Check an IP Address, Domain Name, Subnet, or ASN

101.36.123.67 was found in our database!

$ whois 101.36.123.67

country·🇭🇰 Hong Kong

city·Hong Kong

isp·UCLOUD INFORMATION TECHNOLOGY HK LIMITED

asn·AS135377

network·Standard

$ sikker risk 101.36.123.67scoring →

confidence

87%Very High

first_seen·Jan 23, 2026

last_seen·1h ago

sessions·196

events·263

$ sikker protocols 101.36.123.67

HTTPS

103 / 134

HTTP

55 / 83

SMTP

6 / 11

RDP

9 / 9

SSH

6 / 9

FTP

6 / 6

SIP

6 / 6

IMAP

4 / 4

ELASTICSEARCH

1 / 1

$ sikker summary 101.36.123.67

101.36.123.67 has a threat confidence score of 87%. This IP address from Hong Kong (AS135377, UCLOUD INFORMATION TECHNOLOGY HK LIMITED) has been observed in 196 honeypot sessions targeting HTTPS, HTTP, SMTP, RDP, SSH and 4 other protocols. First observed on January 23, 2026, most recently active April 19, 2026.

$ sikker behaviors 101.36.123.67catalog →

mediumSip Request Uri Sip Nm2x

SIP request using sip:nm as the Request-URI, a malformed or placeholder target commonly observed in SIP scanning and fuzzing activity rather than legitimate client behavior.

infoHttp Root Path Request5x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttp Http Method Get4x

HTTP request using GET method.

infoHttps Root Path Request2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Fetch Robots Txt1x

HTTP GET request to /robots.txt.

infoHttp Bad Request Route Probe1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 101.36.123.67

http_method_get7 smtp_ehlo_greeting7 smtp_quit_session_termination6 elastic_http_get_request4 ftp_set_utf82 ftp_user_probe2 https_path_root2 ftp_help_request2 ftp_session_quit2 ftp_set_binary_mode2 ftp_password_attempt2 sip_request_uri_sip_nm2 ftp_system_type_request2 ftp_feature_list_request2 ftp_enter_extended_passive_mode2 http_path_bad_request1 elastic_root_path_probe1 https_favicon_ico_request1 ftp_machine_list_directory1 http_robots_txt_path_probe1

$ sikker related 101.36.123.67

🇭🇰·More threats fromHong Kong→AS·More threats fromUCLOUD INFORMATION TECHNOLOGY HK LIMITED→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→SMTP·More threats targetingSMTP→RDP·More threats targetingRDP→SSH·More threats targetingSSH→FTP·More threats targetingFTP→SIP·More threats targetingSIP→IMAP·More threats targetingIMAP→ELAS·More threats targetingELASTICSEARCH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
165.154.60.204	75%	7
118.193.57.59	91%	200
165.154.120.211	93%	572
103.14.33.89	95%	1,286
152.32.247.233	96%	4,640

IP Address	Confidence	Events
103.52.153.51	96%	1,045
152.32.131.224	64%	4
47.86.190.58	46%	7
42.200.156.165	95%	969
154.64.250.144	96%	2,480