Check an IP Address, Domain Name, Subnet, or ASN

162.210.245.77 was found in our database!

$ whois 162.210.245.77

country·🇺🇸 United States

city·Ashburn

isp·Sneaker Server, LLC

asn·AS397651

network·Standard

$ sikker risk 162.210.245.77scoring →

confidence

91%Very High

first_seen·Jan 29, 2026

last_seen·29m ago

sessions·85

events·97

$ sikker protocols 162.210.245.77

RDP

81 / 81

DOCKER

4 / 16

$ sikker summary 162.210.245.77

162.210.245.77 has a threat confidence score of 91%. This IP address from United States (AS397651, Sneaker Server, LLC) has been observed in 85 honeypot sessions targeting RDP, DOCKER protocols. First observed on January 29, 2026, most recently active March 16, 2026.

$ sikker behaviors 162.210.245.77catalog →

mediumRdp Nla Ntlm Authentication Attempt39x

Identifies RDP clients attempting authentication using Network Level Authentication (NLA) with the NTLM challenge-response protocol. This occurs during the CredSSP negotiation phase before a remote desktop session is established and indicates an active credential authentication attempt against the RDP service

infoDocker Invalid Protocol Probe3x

Client repeatedly sends GET requests to the /bad-request Docker API endpoint, indicating malformed or incompatible traffic against the Docker daemon. This pattern is typically associated with generic internet scanning or tools attempting HTTP interaction without speaking the proper Docker API protocol.

$ sikker primitives 162.210.245.77

rdp_nla_ntlm_auth39 docker_get_method24 docker_bad_request_uri24

$ sikker related 162.210.245.77

🇺🇸·More threats fromUnited States→AS·More threats fromSneaker Server, LLC→RDP·More threats targetingRDP→DOCK·More threats targetingDOCKER→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
154.16.112.232	100%	334,325
15.204.128.147	96%	835
159.223.181.212	85%	14
96.0.160.144	87%	10,848
192.119.111.204	40%	274