Check an IP Address, Domain Name, Subnet, or ASN

182.138.158.219 was found in our database!

$ whois 182.138.158.219

country·🇨🇳 China

city·Chengdu

isp·Chinanet

asn·AS4134

network·Standard

$ sikker risk 182.138.158.219scoring →

confidence

40%Medium

first_seen·Feb 23, 2026

last_seen·1h ago

sessions·4

events·4

$ sikker protocols 182.138.158.219

SSH

1 / 1

HTTPS

1 / 1

REDIS

1 / 1

MONGODB

1 / 1

$ sikker summary 182.138.158.219

182.138.158.219 has a threat confidence score of 40%. This IP address from China (AS4134, Chinanet) has been observed in 4 honeypot sessions targeting SSH, HTTPS, REDIS, MONGODB protocols. First observed on February 23, 2026, most recently active March 26, 2026.

$ sikker behaviors 182.138.158.219catalog →

mediumMongodb Version Fingerprinting Reconnaissance1x

Remote client performs MongoDB service validation and environment fingerprinting by first initiating a wire-protocol handshake (ismaster / hello) followed by execution of the buildInfo command against the admin database. This sequence indicates targeted reconnaissance to determine server role, software version, build characteristics, and platform details. Such activity is commonly associated with automated scanning frameworks and pre-exploitation tooling used to assess exposure and identify version-specific vulnerabilities prior to authentication attempts or database enumeration

$ sikker primitives 182.138.158.219

mongodb_ismaster1 mongodb_buildinfo_admin_command1

$ sikker related 182.138.158.219

🇨🇳·More threats fromChina→AS·More threats fromChinanet→SSH·More threats targetingSSH→HTTP·More threats targetingHTTPS→REDI·More threats targetingREDIS→MONG·More threats targetingMONGODB→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
122.237.59.213	93%	579
221.229.42.98	23%	1
59.37.42.26	64%	2,499
60.172.44.191	12%	4
120.33.126.224	89%	231

IP Address	Confidence	Events
47.105.86.190	83%	38,249
123.138.237.220	93%	23
14.103.114.234	100%	632
112.46.213.171	74%	6
112.123.59.226	33%	2