Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
188.166.33.50 has a threat confidence score of 97%. This IP address from The Netherlands (AS14061, DigitalOcean, LLC) has been observed in 31 honeypot sessions targeting SSH, HTTP protocols. Detected attack patterns include ssh hardened host profiling and shell rc immutability bypass, http git repository config exposure probe. First observed on March 15, 2026, most recently active April 30, 2026.
Identifies SSH post-auth activity combining resilient multi-source CPU enumeration (explicit /usr/bin/nproc fallback) with removal of the immutable flag from ~/.shellrc via chattr, indicating host profiling followed by shell configuration tampering for persistence preparation.
Identifies HTTP GET requests targeting /.git/config, indicating attempts to access exposed Git repository configuration files. Successful access may enable repository reconstruction, credential harvesting, or source code disclosure.