Check an IP Address, Domain Name, Subnet, or ASN

123.58.213.20 was found in our database!

$ whois 123.58.213.20

country·🇭🇰 Hong Kong

city·Hong Kong

isp·UCLOUD INFORMATION TECHNOLOGY HK LIMITED

asn·AS135377

network·Standard

$ sikker risk 123.58.213.20scoring →

confidence

75%High

first_seen·Jan 21, 2026

last_seen·1h ago

sessions·103

events·147

$ sikker protocols 123.58.213.20

HTTPS

51 / 70

FTP

6 / 20

HTTP

12 / 17

RTSP

6 / 12

RDP

9 / 9

SSH

9 / 9

SIP

6 / 6

IMAP

2 / 2

SMTP

2 / 2

$ sikker summary 123.58.213.20

123.58.213.20 has a threat confidence score of 75%. This IP address from Hong Kong (AS135377, UCLOUD INFORMATION TECHNOLOGY HK LIMITED) has been observed in 103 honeypot sessions targeting HTTPS, FTP, HTTP, RTSP, RDP and 4 other protocols. First observed on January 21, 2026, most recently active March 21, 2026.

$ sikker behaviors 123.58.213.20catalog →

lowRtsp Stream Enumeration2x

Client requests RTSP OPTIONS followed by DESCRIBE to query supported methods and retrieve stream metadata, but does not proceed to session setup or playback. This pattern is commonly associated with automated scanning or reconnaissance activity checking for exposed cameras or media services.

infoHttps Root Path Request3x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Bad Request Route Probe2x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 123.58.213.20

http_method_get3 https_path_root3 ftp_session_quit3 ftp_set_utf82 rtsp_options2 rtsp_describe2 ftp_user_probe2 ftp_set_binary_mode2 ftp_password_attempt2 http_path_bad_request2 ftp_feature_list_request2 ftp_machine_list_directory2 ftp_enter_extended_passive_mode2 imap_logout1 ftp_help_request1 smtp_ehlo_greeting1 imap_capability_probe1 ftp_system_type_request1 smtp_quit_session_termination1

$ sikker related 123.58.213.20

🇭🇰·More threats fromHong Kong→AS·More threats fromUCLOUD INFORMATION TECHNOLOGY HK LIMITED→HTTP·More threats targetingHTTPS→FTP·More threats targetingFTP→HTTP·More threats targetingHTTP→RTSP·More threats targetingRTSP→RDP·More threats targetingRDP→SSH·More threats targetingSSH→SIP·More threats targetingSIP→IMAP·More threats targetingIMAP→SMTP·More threats targetingSMTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
165.154.4.51	95%	922
123.58.212.9	97%	2,164
103.210.21.35	94%	352
165.154.2.235	97%	2,154
165.154.1.39	95%	749

IP Address	Confidence	Events
123.58.212.9	97%	2,162
172.110.223.68	97%	1,098
124.156.173.6	97%	893
124.156.160.12	96%	2,525
154.23.133.68	93%	251