Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
47.238.87.167 has a threat confidence score of 90%. This IP address from Hong Kong (AS45102, Alibaba US Technology Co., Ltd.) has been observed in 159 honeypot sessions targeting HTTPS, SMB, HTTP, RTSP, SIP and 11 other protocols. First observed on March 9, 2026, most recently active April 29, 2026.
Client performs a full RTSP interaction sequence — OPTIONS, DESCRIBE, SETUP, and PLAY — indicating an attempt to initialize and access a media stream. This pattern reflects active interaction with a streaming service rather than simple probing, and is commonly seen when automated tools or unauthorized clients try to view exposed camera or RTSP feeds.
Client performs a full RTSP interaction sequence — OPTIONS, DESCRIBE, SETUP, and PLAY — indicating an attempt to initialize and access a media stream. This pattern reflects active interaction with a streaming service rather than simple probing, and is commonly seen when automated tools or unauthorized clients try to view exposed camera or RTSP feeds.
Enumerates MongoDB server metadata and storage characteristics across multiple databases by issuing commands such as buildInfo, serverStatus, hostInfo, features, and isMaster, followed by systematic dbStats and collStats queries against common databases including admin, config, local, test, and production. This behavior reflects structured reconnaissance intended to map server capabilities, deployment topology, and data footprint prior to potential follow-on actions.
Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.
HTTP request using GET method.