Check an IP Address, Domain Name, Subnet, or ASN

118.193.56.171 was found in our database!

$ whois 118.193.56.171

country·🇹🇭 Thailand

city·Bangkok

isp·UCLOUD INFORMATION TECHNOLOGY HK LIMITED

asn·AS135377

network·Standard

$ sikker risk 118.193.56.171scoring →

confidence

89%Very High

first_seen·Feb 1, 2026

last_seen·1h ago

sessions·337

events·426

$ sikker protocols 118.193.56.171

HTTPS

137 / 137

SMTP

45 / 115

IMAP

37 / 37

POSTGRES

23 / 25

MSSQL

23 / 23

SIP

8 / 22

FTP

21 / 21

HTTP

15 / 15

MONGODB

9 / 9

SSH

8 / 8

TELNET

8 / 8

MYSQL

1 / 4

ELASTICSEARCH

2 / 2

$ sikker summary 118.193.56.171

118.193.56.171 has a threat confidence score of 89%. This IP address from Thailand (AS135377, UCLOUD INFORMATION TECHNOLOGY HK LIMITED) has been observed in 337 honeypot sessions targeting HTTPS, SMTP, IMAP, POSTGRES, MSSQL and 8 other protocols. First observed on February 1, 2026, most recently active April 24, 2026.

$ sikker behaviors 118.193.56.171catalog →

mediumFtp Authenticated Session Establishment2x

FTP session where a client probes for valid usernames, attempts authentication, switches to ASCII mode, and enters passive mode without performing explicit file listing or transfer operations. This reflects a completed login and session setup sequence, often observed during credential validation or preparatory access prior to further activity.

lowMysql Schema Discovery Bot1x

Automated reconnaissance behavior that performs a basic enumeration of accessible MySQL databases to identify available schemas and infer hosted applications or data presence. Often used as an initial validation step to confirm database access and assess whether further enumeration or extraction is worthwhile.

infoHttps Path Robots Txt7x

HTTPS request to /robots.txt.

infoFtp Tls Upgrade1x

FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.

infoHttp Fetch Robots Txt1x

HTTP GET request to /robots.txt.

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 118.193.56.171

elastic_root_path_probe50 elastic_http_get_request18 empty_ftp_command14 smtp_ehlo_greeting7 https_path_robots_txt7 smtp_starttls_upgrade_request5 ftp_user_probe4 elastic_cat_indices_enumeration4 ftp_auth_tls2 ftp_help_request2 ftp_set_ascii_mode2 ftp_password_attempt2 ftp_enter_passive_mode2 ftp_feature_list_request2 elastic_http_favicon_path_probe2 elastic_http_bad_request_path_probe2 http_method_get1 mysql_show_databases1 http_robots_txt_path_probe1 mongodb_serverstatus_float_command1

$ sikker related 118.193.56.171

Report IP WHOIS Lookup →

IP Address	Confidence	Events
152.32.247.233	96%	5,984
123.58.200.244	95%	357
152.32.175.158	96%	264
123.58.212.9	96%	7,856
152.32.174.67	100%	435

IP Address	Confidence	Events
152.32.247.233	96%	5,984
119.110.238.34	30%	2
165.154.120.211	93%	738
165.101.64.90	95%	3,229
165.154.120.77	94%	1,086