Check an IP Address, Domain Name, Subnet, or ASN

165.154.11.202 was found in our database!

$ whois 165.154.11.202

country·🇳🇬 Nigeria

city·Lagos

isp·UCLOUD INFORMATION TECHNOLOGY HK LIMITED

asn·AS135377

network·Standard

$ sikker risk 165.154.11.202scoring →

confidence

71%High

first_seen·Jan 30, 2026

last_seen·1h ago

sessions·89

events·147

$ sikker protocols 165.154.11.202

HTTPS

34 / 52

FTP

9 / 23

SIP

12 / 23

IMAP

14 / 23

RDP

9 / 9

RTSP

3 / 9

MSSQL

6 / 6

SMTP

2 / 2

$ sikker summary 165.154.11.202

165.154.11.202 has a threat confidence score of 71%. This IP address from Nigeria (AS135377, UCLOUD INFORMATION TECHNOLOGY HK LIMITED) has been observed in 89 honeypot sessions targeting HTTPS, FTP, SIP, IMAP, RDP and 3 other protocols. First observed on January 30, 2026, most recently active March 24, 2026.

$ sikker behaviors 165.154.11.202catalog →

lowRtsp Stream Enumeration1x

Client requests RTSP OPTIONS followed by DESCRIBE to query supported methods and retrieve stream metadata, but does not proceed to session setup or playback. This pattern is commonly associated with automated scanning or reconnaissance activity checking for exposed cameras or media services.

lowFtp Extended Passive Mlsd Listing1x

FTP session where the client negotiates binary transfer mode, enters extended passive mode (EPSV), and issues an MLSD command to retrieve a machine-readable directory listing.

infoHttps Root Path Request2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 165.154.11.202

rtsp_options4 rtsp_describe4 ftp_set_utf83 ftp_user_probe3 ftp_set_binary_mode3 ftp_password_attempt3 ftp_feature_list_request3 ftp_enter_extended_passive_mode3 https_path_root2 ftp_help_request2 ftp_session_quit2 ftp_system_type_request2 ftp_machine_list_directory2 imap_logout1 smtp_ehlo_greeting1 imap_capability_probe1 smtp_quit_session_termination1

$ sikker related 165.154.11.202

🇳🇬·More threats fromNigeria→AS·More threats fromUCLOUD INFORMATION TECHNOLOGY HK LIMITED→HTTP·More threats targetingHTTPS→FTP·More threats targetingFTP→SIP·More threats targetingSIP→IMAP·More threats targetingIMAP→RDP·More threats targetingRDP→RTSP·More threats targetingRTSP→MSSQ·More threats targetingMSSQL→SMTP·More threats targetingSMTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
165.154.41.182	74%	103
123.58.209.112	98%	1,251
165.154.23.177	75%	158
118.194.228.167	96%	988
165.154.4.51	95%	1,602

IP Address	Confidence	Events
129.222.206.129	66%	2
41.203.65.118	40%	284
165.154.10.187	70%	92
154.118.4.27	44%	6
102.88.137.80	100%	3,005