.239.29.89

elastic_http_get_request8 rdp_nla_ntlm_auth2 elastic_root_path_probe2 elastic_nodes_enumeration2 ftp_help_request1 mongodb_ismaster1

$ sikker reports 23.239.29.89submit →

Showing 1 of 1 report from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 20, 2026, 15:57	Brute Force	DOCKER	SikkerGuard: 10 blocked packets

$ sikker related 23.239.29.89

🇺🇸·More threats fromUnited States→AS·More threats fromAkamai Connected Cloud→MONG·More threats targetingMONGODB→RDP·More threats targetingRDP→FTP·More threats targetingFTP→HTTP·More threats targetingHTTPS→ELAS·More threats targetingELASTICSEARCH→DOCK·More threats targetingDOCKER→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
45.79.175.175	97%	10
172.236.228.86	95%	2,305
45.33.54.120	99%	52
139.162.116.22	54%	1,331
45.79.181.223	94%	2,394

IP Address	Confidence	Events
104.23.245.128	16%	27
45.79.175.175	97%	10
104.238.128.148	84%	5
107.161.20.247	96%	17
129.121.100.173	87%	9