Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
92.241.253.7 has a threat confidence score of 98%. This IP address from Russia (AS3226, OOO NI) has been observed in 46 honeypot sessions and reported 1 times targeting TELNET protocols. Detected attack patterns include telnet busybox shell activation with capability check. First observed on February 19, 2026, most recently active March 8, 2026.
Identifies a Telnet session where BusyBox is leveraged to activate or access a shell environment (sh, shell, system, linuxshell, enable) followed by command capability validation (ping). This pattern reflects deliberate shell breakout and execution-context validation commonly observed in IoT botnets and embedded Linux compromise workflows. The presence of multiple shell invocation variants combined with BusyBox applet usage indicates adaptive execution logic rather than incidental command usage.
| Reporter | Date | Category | Protocol | Comment |
|---|---|---|---|---|
| User | Mar 8, 2026, 23:12 | Brute Force | TELNET | SikkerGuard: 2 blocked packets |