Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
157.245.66.58 has a threat confidence score of 92%. This IP address from The Netherlands (AS14061, DigitalOcean, LLC) has been observed in 19 honeypot sessions targeting SSH, HTTP protocols. Detected attack patterns include ssh hardened host profiling and shell rc immutability bypass. First observed on March 2, 2026, most recently active April 19, 2026.
Identifies SSH post-auth activity combining resilient multi-source CPU enumeration (explicit /usr/bin/nproc fallback) with removal of the immutable flag from ~/.shellrc via chattr, indicating host profiling followed by shell configuration tampering for persistence preparation.
HTTP request using GET method.
Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.