Check an IP Address, Domain Name, Subnet, or ASN

1.83.125.139 was found in our database!

$ whois 1.83.125.139

country·🇨🇳 China

city·Xi'an

isp·Chinanet

asn·AS4134

network·Standard

$ sikker risk 1.83.125.139scoring →

confidence

36%Low

first_seen·Mar 3, 2026

last_seen·1h ago

sessions·3

events·3

$ sikker protocols 1.83.125.139

MONGODB

3 / 3

$ sikker summary 1.83.125.139

1.83.125.139 has a threat confidence score of 36%. This IP address from China (AS4134, Chinanet) has been observed in 3 honeypot sessions targeting MONGODB protocols. First observed on March 3, 2026, most recently active March 22, 2026.

$ sikker behaviors 1.83.125.139catalog →

mediumMongodb Version Fingerprinting Reconnaissance1x

Remote client performs MongoDB service validation and environment fingerprinting by first initiating a wire-protocol handshake (ismaster / hello) followed by execution of the buildInfo command against the admin database. This sequence indicates targeted reconnaissance to determine server role, software version, build characteristics, and platform details. Such activity is commonly associated with automated scanning frameworks and pre-exploitation tooling used to assess exposure and identify version-specific vulnerabilities prior to authentication attempts or database enumeration

$ sikker primitives 1.83.125.139

mongodb_ismaster2 mongodb_buildinfo_admin_command2

$ sikker related 1.83.125.139

🇨🇳·More threats fromChina→AS·More threats fromChinanet→MONG·More threats targetingMONGODB→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
59.52.92.98	46%	398
183.60.1.2	52%	12
58.56.128.190	50%	365
122.224.240.99	100%	1,020
218.4.179.173	100%	545

IP Address	Confidence	Events
116.253.213.64	100%	607
101.126.145.180	96%	1,730
1.95.67.60	96%	2,523
124.222.101.119	96%	2,015
183.184.215.3	74%	7