Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
43.142.113.25 has a threat confidence score of 100%. This IP address from China (AS45090, Shenzhen Tencent Computer Systems Company Limited) has been observed in 1,271 honeypot sessions and reported 1 times targeting TELNET protocols. Detected attack patterns include telnet shell escalation with busybox execution attempt. First observed on January 20, 2026, most recently active May 6, 2026.
Telnet session exhibiting privilege escalation and shell breakout commands (enable, system, shell, sh) followed by execution of /bin/busybox with a non-standard or arbitrary applet name. The sequence indicates an attempt to escape restricted CLI environments and execute a staged or randomly named payload via BusyBox. The presence of an unknown BusyBox applet strongly suggests automated bot deployment logic rather than legitimate administrative activity.
| Reporter | Date | Category | Protocol | Comment |
|---|---|---|---|---|
| User | Mar 9, 2026, 11:12 | Brute Force | TELNET | SikkerGuard: 2 blocked packets |