Loading threats
Attempts to read the current shell’s command history using history, suppresses stderr, and limits output to the last five entries via tail -5. If history is unavailable (e.g., non-interactive shell, restricted environment), it falls back to printing No history. This pattern indicates automated reconnaissance attempting to extract recently executed commands for credential discovery, prior operator activity, or payload intelligence.
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 52.238.26.243 | 99% | 442 | 356 | 🇺🇸 US | AS8075 | 2026-02-27 |
| 172.215.217.69 | 95% | 315 | 302 | 🇺🇸 US | AS8075 | 2026-03-05 |
| 20.51.198.210 | 99% | 134 | 94 | 🇺🇸 US | AS8075 | 2026-02-22 |
| 52.154.20.50 | 84% | 48 | 48 | 🇺🇸 US | AS8075 | 2026-02-19 |