Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
68.183.85.206 has a very high threat confidence level of 100%, originating from Bengaluru, India, on the DigitalOcean, LLC network (14061). It has been observed across 100 sessions targeting SSH, with detected attack patterns including ssh host fingerprint and shell rc immutable removal, ssh hardened host profiling and shell rc immutability bypass, First observed on February 23, 2026, most recently active March 10, 2026.
Execution of a multi-command host fingerprinting script that collects kernel details, architecture, uptime, CPU count and model, GPU information, login history, and binary help characteristics, combined with chattr -i $HOME/.bashrc $HOME/.zshrc 2>/dev/null || true to remove the immutable attribute from user shell initialization files in the current user’s home directory.
Identifies SSH post-auth activity combining resilient multi-source CPU enumeration (explicit /usr/bin/nproc fallback) with removal of the immutable flag from ~/.shellrc via chattr, indicating host profiling followed by shell configuration tampering for persistence preparation.