Check an IP Address, Domain Name, Subnet, or ASN

157.0.0.10 was found in our database!

$ whois 157.0.0.10

country·🇨🇳 China

city·Nanjing

isp·CHINA UNICOM China169 Backbone

asn·AS4837

network·Standard

$ sikker risk 157.0.0.10scoring →

confidence

99%Very High

first_seen·Jan 21, 2026

last_seen·1h ago

first_reported·Feb 25, 2026

last_reported·2d ago

sessions·143

events·412

reports·23

$ sikker protocols 157.0.0.10

TELNET

143 / 412 / 23r

$ sikker summary 157.0.0.10

157.0.0.10 has a threat confidence score of 99%. This IP address from China (AS4837, CHINA UNICOM China169 Backbone) has been observed in 143 honeypot sessions and reported 23 times targeting TELNET protocols. Detected attack patterns include telnet shell escalation with busybox execution attempt. First observed on January 21, 2026, most recently active March 24, 2026.

$ sikker behaviors 157.0.0.10catalog →

highTelnet Shell Escalation With Busybox Execution Attempt23x

Telnet session exhibiting privilege escalation and shell breakout commands (enable, system, shell, sh) followed by execution of /bin/busybox with a non-standard or arbitrary applet name. The sequence indicates an attempt to escape restricted CLI environments and execute a staged or randomly named payload via BusyBox. The presence of an unknown BusyBox applet strongly suggests automated bot deployment logic rather than legitimate administrative activity.

mediumExecution Environment Capability Discovery2x

Post_auth reconnaissance behavior that probes for available shell interpreters and BusyBox functionality to determine execution pathways, tooling availability, and compatibility for follow-on scripted actions

$ sikker primitives 157.0.0.10

telnet_busybox_unknown_applet_invocation92 telnet_command_sh91 telnet_command_shell83 telnet_command_system25 telnet_command_enable23

$ sikker reports 157.0.0.10submit →

Showing 5 of 23 reports from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 22, 2026, 05:51	Brute Force	TELNET	SikkerGuard: 2 blocked packets
User	Mar 21, 2026, 10:04	Brute Force	TELNET	SikkerGuard: 2 blocked packets
User	Mar 18, 2026, 05:06	Brute Force	TELNET	SikkerGuard: 2 blocked packets
User	Mar 17, 2026, 12:56	Brute Force	TELNET	SikkerGuard: 2 blocked packets
User	Mar 14, 2026, 21:32	Brute Force	TELNET	SikkerGuard: 2 blocked packets

1 / 5

$ sikker related 157.0.0.10

🇨🇳·More threats fromChina→AS·More threats fromCHINA UNICOM China169 Backbone→TELN·More threats targetingTELNET→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
182.127.152.97	100%	85
153.0.80.12	23%	1
123.188.239.247	96%	595
124.128.196.162	62%	31
116.255.215.168	54%	209

IP Address	Confidence	Events
182.127.152.97	100%	85
47.105.86.190	83%	37,063
47.121.27.80	80%	23,102
117.50.185.119	96%	1,789
8.130.184.62	60%	554