Check an IP Address, Domain Name, Subnet, or ASN

5.187.97.40 was found in our database!

$ whois 5.187.97.40

country·🇬🇵 Guadeloupe

city·Les Abymes

isp·Canal + Telecom SAS

asn·AS21351

network·Standard

$ sikker risk 5.187.97.40scoring →

confidence

99%Very High

first_seen·Jan 27, 2026

last_seen·16d ago

first_reported·Mar 16, 2026

last_reported·22d ago

sessions·63

events·303

reports·2

$ sikker protocols 5.187.97.40

SSH

63 / 303 / 2r

$ sikker summary 5.187.97.40

5.187.97.40 has a threat confidence score of 99%. This IP address from Guadeloupe (AS21351, Canal + Telecom SAS) has been observed in 63 honeypot sessions and reported 2 times targeting SSH protocols. Detected attack patterns include ssh routeros cloud probe and telegram sms artifact discovery. First observed on January 27, 2026, most recently active April 23, 2026.

$ sikker behaviors 5.187.97.40catalog →

highSsh Routeros Cloud Probe And Telegram Sms Artifact Discovery23x

SSH post-auth sequence running RouterOS cloud/DDNS commands, Telegram data path checks, GSM/SMS artifact searches, and miner process lookups (`ps | grep miner`), preceded by basic system enumeration.

$ sikker primitives 5.187.97.40

ssh_routeros_ip_cloud_print_probe46 ssh_uname_all23 ssh_cat_proc_cpuinfo23 ssh_ps_ef_grep_miner_bracket_case23 ssh_ifconfig_interface_enumeration23 ssh_routeros_user_set_password_id023 ssh_echo_hi_pipe_cat_numbering_test23 ssh_locate_telegram_tdata_identifier23 ssh_routeros_interface_lte_print_probe23 ssh_routeros_ip_cloud_set_ddns_enabled23 ssh_ps_pipe_grep_miner_case_insensitive23 ssh_ls_telegram_tdata_and_gsm_sms_artifacts23

$ sikker reports 5.187.97.40submit →

Showing 2 of 2 reports from 2 contributors

Reporter	Date	Category	Protocol	Comment
Anonymous	Apr 18, 2026, 20:07	Brute Force	SSH	—
User	Mar 16, 2026, 12:06	Brute Force	SSH	SikkerGuard: 2 blocked packets

$ sikker related 5.187.97.40

🇬🇵·More threats fromGuadeloupe→AS·More threats fromCanal + Telecom SAS→SSH·More threats targetingSSH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
89.16.16.241	58%	10
93.176.31.98	66%	5