Check an IP Address, Domain Name, Subnet, or ASN

109.165.164.4 was found in our database!

$ whois 109.165.164.4

country·🇧🇦 Bosnia and Herzegovina

city·Prijedor

isp·Telekomunikacije Republike Srpske akcionarsko drustvo Banja Luka

asn·AS25144

network·Standard

$ sikker risk 109.165.164.4scoring →

confidence

79%High

first_seen·Mar 19, 2026

last_seen·1d ago

sessions·7

events·7

$ sikker protocols 109.165.164.4

SMB

7 / 7

$ sikker summary 109.165.164.4

109.165.164.4 has a threat confidence score of 79%. This IP address from Bosnia and Herzegovina (AS25144, Telekomunikacije Republike Srpske akcionarsko drustvo Banja Luka) has been observed in 7 honeypot sessions targeting SMB protocols. Detected attack patterns include remcom remote execution. First observed on March 19, 2026, most recently active March 19, 2026.

$ sikker behaviors 109.165.164.4catalog →

highRemcom Remote Execution3x

Sequential SMB session opening IPC$, accessing the svcctl pipe, issuing an RPC call, then opening the RemCom_communicaton pipe. Indicates remote service-based command execution.

$ sikker primitives 109.165.164.4

smb_empty_rpc_call3 smb_ipc_share_access3 smb_remcom_pipe_open3 smb_svcctl_pipe_open3

$ sikker related 109.165.164.4

🇧🇦·More threats fromBosnia and Herzegovina→AS·More threats fromTelekomunikacije Republike Srpske akcionarsko drustvo Banja Luka→SMB·More threats targetingSMB→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
109.165.134.116	78%	11
109.165.160.118	92%	20
45.131.118.206	19%	41
109.165.162.213	82%	8
109.165.166.25	82%	8

IP Address	Confidence	Events
109.165.160.118	94%	24
109.165.134.116	78%	11
77.78.203.131	21%	37
45.131.118.206	19%	41
98.159.36.152	49%	4