Check an IP Address, Domain Name, Subnet, or ASN

84.53.216.46 was found in our database!

$ whois 84.53.216.46

country·🇷🇺 Russia

city·Vladimir

isp·Rostelecom

asn·AS34168

network·Standard

$ sikker risk 84.53.216.46scoring →

confidence

73%High

first_seen·Mar 8, 2026

last_seen·10d ago

sessions·5

events·5

$ sikker protocols 84.53.216.46

TELNET

5 / 5

$ sikker summary 84.53.216.46

84.53.216.46 has a threat confidence score of 73%. This IP address from Russia (AS34168, Rostelecom) has been observed in 5 honeypot sessions targeting TELNET protocols. Detected attack patterns include telnet shell escalation with busybox execution attempt. First observed on March 8, 2026, most recently active March 9, 2026.

$ sikker behaviors 84.53.216.46catalog →

highTelnet Shell Escalation With Busybox Execution Attempt2x

Telnet session exhibiting privilege escalation and shell breakout commands (enable, system, shell, sh) followed by execution of /bin/busybox with a non-standard or arbitrary applet name. The sequence indicates an attempt to escape restricted CLI environments and execute a staged or randomly named payload via BusyBox. The presence of an unknown BusyBox applet strongly suggests automated bot deployment logic rather than legitimate administrative activity.

$ sikker primitives 84.53.216.46

telnet_command_sh2 telnet_command_shell2 telnet_command_enable2 telnet_command_system2 telnet_busybox_unknown_applet_invocation2

$ sikker related 84.53.216.46

🇷🇺·More threats fromRussia→AS·More threats fromRostelecom→TELN·More threats targetingTELNET→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
84.53.244.90	33%	138
84.53.216.218	23%	1
84.53.198.109	35%	3
84.53.245.14	26%	65
84.53.198.46	28%	5

IP Address	Confidence	Events
82.162.56.186	23%	1
80.89.130.6	29%	102
188.133.167.50	88%	203
80.66.83.43	100%	4,571
31.163.204.85	40%	261