95.162.176.56 — Rightel Communication Service Company PJS, IR — Very High (98%)

Check an IP Address, Domain Name, Subnet, or ASN

95.162.176.56 was found in our database!

Confidence Level

98%

Very High?

Geolocation

🇮🇷

Iran

ISPRightel Communication Service Company PJS

ASNAS57218

Activity Timeline

First seenFeb 9, 2026, 10:33 PM

Last seen22d ago

35Sessions

225Events

Protocol Breakdown

SSH

35 / 225

95.162.176.56 has a very high threat confidence level of 98%, originating from Iran, on the Rightel Communication Service Company PJS network (57218). It has been observed across 35 sessions targeting SSH, with detected attack patterns including ssh shell history tampering via environment reload, First observed on February 9, 2026, most recently active February 10, 2026.

Behaviors

Classified behavioral patterns observed

Ssh Shell History Tampering Via Environment Reload

high23x

Identifies an SSH session where the actor manipulates shell environment variables (such as HISTFILE, HISTSIZE, HISTCONTROL, or related variables) and reloads or reinitializes shell history in order to suppress, overwrite, or control command logging. The combination of explicitly setting environment variables and triggering a history reload indicates deliberate command history tampering rather than normal shell usage.

Primitives

Individual actions observed

Ssh Echo Shell Environment Variable23 Ssh History Environment Manipulation And Reload23

Related Threats

Explore related threat intelligence

🇮🇷More threats fromIran ASMore threats fromRightel Communication Service Company PJS SSHMore threats targetingSSH { }Browse allAttack Patterns

WHOIS Lookup

IP Address	Confidence	Events
37.156.159.141	35%	3
37.156.152.170	23%	1
37.156.157.125	44%	5
89.34.48.236	35%	3
94.24.19.151	88%	24

IP Address	Confidence	Events
172.94.9.156	32%	1
192.253.248.93	32%	1
77.90.185.16	82%	2,238
172.94.9.56	32%	1
172.94.9.129	32%	1