Check an IP Address, Domain Name, Subnet, or ASN

165.154.41.47 was found in our database!

$ whois 165.154.41.47

country·🇭🇰 Hong Kong

isp·UCLOUD INFORMATION TECHNOLOGY HK LIMITED

asn·AS135377

network·Standard

$ sikker risk 165.154.41.47scoring →

confidence

74%High

first_seen·Jan 26, 2026

last_seen·2h ago

sessions·128

events·165

$ sikker protocols 165.154.41.47

HTTPS

51 / 88

SIP

39 / 39

IMAP

12 / 12

HTTP

8 / 8

SMTP

8 / 8

SSH

6 / 6

FTP

3 / 3

TELNET

1 / 1

$ sikker summary 165.154.41.47

165.154.41.47 has a threat confidence score of 74%. This IP address from Hong Kong (AS135377, UCLOUD INFORMATION TECHNOLOGY HK LIMITED) has been observed in 128 honeypot sessions targeting HTTPS, SIP, IMAP, HTTP, SMTP and 3 other protocols. First observed on January 26, 2026, most recently active April 19, 2026.

$ sikker behaviors 165.154.41.47catalog →

lowFtp Extended Passive Mlsd Listing1x

FTP session where the client negotiates binary transfer mode, enters extended passive mode (EPSV), and issues an MLSD command to retrieve a machine-readable directory listing.

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Http Method Get1x

HTTP request using GET method.

infoHttp Bad Request Route Probe1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 165.154.41.47

smtp_ehlo_greeting4 http_method_get3 https_path_root2 smtp_quit_session_termination2 imap_logout1 ftp_set_utf81 ftp_user_probe1 ftp_help_request1 ftp_set_binary_mode1 ftp_password_attempt1 http_path_bad_request1 imap_capability_probe1 sip_request_uri_sip_nm1 ftp_system_type_request1 ftp_feature_list_request1 ftp_machine_list_directory1 ftp_enter_extended_passive_mode1

$ sikker related 165.154.41.47

🇭🇰·More threats fromHong Kong→AS·More threats fromUCLOUD INFORMATION TECHNOLOGY HK LIMITED→HTTP·More threats targetingHTTPS→SIP·More threats targetingSIP→IMAP·More threats targetingIMAP→HTTP·More threats targetingHTTP→SMTP·More threats targetingSMTP→SSH·More threats targetingSSH→FTP·More threats targetingFTP→TELN·More threats targetingTELNET→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
165.154.120.77	94%	856
165.154.137.93	94%	196
152.32.247.233	96%	4,466
152.32.188.71	96%	1,704
45.43.63.34	96%	4,543

IP Address	Confidence	Events
165.154.244.173	96%	5,064
43.225.157.79	96%	3,118
150.109.70.144	94%	1,049
165.154.224.148	96%	146
45.113.3.101	95%	617