Check an IP Address, Domain Name, Subnet, or ASN

159.65.38.146 was found in our database!

$ whois 159.65.38.146

country·🇺🇸 United States

city·Clifton

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 159.65.38.146scoring →

confidence

63%High

first_seen·Jan 25, 2026

last_seen·1h ago

sessions·22

events·36

$ sikker protocols 159.65.38.146

HTTP

10 / 17

HTTPS

6 / 12

TELNET

3 / 4

RTSP

2 / 2

FTP

1 / 1

$ sikker summary 159.65.38.146

159.65.38.146 has a threat confidence score of 63%. This IP address from United States (AS14061, DigitalOcean, LLC) has been observed in 22 honeypot sessions targeting HTTP, HTTPS, TELNET, RTSP, FTP protocols. First observed on January 25, 2026, most recently active March 23, 2026.

$ sikker behaviors 159.65.38.146catalog →

mediumRtsp Credentialed Options Probe1x

RTSP OPTIONS request containing embedded credentials in the URI (for example admin:password@host). Unlike standard discovery probes, this indicates an automated attempt to enumerate camera or media endpoints while testing known or default credentials. This pattern is commonly associated with IoT botnets and opportunistic scanners targeting exposed RTSP services rather than passive measurement traffic.

infoHttp Root Path Request6x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 159.65.38.146

http_method_get7 rtsp_options1 rtsp_describe1 https_path_root1 rtsp_options_with_admin_credentials1

$ sikker related 159.65.38.146

🇺🇸·More threats fromUnited States→AS·More threats fromDigitalOcean, LLC→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→TELN·More threats targetingTELNET→RTSP·More threats targetingRTSP→FTP·More threats targetingFTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
143.198.203.74	87%	318
167.99.0.28	87%	188
143.198.192.26	87%	348
68.183.235.217	86%	341
68.183.237.11	88%	359

IP Address	Confidence	Events
45.205.1.8	97%	7,605
20.81.46.129	45%	26
18.116.101.220	100%	33,319
64.62.156.94	99%	1,554
20.102.112.104	82%	2,330