Loading threats
Execution of date +%Y 2>/dev/null to retrieve the current system year in four-digit format while suppressing error output. This pattern reflects system time validation or environment profiling activity, commonly used to assess clock accuracy or detect unrealistic timestamps in sandboxed or emulated environments.
This attack primitive is part of the SikkerAPI detection catalog and is actively monitored across our global honeypot network. No IPs in the current retention window have triggered this detection signature.
When an attacker triggers this primitive, matched IPs will appear here with confidence scores, geolocation, and session details. Browse other SSH detections or look up a specific IP to check its threat profile.