Check an IP Address, Domain Name, Subnet, or ASN

152.32.145.49 was found in our database!

$ whois 152.32.145.49

country·🇯🇵 Japan

city·Tokyo

isp·UCLOUD INFORMATION TECHNOLOGY HK LIMITED

asn·AS135377

network·Standard

$ sikker risk 152.32.145.49scoring →

confidence

88%Very High

first_seen·Jan 22, 2026

last_seen·1h ago

sessions·456

events·617

$ sikker protocols 152.32.145.49

HTTPS

190 / 214

SMTP

111 / 179

SIP

45 / 72

HTTP

21 / 59

FTP

21 / 21

RTSP

9 / 13

SMB

12 / 12

SSH

12 / 12

MSSQL

11 / 11

IMAP

10 / 10

MONGODB

8 / 8

POSTGRES

4 / 4

ELASTICSEARCH

2 / 2

$ sikker summary 152.32.145.49

152.32.145.49 has a threat confidence score of 88%. This IP address from Japan (AS135377, UCLOUD INFORMATION TECHNOLOGY HK LIMITED) has been observed in 456 honeypot sessions targeting HTTPS, SMTP, SIP, HTTP, FTP and 8 other protocols. First observed on January 22, 2026, most recently active March 22, 2026.

$ sikker behaviors 152.32.145.49catalog →

mediumFtp Financial Partner Directory Enumeration1x

FTP session where the client authenticates and performs repeated passive-mode directory listings while navigating directly into finance, HR, partner, vendor, and release paths such as /data/finance, /data/hr, /partners, and /pub/*, indicating targeted discovery of business-sensitive storage locations.

infoHttps Root Path Request5x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoFtp Tls Upgrade1x

FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.

infoHttp Bad Request Route Probe1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 152.32.145.49

elastic_root_path_probe57 ftp_list_directory21 ftp_set_ascii_mode21 ftp_enter_passive_mode21 ftp_change_working_directory20 elastic_http_get_request18 empty_ftp_command16 smtp_ehlo_greeting7 smtp_starttls_upgrade_request6 https_path_root5 elastic_cat_indices_enumeration4 https_path_config_json3 ftp_control_channel_binary_payload3 ftp_user_probe2 elastic_http_favicon_path_probe2 elastic_http_bad_request_path_probe2 ftp_auth_tls1 http_method_get1 ftp_help_request1 ftp_password_attempt1

$ sikker related 152.32.145.49

Report IP WHOIS Lookup →

IP Address	Confidence	Events
101.36.106.75	96%	275
123.58.212.9	97%	3,608
101.36.106.113	100%	999
152.32.133.122	84%	14
101.36.108.213	100%	126

IP Address	Confidence	Events
109.123.229.247	70%	44
43.167.169.149	93%	196
36.50.48.38	65%	42
137.220.146.106	97%	1,879
13.158.27.71	97%	8,077