Check an IP Address, Domain Name, Subnet, or ASN

45.84.196.112 was found in our database!

$ whois 45.84.196.112

country·🇩🇪 Germany

isp·24fire GmbH

asn·AS216063

network·Standard

$ sikker risk 45.84.196.112scoring →

confidence

79%High

first_seen·Feb 18, 2026

last_seen·Feb 18, 2026

sessions·32

events·32

$ sikker protocols 45.84.196.112

TELNET

32 / 32

$ sikker summary 45.84.196.112

45.84.196.112 has a threat confidence score of 79%. This IP address from Germany (AS216063, 24fire GmbH) has been observed in 32 honeypot sessions targeting TELNET protocols. Detected attack patterns include telnet shell escalation with busybox execution attempt. First observed on February 18, 2026, most recently active February 18, 2026.

$ sikker behaviors 45.84.196.112catalog →

highTelnet Shell Escalation With Busybox Execution Attempt1x

Telnet session exhibiting privilege escalation and shell breakout commands (enable, system, shell, sh) followed by execution of /bin/busybox with a non-standard or arbitrary applet name. The sequence indicates an attempt to escape restricted CLI environments and execute a staged or randomly named payload via BusyBox. The presence of an unknown BusyBox applet strongly suggests automated bot deployment logic rather than legitimate administrative activity.

$ sikker primitives 45.84.196.112

telnet_command_sh1 telnet_command_shell1 telnet_command_enable1 telnet_command_system1 telnet_busybox_unknown_applet_invocation1

$ sikker related 45.84.196.112

🇩🇪·More threats fromGermany→AS·More threats from24fire GmbH→TELN·More threats targetingTELNET→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
49.51.169.239	96%	2,022
43.131.57.101	96%	2,199
62.171.129.237	99%	63,189
87.106.212.204	78%	12
5.83.144.23	78%	284