Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
158.94.208.44 has a threat confidence score of 98%. This IP address from Germany (AS202412, Omegatech LTD) has been observed in 328 honeypot sessions targeting SSH, HTTP, HTTPS protocols. Detected attack patterns include ssh hardened host profiling and shell rc immutability bypass. First observed on February 23, 2026, most recently active April 4, 2026.
Identifies SSH post-auth activity combining resilient multi-source CPU enumeration (explicit /usr/bin/nproc fallback) with removal of the immutable flag from ~/.shellrc via chattr, indicating host profiling followed by shell configuration tampering for persistence preparation.
Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.