Check an IP Address, Domain Name, Subnet, or ASN

198.38.86.237 was found in our database!

$ whois 198.38.86.237

country·🇮🇳 India

city·Navi Mumbai

isp·WHG Hosting Services Ltd

asn·AS199404

network·Standard

$ sikker risk 198.38.86.237scoring →

confidence

78%High

first_seen·Mar 9, 2026

last_seen·6d ago

sessions·24

events·24

$ sikker protocols 198.38.86.237

POSTGRES

24 / 24

$ sikker summary 198.38.86.237

198.38.86.237 has a threat confidence score of 78%. This IP address from India (AS199404, WHG Hosting Services Ltd) has been observed in 24 honeypot sessions targeting POSTGRES protocols. First observed on March 9, 2026, most recently active March 14, 2026.

$ sikker behaviors 198.38.86.237catalog →

mediumPostgres Environment Fingerprint With Stmtcache Probe9x

Identifies a PostgreSQL reconnaissance sequence where an actor first issues a comment-based parser probe, then interacts using a deterministic statement-cache prepared statement identifier, followed by enumeration of the current database encoding and locale settings via pg_catalog.pg_database. This pattern reflects automated client or adversarial tooling performing environment fingerprinting to assess query parsing behavior, driver compatibility, and database configuration prior to further interaction or exploitation attempts.

$ sikker primitives 198.38.86.237

postgres_ping_comment_marker18 postgres_select_pg_database_encoding_locale18 postgres_prepared_statement_stmtcache_d5e798036d936623055430b36bb1d1608079a2ce1c4c240518

$ sikker related 198.38.86.237

🇮🇳·More threats fromIndia→AS·More threats fromWHG Hosting Services Ltd→POST·More threats targetingPOSTGRES→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
198.38.85.159	23%	33
195.250.30.134	56%	1
103.118.17.229	32%	1
190.92.175.169	27%	1
195.250.31.127	84%	812

IP Address	Confidence	Events
122.168.194.41	100%	839
103.232.245.164	14%	14
103.21.55.206	55%	909
49.205.148.89	44%	6
103.232.113.6	22%	25