Check an IP Address, Domain Name, Subnet, or ASN

203.222.2.78 was found in our database!

$ whois 203.222.2.78

country·🇹🇼 Taiwan

city·Taichung

isp·VEE TIME CORP.

asn·AS17809

network·Standard

$ sikker risk 203.222.2.78scoring →

confidence

72%High

first_seen·Feb 22, 2026

last_seen·26d ago

sessions·3

events·3

$ sikker protocols 203.222.2.78

TELNET

3 / 3

$ sikker summary 203.222.2.78

203.222.2.78 has a threat confidence score of 72%. This IP address from Taiwan (AS17809, VEE TIME CORP.) has been observed in 3 honeypot sessions targeting TELNET protocols. Detected attack patterns include telnet busybox shell activation with capability check. First observed on February 22, 2026, most recently active February 22, 2026.

$ sikker behaviors 203.222.2.78catalog →

highTelnet Busybox Shell Activation With Capability Check2x

Identifies a Telnet session where BusyBox is leveraged to activate or access a shell environment (sh, shell, system, linuxshell, enable) followed by command capability validation (ping). This pattern reflects deliberate shell breakout and execution-context validation commonly observed in IoT botnets and embedded Linux compromise workflows. The presence of multiple shell invocation variants combined with BusyBox applet usage indicates adaptive execution logic rather than incidental command usage.

$ sikker primitives 203.222.2.78

telnet_command_sh4 telnet_command_ping2 telnet_command_shell2 telnet_command_enable2 telnet_command_system2 telnet_command_linuxshell2 telnet_busybox_unknown_applet_invocation2

$ sikker related 203.222.2.78

🇹🇼·More threats fromTaiwan→AS·More threats fromVEE TIME CORP.→TELN·More threats targetingTELNET→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
121.254.116.141	13%	9
182.155.18.251	28%	94
182.155.224.234	91%	172
203.217.116.57	65%	4
203.217.124.251	44%	1

IP Address	Confidence	Events
165.154.226.102	96%	2,244
101.13.5.49	40%	164
211.20.122.135	26%	80
101.9.38.172	23%	1
60.244.155.109	100%	1,067