Check an IP Address, Domain Name, Subnet, or ASN

77.245.158.195 was found in our database!

$ whois 77.245.158.195

country·🇹🇷 Türkiye

isp·Niobe Bilisim Ltd. Sti.

asn·AS42868

network·Standard

$ sikker risk 77.245.158.195scoring →

confidence

77%High

first_seen·Feb 15, 2026

last_seen·Feb 24, 2026

sessions·57

events·57

$ sikker protocols 77.245.158.195

TELNET

53 / 53

HTTP

2 / 2

HTTPS

2 / 2

$ sikker summary 77.245.158.195

77.245.158.195 has a threat confidence score of 77%. This IP address from Türkiye (AS42868, Niobe Bilisim Ltd. Sti.) has been observed in 57 honeypot sessions targeting TELNET, HTTP, HTTPS protocols. Detected attack patterns include telnet shell escalation with busybox execution attempt. First observed on February 15, 2026, most recently active February 24, 2026.

$ sikker behaviors 77.245.158.195catalog →

highTelnet Shell Escalation With Busybox Execution Attempt1x

Telnet session exhibiting privilege escalation and shell breakout commands (enable, system, shell, sh) followed by execution of /bin/busybox with a non-standard or arbitrary applet name. The sequence indicates an attempt to escape restricted CLI environments and execute a staged or randomly named payload via BusyBox. The presence of an unknown BusyBox applet strongly suggests automated bot deployment logic rather than legitimate administrative activity.

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 77.245.158.195

http_method_get1 https_path_root1 telnet_command_sh1 telnet_command_shell1 telnet_command_enable1 telnet_command_system1 telnet_busybox_unknown_applet_invocation1

$ sikker related 77.245.158.195

🇹🇷·More threats fromTürkiye→AS·More threats fromNiobe Bilisim Ltd. Sti.→TELN·More threats targetingTELNET→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
185.87.252.96	23%	1
77.245.155.167	53%	7

IP Address	Confidence	Events
185.233.164.253	95%	93
212.192.252.101	94%	1,199
185.233.164.48	96%	219
82.22.99.230	97%	10,658
85.117.239.172	95%	106