Check an IP Address, Domain Name, Subnet, or ASN

183.144.95.164 was found in our database!

$ whois 183.144.95.164

country·🇨🇳 China

isp·Chinanet

asn·AS4134

network·Standard

$ sikker risk 183.144.95.164scoring →

confidence

88%Very High

first_seen·Mar 16, 2026

last_seen·1m ago

sessions·120

events·120

$ sikker protocols 183.144.95.164

SMB

120 / 120

$ sikker summary 183.144.95.164

183.144.95.164 has a threat confidence score of 88%. This IP address from China (AS4134, Chinanet) has been observed in 120 honeypot sessions targeting SMB protocols. Detected attack patterns include smb remote service stager via mshta. First observed on March 16, 2026, most recently active March 16, 2026.

$ sikker behaviors 183.144.95.164catalog →

highSmb Remote Service Stager Via Mshta2x

Composite behavior indicating remote lateral movement over SMB followed by service-based execution of a staged payload delivered through mshta invoking msiexec from remote infrastructure. The sequence combines IPC$ share access, SAMR and SVCCTL RPC binding, service control pipe interaction, and remote command execution consistent with administrative service creation or modification to execute a downloaded installer. This pattern is strongly associated with hands-on-keyboard intrusion activity and automated lateral propagation frameworks leveraging Windows service execution for payload deployment.

$ sikker primitives 183.144.95.164

smb_svcctl_rpc_bind10 smb_root_read2 smb_samr_rpc_bind2 smb_ipc_share_access2 smb_svcctl_pipe_open2 mshta_vbscript_msiexec_fetch2

$ sikker related 183.144.95.164

🇨🇳·More threats fromChina→AS·More threats fromChinanet→SMB·More threats targetingSMB→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
180.101.148.94	100%	98
49.88.156.34	99%	5,219
110.80.136.248	49%	19
218.87.21.146	50%	348
183.66.149.42	100%	499

IP Address	Confidence	Events
60.205.184.249	85%	52,800
180.101.148.94	100%	98
47.93.97.12	70%	745
49.88.156.34	99%	5,219
14.103.117.105	100%	976