Check an IP Address, Domain Name, Subnet, or ASN

109.164.3.101 was found in our database!

$ whois 109.164.3.101

country·🇨🇿 Czechia

city·Prague

isp·STARNET, s.r.o.

asn·AS44489

network·Standard

$ sikker risk 109.164.3.101scoring →

confidence

87%Very High

first_seen·Feb 25, 2026

last_seen·1h ago

sessions·32

events·32

$ sikker protocols 109.164.3.101

SIP

32 / 32

$ sikker summary 109.164.3.101

109.164.3.101 has a threat confidence score of 87%. This IP address from Czechia (AS44489, STARNET, s.r.o.) has been observed in 32 honeypot sessions targeting SIP protocols. First observed on February 25, 2026, most recently active March 18, 2026.

$ sikker behaviors 109.164.3.101catalog →

mediumSip Invite Direct Call Attempt Structured32x

Automated SIP INVITE requests initiating direct call setup toward a numeric extension, indicating scripted VoIP interaction rather than passive capability probing. The client attempts to establish a call session (e.g., extension-to-extension dialing such as 100 → 100) using high-entropy Call-ID values, a pattern frequently associated with automated dialers, toll-fraud reconnaissance, or PBX abuse tooling. These interactions validate whether the endpoint accepts call initiation and may precede brute-force registration attempts, relay abuse, or fraudulent outbound call campaigns.

$ sikker primitives 109.164.3.101

sip_invite_request32 sip_call_id_long_numeric32 sip_call_id_alphanumeric_entropy32

$ sikker related 109.164.3.101

🇨🇿·More threats fromCzechia→AS·More threats fromSTARNET, s.r.o.→SIP·More threats targetingSIP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
78.44.192.210	100%	544
90.180.197.128	100%	656
45.39.20.121	23%	1
104.253.81.195	23%	1
172.71.15.116	2%	2