Check an IP Address, Domain Name, Subnet, or ASN

64.227.82.243 was found in our database!

$ whois 64.227.82.243

country·🇺🇸 United States

city·Santa Clara

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 64.227.82.243scoring →

confidence

73%High

first_seen·Feb 27, 2026

last_seen·1h ago

sessions·109

events·109

$ sikker protocols 64.227.82.243

MONGODB

78 / 78

HTTPS

7 / 7

TELNET

7 / 7

RDP

5 / 5

SIP

5 / 5

HTTP

5 / 5

REDIS

1 / 1

ELASTICSEARCH

1 / 1

$ sikker summary 64.227.82.243

64.227.82.243 has a threat confidence score of 73%. This IP address from United States (AS14061, DigitalOcean, LLC) has been observed in 109 honeypot sessions targeting MONGODB, HTTPS, TELNET, RDP, SIP and 3 other protocols. First observed on February 27, 2026, most recently active March 27, 2026.

$ sikker behaviors 64.227.82.243catalog →

mediumRdp Nla Ntlm Authentication Attempt1x

Identifies RDP clients attempting authentication using Network Level Authentication (NLA) with the NTLM challenge-response protocol. This occurs during the CredSSP negotiation phase before a remote desktop session is established and indicates an active credential authentication attempt against the RDP service

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoRedis Info Command Invocation1x

Identifies execution of the Redis INFO command (case-insensitive), which retrieves server configuration, version, memory usage, and runtime statistics. This behavior reflects service interrogation and environment fingerprinting activity. While INFO can be used legitimately by administrators, it is also commonly observed during automated scanning and pre-exploitation reconnaissance of exposed Redis instances.

$ sikker primitives 64.227.82.243

elastic_http_get_request14 elastic_http_bad_request_path_probe12 http_method_get3 elastic_root_path_probe2 rdp_nla_ntlm_auth1 redis_info_uppercase1

$ sikker related 64.227.82.243

🇺🇸·More threats fromUnited States→AS·More threats fromDigitalOcean, LLC→MONG·More threats targetingMONGODB→HTTP·More threats targetingHTTPS→TELN·More threats targetingTELNET→RDP·More threats targetingRDP→SIP·More threats targetingSIP→HTTP·More threats targetingHTTP→REDI·More threats targetingREDIS→ELAS·More threats targetingELASTICSEARCH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
146.190.37.241	53%	11
104.236.88.138	80%	383
170.64.229.9	75%	20
46.101.82.104	81%	435
159.223.43.111	83%	463

IP Address	Confidence	Events
92.118.39.62	100%	379,252
92.118.39.63	100%	59,092
212.102.40.218	82%	31,573
45.61.184.223	99%	17,061
199.231.190.78	95%	452