Check an IP Address, Domain Name, Subnet, or ASN

85.24.242.216 was found in our database!

$ whois 85.24.242.216

country·🇸🇪 Sweden

city·Kågeröd

isp·Bahnhof AB

asn·AS8473

network·Standard

$ sikker risk 85.24.242.216scoring →

confidence

59%Medium

first_seen·Apr 5, 2026

last_seen·2h ago

sessions·1

events·1

$ sikker protocols 85.24.242.216

SSH

1 / 1

$ sikker summary 85.24.242.216

85.24.242.216 has a threat confidence score of 59%. This IP address from Sweden (AS8473, Bahnhof AB) has been observed in 1 honeypot sessions targeting SSH protocols. Detected attack patterns include ssh routeros cloud probe and telegram sms artifact discovery. First observed on April 5, 2026, most recently active April 5, 2026.

$ sikker behaviors 85.24.242.216catalog →

highSsh Routeros Cloud Probe And Telegram Sms Artifact Discovery1x

SSH post-auth sequence running RouterOS cloud/DDNS commands, Telegram data path checks, GSM/SMS artifact searches, and miner process lookups (`ps | grep miner`), preceded by basic system enumeration.

$ sikker primitives 85.24.242.216

ssh_routeros_ip_cloud_print_probe2 ssh_uname_all1 ssh_cat_proc_cpuinfo1 ssh_ps_ef_grep_miner_bracket_case1 ssh_ifconfig_interface_enumeration1 ssh_routeros_user_set_password_id01 ssh_echo_hi_pipe_cat_numbering_test1 ssh_locate_telegram_tdata_identifier1 ssh_routeros_interface_lte_print_probe1 ssh_routeros_ip_cloud_set_ddns_enabled1 ssh_ps_pipe_grep_miner_case_insensitive1 ssh_ls_telegram_tdata_and_gsm_sms_artifacts1

$ sikker related 85.24.242.216

🇸🇪·More threats fromSweden→AS·More threats fromBahnhof AB→SSH·More threats targetingSSH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
195.178.191.5	100%	1,041
155.4.119.66	59%	1
155.4.244.179	100%	495
155.4.245.222	100%	942
158.174.210.161	100%	985

IP Address	Confidence	Events
185.246.130.20	86%	1,810
78.73.145.147	57%	35
172.232.142.222	73%	45
195.178.191.5	100%	1,041
155.4.119.66	59%	1