Check an IP Address, Domain Name, Subnet, or ASN

47.242.39.51 was found in our database!

$ whois 47.242.39.51

country·🇭🇰 Hong Kong

city·Hong Kong

isp·Alibaba US Technology Co., Ltd.

asn·AS45102

network·Standard

$ sikker risk 47.242.39.51scoring →

confidence

84%Very High

first_seen·Jan 24, 2026

last_seen·1h ago

sessions·48

events·133

$ sikker protocols 47.242.39.51

TELNET

10 / 46

DOCKER

9 / 33

HTTPS

12 / 28

SSH

17 / 26

$ sikker summary 47.242.39.51

47.242.39.51 has a threat confidence score of 84%. This IP address from Hong Kong (AS45102, Alibaba US Technology Co., Ltd.) has been observed in 48 honeypot sessions targeting TELNET, DOCKER, HTTPS, SSH protocols. Detected attack patterns include docker remote exec via api. First observed on January 24, 2026, most recently active March 23, 2026.

$ sikker behaviors 47.242.39.51catalog →

highDocker Remote Exec Via Api4x

Unauthenticated or externally triggered interaction with the Docker Engine HTTP API resulting in container enumeration (GET /containers/json) followed by multiple POST /containers/{id}/exec and /exec/{id}/start calls. This pattern strongly indicates remote command execution inside running containers through the Docker daemon. In honeypot telemetry this is typically associated with attackers abusing exposed Docker sockets (2375/2376) to gain execution, deploy payloads, or stage further compromise.

$ sikker primitives 47.242.39.51

docker_post_method18 docker_container_exec_path12 telnet_echo_hex_escape_sequence_output9 telnet_wget_sh_no_check_certificate_quiet_stdout_exec9 https_php_ini_directive_injection_allow_url_include_auto_prepend_file9 docker_get_method8 telnet_command_sh8 telnet_command_shell8 telnet_command_system8 docker_list_containers_endpoint8 docker_exec_start_endpoint6 https_cgi_bin_percent_encoded_directory_traversal_bin_sh6 https_path_root4 https_body_wget_curl_pipe_to_sh_apache_selfrep3 ssh_password_authenthication.2 https_phpunit_eval_stdin_rce_probe2

$ sikker related 47.242.39.51

🇭🇰·More threats fromHong Kong→AS·More threats fromAlibaba US Technology Co., Ltd.→TELN·More threats targetingTELNET→DOCK·More threats targetingDOCKER→HTTP·More threats targetingHTTPS→SSH·More threats targetingSSH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
47.76.127.147	82%	20,413
47.239.17.212	84%	1,483
47.242.168.173	100%	583
8.210.28.151	88%	144,349
47.74.19.210	23%	1

IP Address	Confidence	Events
47.76.127.147	82%	20,413
47.239.17.212	84%	1,483
172.110.223.64	98%	11,453
103.149.27.208	100%	770
47.242.168.173	100%	583