Check an IP Address, Domain Name, Subnet, or ASN

168.149.102.85 was found in our database!

$ whois 168.149.102.85

country·🇸🇦 Saudi Arabia

city·Makkah

isp·Saudi Telecom Company JSC

asn·AS25019

network·Standard

$ sikker risk 168.149.102.85scoring →

confidence

86%Very High

first_seen·Apr 8, 2026

last_seen·10d ago

sessions·66

events·66

$ sikker protocols 168.149.102.85

MSSQL

54 / 54

SMB

12 / 12

$ sikker summary 168.149.102.85

168.149.102.85 has a threat confidence score of 86%. This IP address from Saudi Arabia (AS25019, Saudi Telecom Company JSC) has been observed in 66 honeypot sessions targeting MSSQL, SMB protocols. First observed on April 8, 2026, most recently active April 8, 2026.

$ sikker behaviors 168.149.102.85catalog →

mediumSmb Svcctl Pipe Access6x

Composite behavior identifying SMB access to the IPC$ share followed by opening of the SVCCTL named pipe. This pattern indicates interaction with the Windows Service Control Manager over SMB and is commonly observed during remote service enumeration, service manipulation, or preparation for remote service-based execution.

$ sikker primitives 168.149.102.85

smb_ipc_share_access6 smb_svcctl_pipe_open6

$ sikker related 168.149.102.85

🇸🇦·More threats fromSaudi Arabia→AS·More threats fromSaudi Telecom Company JSC→MSSQ·More threats targetingMSSQL→SMB·More threats targetingSMB→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
2.88.4.208	30%	2
5.163.113.25	23%	1
207.178.64.207	30%	2
188.49.123.64	68%	2
5.163.179.209	45%	10

IP Address	Confidence	Events
8.213.50.61	93%	740
8.213.43.107	94%	589
5.110.24.217	27%	33
80.253.182.92	76%	20
151.255.3.26	39%	4