Check an IP Address, Domain Name, Subnet, or ASN

101.47.20.210 was found in our database!

$ whois 101.47.20.210

country·🇸🇬 Singapore

city·Singapore

isp·Byteplus Pte. Ltd.

asn·AS150436

network·Standard

$ sikker risk 101.47.20.210scoring →

confidence

92%Very High

first_seen·Mar 22, 2026

last_seen·2h ago

sessions·19

events·19

$ sikker protocols 101.47.20.210

SSH

19 / 19

$ sikker summary 101.47.20.210

101.47.20.210 has a threat confidence score of 92%. This IP address from Singapore (AS150436, Byteplus Pte. Ltd.) has been observed in 19 honeypot sessions targeting SSH protocols. Detected attack patterns include ssh authorized keys persistence established. First observed on March 22, 2026, most recently active April 18, 2026.

$ sikker behaviors 101.47.20.210catalog →

very_highSsh Authorized Keys Persistence Established5x

Removal of filesystem attribute protections from the user’s .ssh directory followed by deletion and recreation of the directory and insertion of a new public key into authorized_keys. This pattern reflects deliberate modification of SSH trust configuration to establish persistent key-based access.

mediumSsh Uname Kernel And Architecture Discovery2x

Identifies SSH session activity where the attacker executes uname -s -m to retrieve the operating system name and machine architecture for host fingerprinting and payload targeting.

$ sikker primitives 101.47.20.210

ssh_authorized_keys_replacement_home5 unix_home_ssh_directory_attribute_modification_attempt5 ssh_uname_kernel_and_arch2

$ sikker related 101.47.20.210

🇸🇬·More threats fromSingapore→AS·More threats fromByteplus Pte. Ltd.→SSH·More threats targetingSSH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
101.47.159.50	100%	102
150.5.169.138	100%	1,101
101.47.8.188	100%	363
101.47.8.187	100%	103
163.7.4.169	97%	39

IP Address	Confidence	Events
43.160.245.106	100%	4,320
46.250.232.3	95%	2,186
103.1.64.36	100%	102
54.151.176.0	85%	10,822
47.84.110.105	21%	3