Check an IP Address, Domain Name, Subnet, or ASN

176.53.162.45 was found in our database!

$ whois 176.53.162.45

country·🇷🇺 Russia

city·St Petersburg

isp·Jsc timeweb

asn·AS9123

network·Standard

$ sikker risk 176.53.162.45scoring →

confidence

65%High

first_seen·Mar 27, 2026

last_seen·1h ago

sessions·5

events·5

$ sikker protocols 176.53.162.45

HTTP

2 / 2

HTTPS

2 / 2

ELASTICSEARCH

1 / 1

$ sikker summary 176.53.162.45

176.53.162.45 has a threat confidence score of 65%. This IP address from Russia (AS9123, Jsc timeweb) has been observed in 5 honeypot sessions targeting HTTP, HTTPS, ELASTICSEARCH protocols. First observed on March 27, 2026, most recently active March 27, 2026.

$ sikker behaviors 176.53.162.45catalog →

lowElastic Service Validation And Index Enumeration1x

Client first performs a generic request to the Elasticsearch root endpoint to verify service availability, then proceeds to request /_cat/indices. This sequence reflects staged Elasticsearch reconnaissance where the actor validates that the cluster is reachable before attempting index enumeration and data exposure assessment. Compared to direct index enumeration behaviors, the interaction begins with a service-validation step, suggesting adaptive probing rather than immediate Elasticsearch-specific targeting.

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 176.53.162.45

elastic_http_get_request3 elastic_root_path_probe2 http_method_get1 https_path_root1 elastic_cat_indices_enumeration1

$ sikker related 176.53.162.45

🇷🇺·More threats fromRussia→AS·More threats fromJsc timeweb→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→ELAS·More threats targetingELASTICSEARCH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
5.42.113.253	99%	153
147.45.163.144	75%	3
91.210.170.92	94%	18
188.225.82.118	94%	24
193.164.150.245	93%	23

IP Address	Confidence	Events
82.162.245.26	100%	180
80.66.66.10	63%	91
94.243.4.24	50%	622
213.177.100.74	38%	248
2.63.211.145	79%	20,740