Check an IP Address, Domain Name, Subnet, or ASN

165.154.173.226 was found in our database!

$ whois 165.154.173.226

country·🇺🇸 United States

city·Los Angeles

isp·UCLOUD INFORMATION TECHNOLOGY HK LIMITED

asn·AS135377

network·Standard

$ sikker risk 165.154.173.226scoring →

confidence

67%High

first_seen·Jan 24, 2026

last_seen·1h ago

sessions·113

events·174

$ sikker protocols 165.154.173.226

HTTPS

34 / 53

SIP

40 / 51

FTP

6 / 19

HTTP

8 / 18

IMAP

8 / 16

SSH

6 / 6

MSSQL

6 / 6

SMB

5 / 5

$ sikker summary 165.154.173.226

165.154.173.226 has a threat confidence score of 67%. This IP address from United States (AS135377, UCLOUD INFORMATION TECHNOLOGY HK LIMITED) has been observed in 113 honeypot sessions targeting HTTPS, SIP, FTP, HTTP, IMAP and 3 other protocols. First observed on January 24, 2026, most recently active March 28, 2026.

$ sikker behaviors 165.154.173.226catalog →

lowFtp Extended Passive Mlsd Listing1x

FTP session where the client negotiates binary transfer mode, enters extended passive mode (EPSV), and issues an MLSD command to retrieve a machine-readable directory listing.

infoHttps Root Path Request2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Bad Request Route Probe1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 165.154.173.226

ftp_set_utf82 ftp_user_probe2 https_path_root2 ftp_session_quit2 ftp_set_binary_mode2 ftp_password_attempt2 ftp_feature_list_request2 ftp_machine_list_directory2 ftp_enter_extended_passive_mode2 imap_logout1 http_method_get1 ftp_help_request1 http_path_bad_request1 imap_capability_probe1 ftp_system_type_request1

$ sikker related 165.154.173.226

🇺🇸·More threats fromUnited States→AS·More threats fromUCLOUD INFORMATION TECHNOLOGY HK LIMITED→HTTP·More threats targetingHTTPS→SIP·More threats targetingSIP→FTP·More threats targetingFTP→HTTP·More threats targetingHTTP→IMAP·More threats targetingIMAP→SSH·More threats targetingSSH→MSSQ·More threats targetingMSSQL→SMB·More threats targetingSMB→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
165.154.40.244	70%	149
118.193.47.155	100%	172
118.193.36.107	63%	261
152.32.134.166	69%	167
154.83.196.237	100%	1,064

IP Address	Confidence	Events
68.68.101.178	94%	20,797
144.172.105.188	94%	15,965
92.118.39.63	100%	61,144
23.95.86.214	89%	534
173.245.76.90	98%	110,729