Check an IP Address, Domain Name, Subnet, or ASN

69.164.207.71 was found in our database!

$ whois 69.164.207.71

country·🇺🇸 United States

city·Richardson

isp·Akamai Connected Cloud

asn·AS63949

network·Standard

$ sikker risk 69.164.207.71scoring →

confidence

75%High

first_seen·Mar 1, 2026

last_seen·1h ago

sessions·59

events·59

$ sikker protocols 69.164.207.71

HTTPS

18 / 18

RDP

16 / 16

TELNET

7 / 7

SSH

6 / 6

HTTP

4 / 4

MONGODB

4 / 4

ELASTICSEARCH

2 / 2

SMTP

1 / 1

DOCKER

1 / 1

$ sikker summary 69.164.207.71

69.164.207.71 has a threat confidence score of 75%. This IP address from United States (AS63949, Akamai Connected Cloud) has been observed in 59 honeypot sessions targeting HTTPS, RDP, TELNET, SSH, HTTP and 4 other protocols. First observed on March 1, 2026, most recently active April 30, 2026.

$ sikker behaviors 69.164.207.71catalog →

mediumRdp Nla Ntlm Authentication Attempt3x

Identifies RDP clients attempting authentication using Network Level Authentication (NLA) with the NTLM challenge-response protocol. This occurs during the CredSSP negotiation phase before a remote desktop session is established and indicates an active credential authentication attempt against the RDP service

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 69.164.207.71

elastic_http_get_request18 docker_get_method14 docker_bad_request_uri12 elastic_http_bad_request_path_probe12 https_path_root6 http_method_get3 rdp_nla_ntlm_auth3 elastic_root_path_probe3 elastic_nodes_enumeration1 https_request_path_my_policy1

$ sikker related 69.164.207.71

🇺🇸·More threats fromUnited States→AS·More threats fromAkamai Connected Cloud→HTTP·More threats targetingHTTPS→RDP·More threats targetingRDP→TELN·More threats targetingTELNET→SSH·More threats targetingSSH→HTTP·More threats targetingHTTP→MONG·More threats targetingMONGODB→ELAS·More threats targetingELASTICSEARCH→SMTP·More threats targetingSMTP→DOCK·More threats targetingDOCKER→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
45.79.181.179	93%	2,323
139.162.117.40	70%	1,149
172.236.228.115	95%	2,361
66.175.213.4	95%	2,461
97.107.132.133	48%	67

IP Address	Confidence	Events
185.218.138.16	97%	27,162
138.68.254.30	56%	1
147.135.15.2	99%	22,525
38.68.46.156	93%	1,263
185.150.191.165	99%	292