Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
158.94.208.43 has a threat confidence score of 97%. This IP address from Germany (AS202412, Omegatech LTD) has been observed in 59 honeypot sessions and reported 5 times targeting SMTP protocols. Detected attack patterns include smtp open relay probe. First observed on February 4, 2026, most recently active March 25, 2026.
Automated SMTP interaction sequence consistent with open-relay validation or spam delivery testing. The client performs a full transaction flow (EHLO → RSET → MAIL FROM → RCPT TO → DATA → QUIT) and submits a minimal test message containing known probe markers such as t_Smtp.LocalIP. This pattern indicates scripted activity attempting to confirm whether the server allows unauthenticated message relaying or outbound mail submission. Such behavior is commonly observed from spam bot infrastructure validating targets before larger abuse campaigns.
| Reporter | Date | Category | Protocol | Comment |
|---|---|---|---|---|
| User | Mar 19, 2026, 03:40 | Brute Force | SMTP | SikkerGuard: 6 blocked packets |
| User | Mar 18, 2026, 01:03 | Brute Force | SMTP | SikkerGuard: 4 blocked packets |
| User | Mar 17, 2026, 17:09 | Brute Force | SMTP | SikkerGuard: 6 blocked packets |
| User | Mar 11, 2026, 17:24 | Brute Force | SMTP | SikkerGuard: 6 blocked packets |
| User | Mar 5, 2026, 11:11 | Brute Force | SMTP | SikkerGuard: 6 blocked packets |