Check an IP Address, Domain Name, Subnet, or ASN

194.187.176.148 was found in our database!

$ whois 194.187.176.148

country·🇩🇪 Germany

city·Berlin

isp·Alpha Strike Labs GmbH

asn·AS208843

network·Standard

$ sikker risk 194.187.176.148scoring →

confidence

58%Medium

first_seen·Jan 26, 2026

last_seen·2h ago

sessions·8

events·10

$ sikker protocols 194.187.176.148

HTTP

1 / 3

RDP

1 / 1

SMB

1 / 1

SSH

1 / 1

IMAP

1 / 1

SMTP

1 / 1

HTTPS

1 / 1

MONGODB

1 / 1

$ sikker summary 194.187.176.148

194.187.176.148 has a threat confidence score of 58%. This IP address from Germany (AS208843, Alpha Strike Labs GmbH) has been observed in 8 honeypot sessions targeting HTTP, RDP, SMB, SSH, IMAP and 3 other protocols. First observed on January 26, 2026, most recently active March 22, 2026.

$ sikker behaviors 194.187.176.148catalog →

mediumMongodb Version Fingerprinting Reconnaissance1x

Remote client performs MongoDB service validation and environment fingerprinting by first initiating a wire-protocol handshake (ismaster / hello) followed by execution of the buildInfo command against the admin database. This sequence indicates targeted reconnaissance to determine server role, software version, build characteristics, and platform details. Such activity is commonly associated with automated scanning frameworks and pre-exploitation tooling used to assess exposure and identify version-specific vulnerabilities prior to authentication attempts or database enumeration

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 194.187.176.148

http_method_get1 https_path_root1 mongodb_ismaster1 mongodb_buildinfo_admin_command1

$ sikker related 194.187.176.148

🇩🇪·More threats fromGermany→AS·More threats fromAlpha Strike Labs GmbH→HTTP·More threats targetingHTTP→RDP·More threats targetingRDP→SMB·More threats targetingSMB→SSH·More threats targetingSSH→IMAP·More threats targetingIMAP→SMTP·More threats targetingSMTP→HTTP·More threats targetingHTTPS→MONG·More threats targetingMONGODB→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
194.187.176.101	41%	14
194.187.176.22	27%	14
194.187.176.35	31%	16
194.187.176.225	41%	17
194.187.176.32	32%	16

IP Address	Confidence	Events
87.106.147.36	99%	200,509
176.65.139.76	42%	5
5.83.144.23	79%	768
89.163.204.62	88%	79,063
146.0.42.48	87%	62,204