Check an IP Address, Domain Name, Subnet, or ASN

62.164.177.3 was found in our database!

$ whois 62.164.177.3

country·🇩🇪 Germany

isp·Data Campus Limited

asn·AS215929

network·Standard

$ sikker risk 62.164.177.3scoring →

confidence

64%High

first_seen·Feb 14, 2026

last_seen·6d ago

sessions·12

events·12

$ sikker protocols 62.164.177.3

RDP

10 / 10

DOCKER

2 / 2

$ sikker summary 62.164.177.3

62.164.177.3 has a threat confidence score of 64%. This IP address from Germany (AS215929, Data Campus Limited) has been observed in 12 honeypot sessions targeting RDP, DOCKER protocols. First observed on February 14, 2026, most recently active March 19, 2026.

$ sikker behaviors 62.164.177.3catalog →

mediumRdp Nla Ntlm Authentication Attempt5x

Identifies RDP clients attempting authentication using Network Level Authentication (NLA) with the NTLM challenge-response protocol. This occurs during the CredSSP negotiation phase before a remote desktop session is established and indicates an active credential authentication attempt against the RDP service

infoDocker Invalid Protocol Probe1x

Client repeatedly sends GET requests to the /bad-request Docker API endpoint, indicating malformed or incompatible traffic against the Docker daemon. This pattern is typically associated with generic internet scanning or tools attempting HTTP interaction without speaking the proper Docker API protocol.

$ sikker primitives 62.164.177.3

rdp_nla_ntlm_auth5 docker_get_method3 docker_bad_request_uri3

$ sikker related 62.164.177.3

🇩🇪·More threats fromGermany→AS·More threats fromData Campus Limited→RDP·More threats targetingRDP→DOCK·More threats targetingDOCKER→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
193.24.211.52	60%	131
193.24.211.93	45%	157
193.24.211.230	100%	231
193.24.211.224	100%	224
62.164.177.27	93%	118

IP Address	Confidence	Events
62.171.143.22	87%	11
68.183.217.184	99%	44
217.154.152.145	81%	1,080
87.106.147.36	99%	231,936
104.28.162.203	69%	30