Check an IP Address, Domain Name, Subnet, or ASN

103.83.11.138 was found in our database!

$ whois 103.83.11.138

country·🇮🇳 India

isp·Devdarpan Broadband Pvt. Ltd.

asn·AS136698

network·Standard

$ sikker risk 103.83.11.138scoring →

confidence

96%Very High

first_seen·Feb 7, 2026

last_seen·1h ago

sessions·42

events·54

$ sikker protocols 103.83.11.138

SMB

42 / 54

$ sikker summary 103.83.11.138

103.83.11.138 has a threat confidence score of 96%. This IP address from India (AS136698, Devdarpan Broadband Pvt. Ltd.) has been observed in 42 honeypot sessions targeting SMB protocols. Detected attack patterns include smb remcom remote command execution, remcom remote execution. First observed on February 7, 2026, most recently active March 23, 2026.

$ sikker behaviors 103.83.11.138catalog →

very_highSmb Remcom Remote Command Execution1x

Identifies PsExec/RemCom-style remote command execution over SMB, involving IPC$ share access, service control manager pipe interaction (svcctl), and communication via the RemCom named pipe. This behavior reflects authenticated lateral movement and remote process execution through Windows administrative shares.

highRemcom Remote Execution14x

Sequential SMB session opening IPC$, accessing the svcctl pipe, issuing an RPC call, then opening the RemCom_communicaton pipe. Indicates remote service-based command execution.

$ sikker primitives 103.83.11.138

smb_empty_rpc_call15 smb_ipc_share_access15 smb_remcom_pipe_open15 smb_svcctl_pipe_open15 smb_remcom_named_pipe_communication1

$ sikker related 103.83.11.138

🇮🇳·More threats fromIndia→AS·More threats fromDevdarpan Broadband Pvt. Ltd.→SMB·More threats targetingSMB→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
103.83.9.146	23%	3
103.83.9.197	13%	2
103.83.9.205	14%	3
103.83.9.206	23%	2
103.83.9.192	23%	1

IP Address	Confidence	Events
103.156.237.37	62%	1,075
122.186.174.35	44%	222
122.187.230.154	46%	285
103.212.139.14	30%	115
27.123.102.122	55%	558