Check an IP Address, Domain Name, Subnet, or ASN

190.52.38.56 was found in our database!

$ whois 190.52.38.56

country·🇦🇷 Argentina

city·San Salvador de Jujuy

isp·TV MUSIC HOUSE JUJUY

asn·AS52312

network·Standard

$ sikker risk 190.52.38.56scoring →

confidence

72%High

first_seen·Mar 3, 2026

last_seen·5d ago

sessions·4

events·4

$ sikker protocols 190.52.38.56

TELNET

4 / 4

$ sikker summary 190.52.38.56

190.52.38.56 has a threat confidence score of 72%. This IP address from Argentina (AS52312, TV MUSIC HOUSE JUJUY) has been observed in 4 honeypot sessions targeting TELNET protocols. Detected attack patterns include telnet shell escalation with busybox execution attempt. First observed on March 3, 2026, most recently active March 15, 2026.

$ sikker behaviors 190.52.38.56catalog →

highTelnet Shell Escalation With Busybox Execution Attempt4x

Telnet session exhibiting privilege escalation and shell breakout commands (enable, system, shell, sh) followed by execution of /bin/busybox with a non-standard or arbitrary applet name. The sequence indicates an attempt to escape restricted CLI environments and execute a staged or randomly named payload via BusyBox. The presence of an unknown BusyBox applet strongly suggests automated bot deployment logic rather than legitimate administrative activity.

$ sikker primitives 190.52.38.56

telnet_command_sh4 telnet_command_shell4 telnet_command_enable4 telnet_command_system4 telnet_busybox_unknown_applet_invocation4

$ sikker related 190.52.38.56

🇦🇷·More threats fromArgentina→AS·More threats fromTV MUSIC HOUSE JUJUY→TELN·More threats targetingTELNET→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
190.52.38.11	67%	4
190.52.38.71	56%	1
190.52.38.112	75%	5
190.52.38.13	79%	5
190.52.38.15	70%	3

IP Address	Confidence	Events
161.22.7.129	52%	12
190.181.68.14	32%	38
190.19.5.189	80%	8
181.0.209.22	100%	347
170.83.125.15	29%	91