Check an IP Address, Domain Name, Subnet, or ASN

118.194.234.29 was found in our database!

$ whois 118.194.234.29

country·🇸🇬 Singapore

city·Singapore

isp·UCLOUD INFORMATION TECHNOLOGY HK LIMITED

asn·AS135377

network·Standard

$ sikker risk 118.194.234.29scoring →

confidence

83%Very High

first_seen·Mar 10, 2026

last_seen·1h ago

sessions·57

events·57

$ sikker protocols 118.194.234.29

HTTPS

19 / 19

SMTP

14 / 14

SIP

8 / 8

RTSP

6 / 6

FTP

5 / 5

TELNET

4 / 4

MYSQL

1 / 1

$ sikker summary 118.194.234.29

118.194.234.29 has a threat confidence score of 83%. This IP address from Singapore (AS135377, UCLOUD INFORMATION TECHNOLOGY HK LIMITED) has been observed in 57 honeypot sessions targeting HTTPS, SMTP, SIP, RTSP, FTP and 2 other protocols. First observed on March 10, 2026, most recently active March 23, 2026.

$ sikker behaviors 118.194.234.29catalog →

mediumFtp Financial Partner Directory Enumeration1x

FTP session where the client authenticates and performs repeated passive-mode directory listings while navigating directly into finance, HR, partner, vendor, and release paths such as /data/finance, /data/hr, /partners, and /pub/*, indicating targeted discovery of business-sensitive storage locations.

lowMysql Schema Discovery Bot1x

Automated reconnaissance behavior that performs a basic enumeration of accessible MySQL databases to identify available schemas and infer hosted applications or data presence. Often used as an initial validation step to confirm database access and assess whether further enumeration or extraction is worthwhile.

infoFtp Tls Upgrade1x

FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 118.194.234.29

ftp_list_directory21 ftp_set_ascii_mode21 ftp_enter_passive_mode21 ftp_change_working_directory20 ftp_user_probe2 empty_ftp_command2 ftp_auth_tls1 https_path_root1 ftp_help_request1 smtp_ehlo_greeting1 ftp_password_attempt1 mysql_show_databases1 https_path_config_json1 ftp_change_directory_etc1 ftp_feature_list_request1 ftp_change_directory_data1 ftp_change_directory_backups1 ftp_change_directory_configs1 ftp_change_directory_data_hr1 ftp_change_directory_partners1

$ sikker related 118.194.234.29

🇸🇬·More threats fromSingapore→AS·More threats fromUCLOUD INFORMATION TECHNOLOGY HK LIMITED→HTTP·More threats targetingHTTPS→SMTP·More threats targetingSMTP→SIP·More threats targetingSIP→RTSP·More threats targetingRTSP→FTP·More threats targetingFTP→TELN·More threats targetingTELNET→MYSQ·More threats targetingMYSQL→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
152.32.250.188	100%	323
118.193.33.71	90%	23
103.210.21.13	96%	2,279
165.154.2.235	97%	3,865
165.154.105.128	100%	698

IP Address	Confidence	Events
103.141.235.46	97%	1,721
152.42.232.32	88%	376
43.128.66.191	96%	2,231
43.156.94.136	96%	2,259
8.216.133.44	97%	2,775