Check an IP Address, Domain Name, Subnet, or ASN

82.162.63.90 was found in our database!

$ whois 82.162.63.90

country·🇷🇺 Russia

city·Vladivostok

isp·Rostelecom

asn·AS12389

network·Standard

$ sikker risk 82.162.63.90scoring →

confidence

72%High

first_seen·Feb 4, 2026

last_seen·1h ago

sessions·17

events·45

$ sikker protocols 82.162.63.90

TELNET

17 / 45

$ sikker summary 82.162.63.90

82.162.63.90 has a threat confidence score of 72%. This IP address from Russia (AS12389, Rostelecom) has been observed in 17 honeypot sessions targeting TELNET protocols. Detected attack patterns include telnet shell escalation with busybox execution attempt. First observed on February 4, 2026, most recently active March 20, 2026.

$ sikker behaviors 82.162.63.90catalog →

highTelnet Shell Escalation With Busybox Execution Attempt3x

Telnet session exhibiting privilege escalation and shell breakout commands (enable, system, shell, sh) followed by execution of /bin/busybox with a non-standard or arbitrary applet name. The sequence indicates an attempt to escape restricted CLI environments and execute a staged or randomly named payload via BusyBox. The presence of an unknown BusyBox applet strongly suggests automated bot deployment logic rather than legitimate administrative activity.

$ sikker primitives 82.162.63.90

telnet_command_enable11 telnet_command_system8 telnet_command_sh4 telnet_command_shell4 telnet_busybox_unknown_applet_invocation4 telnet_system_command_invocation2

$ sikker related 82.162.63.90

🇷🇺·More threats fromRussia→AS·More threats fromRostelecom→TELN·More threats targetingTELNET→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
178.44.195.245	32%	23
212.220.71.42	27%	84
178.69.224.233	35%	167
78.36.4.34	16%	16
176.211.3.15	35%	3

IP Address	Confidence	Events
81.29.142.100	100%	26,878
2.63.211.145	79%	19,719
89.17.36.85	30%	111
193.143.1.23	71%	48
178.44.195.245	32%	23