Check an IP Address, Domain Name, Subnet, or ASN

165.154.41.115 was found in our database!

$ whois 165.154.41.115

country·🇭🇰 Hong Kong

isp·UCLOUD INFORMATION TECHNOLOGY HK LIMITED

asn·AS135377

network·Standard

$ sikker risk 165.154.41.115scoring →

confidence

72%High

first_seen·Jan 21, 2026

last_seen·1h ago

sessions·75

events·106

$ sikker protocols 165.154.41.115

HTTPS

51 / 51

FTP

6 / 22

SIP

8 / 19

SMTP

2 / 6

HTTP

4 / 4

RTSP

3 / 3

DOCKER

1 / 1

$ sikker summary 165.154.41.115

165.154.41.115 has a threat confidence score of 72%. This IP address from Hong Kong (AS135377, UCLOUD INFORMATION TECHNOLOGY HK LIMITED) has been observed in 75 honeypot sessions targeting HTTPS, FTP, SIP, SMTP, HTTP and 2 other protocols. First observed on January 21, 2026, most recently active March 27, 2026.

$ sikker behaviors 165.154.41.115catalog →

lowRtsp Stream Enumeration1x

Client requests RTSP OPTIONS followed by DESCRIBE to query supported methods and retrieve stream metadata, but does not proceed to session setup or playback. This pattern is commonly associated with automated scanning or reconnaissance activity checking for exposed cameras or media services.

lowFtp Extended Passive Mlsd Listing1x

FTP session where the client negotiates binary transfer mode, enters extended passive mode (EPSV), and issues an MLSD command to retrieve a machine-readable directory listing.

infoHttps Root Path Request3x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 165.154.41.115

https_path_root3 docker_get_method3 ftp_set_utf82 ftp_user_probe2 ftp_session_quit2 ftp_set_binary_mode2 ftp_password_attempt2 docker_bad_request_uri2 ftp_feature_list_request2 ftp_machine_list_directory2 ftp_enter_extended_passive_mode2 rtsp_options1 rtsp_describe1 http_method_get1 ftp_help_request1 smtp_ehlo_greeting1 ftp_system_type_request1

$ sikker related 165.154.41.115

🇭🇰·More threats fromHong Kong→AS·More threats fromUCLOUD INFORMATION TECHNOLOGY HK LIMITED→HTTP·More threats targetingHTTPS→FTP·More threats targetingFTP→SIP·More threats targetingSIP→SMTP·More threats targetingSMTP→HTTP·More threats targetingHTTP→RTSP·More threats targetingRTSP→DOCK·More threats targetingDOCKER→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
165.154.23.75	75%	3
118.193.56.172	66%	4
118.193.36.63	73%	307
152.32.245.27	64%	206
152.32.252.233	77%	127

IP Address	Confidence	Events
47.239.101.17	88%	263
165.154.23.75	75%	3
172.110.223.44	99%	43,607
103.80.27.251	81%	221
172.110.223.65	97%	4,402