Check an IP Address, Domain Name, Subnet, or ASN

61.152.89.39 was found in our database!

$ whois 61.152.89.39

country·🇨🇳 China

isp·China Telecom Group

asn·AS4812

network·Standard

$ sikker risk 61.152.89.39scoring →

confidence

76%High

first_seen·Mar 11, 2026

last_seen·2h ago

sessions·37

events·37

$ sikker protocols 61.152.89.39

SMB

19 / 19

MSSQL

18 / 18

$ sikker summary 61.152.89.39

61.152.89.39 has a threat confidence score of 76%. This IP address from China (AS4812, China Telecom Group) has been observed in 37 honeypot sessions targeting SMB, MSSQL protocols. Detected attack patterns include smb remcom stdout pipe access. First observed on March 11, 2026, most recently active March 21, 2026.

$ sikker behaviors 61.152.89.39catalog →

highSmb Remcom Stdout Pipe Access3x

SMB session accessing a RemCom_stdout* named pipe following IPC$ share access, indicating interaction with a RemCom-style remote command execution channel.

$ sikker primitives 61.152.89.39

smb_empty_rpc_call3 smb_ipc_share_access3 smb_file_create_remcom_std3

$ sikker related 61.152.89.39

🇨🇳·More threats fromChina→AS·More threats fromChina Telecom Group→SMB·More threats targetingSMB→MSSQ·More threats targetingMSSQL→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
61.129.87.91	33%	144
116.229.120.92	39%	4
180.168.24.186	100%	814
180.159.66.197	15%	7
218.82.108.4	35%	3

IP Address	Confidence	Events
117.71.53.210	49%	335
39.105.218.26	80%	15,416
49.85.224.136	95%	116
121.227.153.106	59%	843
115.190.245.95	96%	1,603