Check an IP Address, Domain Name, Subnet, or ASN

162.216.149.64 was found in our database!

$ whois 162.216.149.64

country·🇺🇸 United States

city·North Charleston

isp·Google LLC

asn·AS396982

network·Standard

$ sikker risk 162.216.149.64scoring →

confidence

74%High

first_seen·Jan 27, 2026

last_seen·1h ago

sessions·72

events·134

$ sikker protocols 162.216.149.64

SMTP

22 / 44

SIP

18 / 31

MONGODB

9 / 21

RTSP

4 / 10

SMB

5 / 8

HTTPS

4 / 8

HTTP

3 / 5

TELNET

3 / 3

POSTGRES

3 / 3

FTP

1 / 1

$ sikker summary 162.216.149.64

162.216.149.64 has a threat confidence score of 74%. This IP address from United States (AS396982, Google LLC) has been observed in 72 honeypot sessions targeting SMTP, SIP, MONGODB, RTSP, SMB and 5 other protocols. First observed on January 27, 2026, most recently active March 21, 2026.

$ sikker behaviors 162.216.149.64catalog →

lowRtsp Options Probe4x

Client sends RTSP OPTIONS requests to check supported methods and confirm that an RTSP service is exposed, then disconnects without attempting authentication or stream setup. This pattern is typically associated with automated reconnaissance or internet-wide scanning rather than active stream access.

infoHttp Root Path Request3x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoMongodb Serverstatus Discovery1x

Client issues MongoDB serverStatus requests and disconnects shortly after, indicating service inspection rather than active database interaction. This pattern is commonly associated with automated discovery activity where scanners collect runtime metrics or confirm database exposure without performing further queries.

$ sikker primitives 162.216.149.64

smtp_ehlo_greeting14 rtsp_options12 sip_call_id_alphanumeric_entropy8 http_method_get3 mongodb_serverstatus3 https_path_root2

$ sikker related 162.216.149.64

🇺🇸·More threats fromUnited States→AS·More threats fromGoogle LLC→SMTP·More threats targetingSMTP→SIP·More threats targetingSIP→MONG·More threats targetingMONGODB→RTSP·More threats targetingRTSP→SMB·More threats targetingSMB→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→TELN·More threats targetingTELNET→POST·More threats targetingPOSTGRES→FTP·More threats targetingFTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
198.235.24.155	91%	172
198.235.24.55	93%	209
198.235.24.69	96%	284
198.235.24.176	97%	217
198.235.24.19	90%	178

IP Address	Confidence	Events
172.105.128.11	92%	1,744
92.118.39.63	100%	49,584
5.253.86.23	97%	4,781
162.254.3.130	87%	15,622
208.3.195.65	100%	97,144