Check an IP Address, Domain Name, Subnet, or ASN

3.92.182.111 was found in our database!

$ whois 3.92.182.111

country·🇺🇸 United States

city·Ashburn

isp·Amazon.com, Inc.

asn·AS14618

network·Standard

$ sikker risk 3.92.182.111scoring →

confidence

77%High

first_seen·Mar 13, 2026

last_seen·1h ago

first_reported·Mar 17, 2026

last_reported·6d ago

sessions·25

events·25

reports·1

$ sikker protocols 3.92.182.111

HTTPS

9 / 9

FTP

5 / 5

HTTP

4 / 4

RDP

3 / 3

ELASTICSEARCH

3 / 3

SSH

1 / 1

DOCKER

0 / 0 / 1r

$ sikker summary 3.92.182.111

3.92.182.111 has a threat confidence score of 77%. This IP address from United States (AS14618, Amazon.com, Inc.) has been observed in 25 honeypot sessions and reported 1 times targeting HTTPS, FTP, HTTP, RDP, ELASTICSEARCH and 2 other protocols. First observed on March 13, 2026, most recently active March 24, 2026.

$ sikker behaviors 3.92.182.111catalog →

infoFtp Tls Upgrade5x

FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.

infoHttp Root Path Request4x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request3x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 3.92.182.111

ftp_auth_tls5 http_method_get4 https_path_root3 elastic_http_get_request3 elastic_http_bad_request_path_probe3

$ sikker reports 3.92.182.111submit →

Showing 1 of 1 report from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 17, 2026, 18:39	Brute Force	DOCKER	SikkerGuard: 6 blocked packets

$ sikker related 3.92.182.111

🇺🇸·More threats fromUnited States→AS·More threats fromAmazon.com, Inc.→HTTP·More threats targetingHTTPS→FTP·More threats targetingFTP→HTTP·More threats targetingHTTP→RDP·More threats targetingRDP→ELAS·More threats targetingELASTICSEARCH→SSH·More threats targetingSSH→DOCK·More threats targetingDOCKER→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
52.90.76.255	54%	21
18.212.227.85	58%	21
54.226.154.2	49%	15
13.220.49.234	56%	24
52.87.177.107	57%	16

IP Address	Confidence	Events
181.215.65.49	85%	4,908
45.61.184.223	98%	3,458
66.132.195.98	88%	31
92.118.39.63	100%	53,683
66.132.186.170	60%	7