Check an IP Address, Domain Name, Subnet, or ASN

152.32.157.3 was found in our database!

$ whois 152.32.157.3

country·🇬🇧 United Kingdom

city·City of London

isp·UCLOUD INFORMATION TECHNOLOGY HK LIMITED

asn·AS135377

network·Standard

$ sikker risk 152.32.157.3scoring →

confidence

79%High

first_seen·Jan 29, 2026

last_seen·1h ago

first_reported·Mar 15, 2026

last_reported·12d ago

sessions·115

events·165

reports·1

$ sikker protocols 152.32.157.3

SIP

44 / 44

FTP

12 / 39 / 1r

HTTPS

17 / 36

HTTP

16 / 20

IMAP

18 / 18

SMB

5 / 5

RTSP

3 / 3

$ sikker summary 152.32.157.3

152.32.157.3 has a threat confidence score of 79%. This IP address from United Kingdom (AS135377, UCLOUD INFORMATION TECHNOLOGY HK LIMITED) has been observed in 115 honeypot sessions and reported 1 times targeting SIP, FTP, HTTPS, HTTP, IMAP and 2 other protocols. First observed on January 29, 2026, most recently active March 27, 2026.

$ sikker behaviors 152.32.157.3catalog →

lowRtsp Stream Enumeration1x

Client requests RTSP OPTIONS followed by DESCRIBE to query supported methods and retrieve stream metadata, but does not proceed to session setup or playback. This pattern is commonly associated with automated scanning or reconnaissance activity checking for exposed cameras or media services.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Bad Request Route Probe1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 152.32.157.3

ftp_set_utf83 ftp_user_probe3 ftp_session_quit3 ftp_set_binary_mode3 ftp_password_attempt3 ftp_feature_list_request3 ftp_machine_list_directory3 ftp_enter_extended_passive_mode3 ftp_help_request2 ftp_system_type_request2 rtsp_options1 rtsp_describe1 http_method_get1 https_path_root1 http_path_bad_request1

$ sikker reports 152.32.157.3submit →

Showing 1 of 1 report from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 15, 2026, 01:04	Brute Force	FTP	SikkerGuard: 2 blocked packets

$ sikker related 152.32.157.3

🇬🇧·More threats fromUnited Kingdom→AS·More threats fromUCLOUD INFORMATION TECHNOLOGY HK LIMITED→SIP·More threats targetingSIP→FTP·More threats targetingFTP→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→IMAP·More threats targetingIMAP→SMB·More threats targetingSMB→RTSP·More threats targetingRTSP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
128.1.132.137	100%	804
45.43.37.254	100%	998
118.193.39.127	100%	856
165.154.120.77	94%	37
118.26.39.231	87%	202

IP Address	Confidence	Events
51.89.235.201	89%	58,369
87.236.176.129	88%	402
87.236.176.41	94%	427
185.247.137.42	92%	469
193.181.46.10	99%	4,181