Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
175.196.135.148 has a threat confidence score of 87%. This IP address from South Korea (AS4766, Korea Telecom) has been observed in 33 honeypot sessions and reported 2 times targeting SSH protocols. Detected attack patterns include ssh routeros cloud probe and telegram sms artifact discovery. First observed on February 8, 2026, most recently active March 28, 2026.
SSH post-auth sequence running RouterOS cloud/DDNS commands, Telegram data path checks, GSM/SMS artifact searches, and miner process lookups (`ps | grep miner`), preceded by basic system enumeration.
| Reporter | Date | Category | Protocol | Comment |
|---|---|---|---|---|
| Anonymous | Mar 23, 2026, 02:54 | Brute Force | SSH | — |
| User | Mar 9, 2026, 10:12 | Brute Force | SSH | SikkerGuard: 2 blocked packets |