Check an IP Address, Domain Name, Subnet, or ASN

58.249.147.46 was found in our database!

$ whois 58.249.147.46

country·🇨🇳 China

city·Guangzhou

isp·China Unicom Guangzhou network

asn·AS17622

network·Standard

$ sikker risk 58.249.147.46scoring →

confidence

63%High

first_seen·Apr 1, 2026

last_seen·5h ago

sessions·2

events·2

$ sikker protocols 58.249.147.46

SSH

2 / 2

$ sikker summary 58.249.147.46

58.249.147.46 has a threat confidence score of 63%. This IP address from China (AS17622, China Unicom Guangzhou network) has been observed in 2 honeypot sessions targeting SSH protocols. Detected attack patterns include ssh routeros cloud probe and telegram sms artifact discovery. First observed on April 1, 2026, most recently active April 2, 2026.

$ sikker behaviors 58.249.147.46catalog →

highSsh Routeros Cloud Probe And Telegram Sms Artifact Discovery1x

SSH post-auth sequence running RouterOS cloud/DDNS commands, Telegram data path checks, GSM/SMS artifact searches, and miner process lookups (`ps | grep miner`), preceded by basic system enumeration.

$ sikker primitives 58.249.147.46

ssh_routeros_ip_cloud_print_probe2 ssh_uname_all1 ssh_cat_proc_cpuinfo1 ssh_ps_ef_grep_miner_bracket_case1 ssh_ifconfig_interface_enumeration1 ssh_routeros_user_set_password_id01 ssh_echo_hi_pipe_cat_numbering_test1 ssh_locate_telegram_tdata_identifier1 ssh_routeros_interface_lte_print_probe1 ssh_routeros_ip_cloud_set_ddns_enabled1 ssh_ps_pipe_grep_miner_case_insensitive1 ssh_ls_telegram_tdata_and_gsm_sms_artifacts1

$ sikker related 58.249.147.46

🇨🇳·More threats fromChina→AS·More threats fromChina Unicom Guangzhou network→SSH·More threats targetingSSH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
120.85.114.241	39%	1
58.249.128.238	23%	1
112.94.5.43	47%	340
112.94.189.100	23%	1
112.94.190.178	23%	1

IP Address	Confidence	Events
112.46.214.114	95%	122
139.199.80.137	86%	109,778
106.13.22.244	100%	290
1.92.101.41	100%	140
182.44.82.212	100%	202