Check an IP Address, Domain Name, Subnet, or ASN

165.227.35.73 was found in our database!

$ whois 165.227.35.73

country·🇨🇦 Canada

city·Toronto

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 165.227.35.73scoring →

confidence

63%High

first_seen·Jan 22, 2026

last_seen·1h ago

sessions·23

events·33

$ sikker protocols 165.227.35.73

HTTP

9 / 11

SSH

3 / 5

HTTPS

2 / 4

TELNET

2 / 4

SIP

1 / 3

FTP

2 / 2

RDP

2 / 2

IMAP

1 / 1

RTSP

1 / 1

$ sikker summary 165.227.35.73

165.227.35.73 has a threat confidence score of 63%. This IP address from Canada (AS14061, DigitalOcean, LLC) has been observed in 23 honeypot sessions targeting HTTP, SSH, HTTPS, TELNET, SIP and 4 other protocols. First observed on January 22, 2026, most recently active March 21, 2026.

$ sikker behaviors 165.227.35.73catalog →

mediumRtsp Credentialed Options Probe1x

RTSP OPTIONS request containing embedded credentials in the URI (for example admin:password@host). Unlike standard discovery probes, this indicates an automated attempt to enumerate camera or media endpoints while testing known or default credentials. This pattern is commonly associated with IoT botnets and opportunistic scanners targeting exposed RTSP services rather than passive measurement traffic.

infoHttp Root Path Request3x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 165.227.35.73

http_method_get6 https_path_root2 rtsp_options1 rtsp_options_with_admin_credentials1

$ sikker related 165.227.35.73

🇨🇦·More threats fromCanada→AS·More threats fromDigitalOcean, LLC→HTTP·More threats targetingHTTP→SSH·More threats targetingSSH→HTTP·More threats targetingHTTPS→TELN·More threats targetingTELNET→SIP·More threats targetingSIP→FTP·More threats targetingFTP→RDP·More threats targetingRDP→IMAP·More threats targetingIMAP→RTSP·More threats targetingRTSP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
64.227.91.8	41%	51
159.89.236.241	98%	363
157.230.5.176	76%	119
68.183.203.22	100%	88
68.183.32.47	64%	14

IP Address	Confidence	Events
207.219.221.53	52%	427
20.175.203.24	98%	56
85.217.149.34	89%	623
85.217.149.21	96%	806
85.217.149.17	94%	919