Check an IP Address, Domain Name, Subnet, or ASN

103.155.56.170 was found in our database!

$ whois 103.155.56.170

country·🇮🇳 India

city·Noida

isp·Texes Connect Private Limited

asn·AS136306

network·Standard

$ sikker risk 103.155.56.170scoring →

confidence

88%Very High

first_seen·Jan 23, 2026

last_seen·9h ago

sessions·40

events·40

$ sikker protocols 103.155.56.170

SMB

40 / 40

$ sikker summary 103.155.56.170

103.155.56.170 has a threat confidence score of 88%. This IP address from India (AS136306, Texes Connect Private Limited) has been observed in 40 honeypot sessions targeting SMB protocols. Detected attack patterns include remcom remote execution. First observed on January 23, 2026, most recently active March 23, 2026.

$ sikker behaviors 103.155.56.170catalog →

highRemcom Remote Execution8x

Sequential SMB session opening IPC$, accessing the svcctl pipe, issuing an RPC call, then opening the RemCom_communicaton pipe. Indicates remote service-based command execution.

mediumSmb Ipc Administrative Share Access1x

Detects authenticated access to the IPC$ administrative share over SMB. This behavior indicates remote interaction with Windows inter-process communication mechanisms and is commonly observed during lateral movement, service enumeration, or preparation for remote command execution.

$ sikker primitives 103.155.56.170

smb_ipc_share_access9 smb_empty_rpc_call8 smb_remcom_pipe_open8 smb_svcctl_pipe_open8 smb_c_share_access2

$ sikker related 103.155.56.170

🇮🇳·More threats fromIndia→AS·More threats fromTexes Connect Private Limited→SMB·More threats targetingSMB→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
103.176.171.88	51%	11
103.155.57.244	59%	18
103.120.130.118	21%	43
103.176.171.85	18%	14
103.176.171.82	35%	3

IP Address	Confidence	Events
106.219.122.98	22%	28
38.254.178.167	93%	13
125.20.175.26	32%	140
20.193.146.159	79%	260
154.206.18.234	24%	45