Check an IP Address, Domain Name, Subnet, or ASN

42.48.38.170 was found in our database!

$ whois 42.48.38.170

country·🇨🇳 China

city·Changsha

isp·CHINA UNICOM China169 Backbone

asn·AS4837

network·Standard

$ sikker risk 42.48.38.170scoring →

confidence

35%Low

first_seen·Jan 31, 2026

last_seen·1h ago

sessions·4

events·6

$ sikker protocols 42.48.38.170

DOCKER

1 / 3

HTTP

1 / 1

HTTPS

1 / 1

REDIS

1 / 1

$ sikker summary 42.48.38.170

42.48.38.170 has a threat confidence score of 35%. This IP address from China (AS4837, CHINA UNICOM China169 Backbone) has been observed in 4 honeypot sessions targeting DOCKER, HTTP, HTTPS, REDIS protocols. First observed on January 31, 2026, most recently active April 2, 2026.

$ sikker behaviors 42.48.38.170catalog →

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoDocker Invalid Protocol Probe1x

Client repeatedly sends GET requests to the /bad-request Docker API endpoint, indicating malformed or incompatible traffic against the Docker daemon. This pattern is typically associated with generic internet scanning or tools attempting HTTP interaction without speaking the proper Docker API protocol.

$ sikker primitives 42.48.38.170

docker_get_method3 docker_bad_request_uri3 http_method_get1

$ sikker related 42.48.38.170

🇨🇳·More threats fromChina→AS·More threats fromCHINA UNICOM China169 Backbone→DOCK·More threats targetingDOCKER→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→REDI·More threats targetingREDIS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
116.176.58.23	97%	25
153.101.132.65	100%	670
123.8.94.184	100%	25
121.29.4.79	97%	34
123.138.18.10	53%	961

IP Address	Confidence	Events
8.138.98.143	86%	3,191
36.104.147.6	100%	776
114.98.230.202	100%	858
112.46.214.7	88%	2,617
220.205.122.34	100%	779