Check an IP Address, Domain Name, Subnet, or ASN

161.35.7.78 was found in our database!

$ whois 161.35.7.78

country·🇺🇸 United States

city·North Bergen

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 161.35.7.78scoring →

confidence

70%High

first_seen·Feb 27, 2026

last_seen·1h ago

sessions·62

events·62

$ sikker protocols 161.35.7.78

MONGODB

39 / 39

HTTPS

13 / 13

SIP

5 / 5

RDP

3 / 3

HTTP

1 / 1

ELASTICSEARCH

1 / 1

$ sikker summary 161.35.7.78

161.35.7.78 has a threat confidence score of 70%. This IP address from United States (AS14061, DigitalOcean, LLC) has been observed in 62 honeypot sessions targeting MONGODB, HTTPS, SIP, RDP, HTTP and 1 other protocols. First observed on February 27, 2026, most recently active March 26, 2026.

$ sikker behaviors 161.35.7.78catalog →

mediumRdp Nla Ntlm Authentication Attempt1x

Identifies RDP clients attempting authentication using Network Level Authentication (NLA) with the NTLM challenge-response protocol. This occurs during the CredSSP negotiation phase before a remote desktop session is established and indicates an active credential authentication attempt against the RDP service

infoHttps Root Path Request3x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 161.35.7.78

https_path_root5 elastic_http_get_request4 http_method_get1 rdp_nla_ntlm_auth1 elastic_root_path_probe1 elastic_nodes_enumeration1

$ sikker related 161.35.7.78

🇺🇸·More threats fromUnited States→AS·More threats fromDigitalOcean, LLC→MONG·More threats targetingMONGODB→HTTP·More threats targetingHTTPS→SIP·More threats targetingSIP→RDP·More threats targetingRDP→HTTP·More threats targetingHTTP→ELAS·More threats targetingELASTICSEARCH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
157.230.44.79	80%	285
138.197.164.195	23%	1
157.245.100.77	36%	2
104.248.160.105	58%	706
138.197.22.18	55%	12

IP Address	Confidence	Events
66.132.172.131	95%	191
64.62.156.193	66%	105
68.68.101.178	94%	20,234
91.230.168.140	61%	95
91.230.168.186	77%	86