Check an IP Address, Domain Name, Subnet, or ASN

111.170.152.113 was found in our database!

$ whois 111.170.152.113

country·🇨🇳 China

isp·China Telecom

asn·AS151185

network·Standard

$ sikker risk 111.170.152.113scoring →

confidence

73%High

first_seen·Mar 11, 2026

last_seen·7d ago

sessions·19

events·19

$ sikker protocols 111.170.152.113

RDP

19 / 19

$ sikker summary 111.170.152.113

111.170.152.113 has a threat confidence score of 73%. This IP address from China (AS151185, China Telecom) has been observed in 19 honeypot sessions targeting RDP protocols. First observed on March 11, 2026, most recently active April 12, 2026.

$ sikker behaviors 111.170.152.113catalog →

mediumRdp Legacy Plaintext Authentication Attempt14x

Identifies RDP clients attempting authentication using the legacy RDP security mode where credentials are exchanged through the older RDP security layer instead of Network Level Authentication (NLA). This indicates the client negotiated legacy plaintext authentication during the RDP security handshake

$ sikker primitives 111.170.152.113

rdp_legacy_plaintext_authenthication14

$ sikker related 111.170.152.113

🇨🇳·More threats fromChina→AS·More threats fromChina Telecom→RDP·More threats targetingRDP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
111.170.153.236	100%	211
61.184.21.192	23%	1
111.170.35.22	67%	3
111.170.27.102	42%	5
111.170.34.11	48%	11

IP Address	Confidence	Events
221.14.219.220	79%	93
1.192.212.177	76%	3,280
219.151.181.193	93%	223
14.103.109.71	100%	881
120.48.115.34	76%	87