Check an IP Address, Domain Name, Subnet, or ASN

159.65.110.231 was found in our database!

$ whois 159.65.110.231

country·🇺🇸 United States

city·Santa Clara

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 159.65.110.231scoring →

confidence

53%Medium

first_seen·Mar 7, 2026

last_seen·1h ago

sessions·19

events·19

$ sikker protocols 159.65.110.231

HTTPS

14 / 14

RDP

5 / 5

$ sikker summary 159.65.110.231

159.65.110.231 has a threat confidence score of 53%. This IP address from United States (AS14061, DigitalOcean, LLC) has been observed in 19 honeypot sessions targeting HTTPS, RDP protocols. First observed on March 7, 2026, most recently active March 26, 2026.

$ sikker behaviors 159.65.110.231catalog →

mediumRdp Nla Ntlm Authentication Attempt1x

Identifies RDP clients attempting authentication using Network Level Authentication (NLA) with the NTLM challenge-response protocol. This occurs during the CredSSP negotiation phase before a remote desktop session is established and indicates an active credential authentication attempt against the RDP service

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 159.65.110.231

https_path_root6 rdp_nla_ntlm_auth1 https_request_path_my_policy1

$ sikker related 159.65.110.231

🇺🇸·More threats fromUnited States→AS·More threats fromDigitalOcean, LLC→HTTP·More threats targetingHTTPS→RDP·More threats targetingRDP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
159.223.43.111	84%	447
167.71.206.153	100%	424
143.198.67.177	59%	18
142.93.120.48	52%	98
165.232.154.193	93%	18

IP Address	Confidence	Events
92.118.39.63	100%	57,943
192.210.186.10	96%	547
146.88.241.126	23%	1
208.110.64.186	95%	2,235
45.61.184.223	99%	14,178