Check an IP Address, Domain Name, Subnet, or ASN

8.216.5.140 was found in our database!

$ whois 8.216.5.140

country·🇯🇵 Japan

city·Tokyo

isp·Alibaba US Technology Co., Ltd.

asn·AS45102

network·Standard

$ sikker risk 8.216.5.140scoring →

confidence

50%Medium

first_seen·Mar 10, 2026

last_seen·1h ago

sessions·4

events·4

$ sikker protocols 8.216.5.140

SMB

3 / 3

FTP

1 / 1

$ sikker summary 8.216.5.140

8.216.5.140 has a threat confidence score of 50%. This IP address from Japan (AS45102, Alibaba US Technology Co., Ltd.) has been observed in 4 honeypot sessions targeting SMB, FTP protocols. Detected attack patterns include smb authenticated rpc service and account enumeration. First observed on March 10, 2026, most recently active April 26, 2026.

$ sikker behaviors 8.216.5.140catalog →

highSmb Authenticated Rpc Service And Account Enumeration1x

Identifies an SMB session where the IPC$ share is accessed and RPC bindings are established to the SAMR and SRVSVC interfaces via named pipes. The combination of IPC$ access, SAMR RPC binding (Security Account Manager Remote), and SRVSVC pipe interaction indicates authenticated enumeration of user accounts, groups, shares, or service information on a Windows host. This behavior reflects structured post-authentication reconnaissance against Windows systems rather than unauthenticated share scanning.

$ sikker primitives 8.216.5.140

smb_srvsvc_rpc_bind2 smb_rpc_srvsvc_interface_access2 smb_samr_rpc_bind1 smb_ipc_share_access1 smb_srvsvc_pipe_open1

$ sikker related 8.216.5.140

🇯🇵·More threats fromJapan→AS·More threats fromAlibaba US Technology Co., Ltd.→SMB·More threats targetingSMB→FTP·More threats targetingFTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
47.83.227.93	95%	1,290
47.76.235.206	96%	4,239
47.251.24.77	93%	242
8.222.225.103	98%	1,033
47.74.15.96	14%	7

IP Address	Confidence	Events
133.18.211.180	94%	1,490
113.158.205.225	33%	88
137.220.227.200	96%	8,154
118.194.229.85	96%	413
52.193.244.90	97%	6,394