Check an IP Address, Domain Name, Subnet, or ASN

165.154.172.200 was found in our database!

$ whois 165.154.172.200

country·🇺🇸 United States

city·Los Angeles

isp·UCLOUD INFORMATION TECHNOLOGY HK LIMITED

asn·AS135377

network·Standard

$ sikker risk 165.154.172.200scoring →

confidence

71%High

first_seen·Jan 25, 2026

last_seen·1h ago

sessions·80

events·126

$ sikker protocols 165.154.172.200

HTTPS

17 / 35

FTP

9 / 25

SIP

24 / 24

HTTP

12 / 24

RDP

9 / 9

SSH

6 / 6

IMAP

2 / 2

DOCKER

1 / 1

$ sikker summary 165.154.172.200

165.154.172.200 has a threat confidence score of 71%. This IP address from United States (AS135377, UCLOUD INFORMATION TECHNOLOGY HK LIMITED) has been observed in 80 honeypot sessions targeting HTTPS, FTP, SIP, HTTP, RDP and 3 other protocols. First observed on January 25, 2026, most recently active March 22, 2026.

$ sikker behaviors 165.154.172.200catalog →

lowFtp Extended Passive Mlsd Listing1x

FTP session where the client negotiates binary transfer mode, enters extended passive mode (EPSV), and issues an MLSD command to retrieve a machine-readable directory listing.

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Bad Request Route Probe1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 165.154.172.200

ftp_session_quit4 ftp_set_utf83 ftp_user_probe3 docker_get_method3 ftp_set_binary_mode3 ftp_password_attempt3 ftp_feature_list_request3 ftp_machine_list_directory3 ftp_enter_extended_passive_mode3 http_method_get2 ftp_help_request2 docker_bad_request_uri2 ftp_system_type_request2 https_path_root1 http_path_bad_request1

$ sikker related 165.154.172.200

🇺🇸·More threats fromUnited States→AS·More threats fromUCLOUD INFORMATION TECHNOLOGY HK LIMITED→HTTP·More threats targetingHTTPS→FTP·More threats targetingFTP→SIP·More threats targetingSIP→HTTP·More threats targetingHTTP→RDP·More threats targetingRDP→SSH·More threats targetingSSH→IMAP·More threats targetingIMAP→DOCK·More threats targetingDOCKER→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
123.58.207.151	92%	956
101.36.114.198	98%	606
165.154.128.17	95%	577
101.36.107.65	92%	289
165.154.138.165	100%	639

IP Address	Confidence	Events
157.230.82.102	65%	21
159.89.88.188	87%	324
205.210.31.88	98%	322
198.143.191.202	98%	85,405
185.238.231.181	85%	3,384