Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
216.167.32.116 has a threat confidence score of 79%. This IP address from United States (AS2914, NTT America, Inc.) has been observed in 3 honeypot sessions targeting HTTP, SSH protocols. Detected attack patterns include http mass web rce exploitation scanning. First observed on April 10, 2026, most recently active April 10, 2026.
Coordinated automated exploitation attempts targeting public-facing web services, including PHPUnit eval-stdin access, PHP-CGI argument injection, Docker API exposure, directory traversal, ThinkPHP invokeFunction abuse, and command execution patterns (wget/curl pipe to shell). Identifies opportunistic bot-driven RCE scanning and framework-specific exploit chaining against internet-exposed applications.