Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
178.121.74.35 has a very high threat confidence level of 89%, originating from Minsk, Belarus, on the Republican Unitary Telecommunication Enterprise Beltelecom network (6697). It has been observed across 19 sessions targeting FTP, with detected attack patterns including ftp authenticated upload to reports directory, ftp authenticated upload to scripts directory, First observed on February 21, 2026, most recently active February 21, 2026.
FTP session where a client probes for valid users, attempts authentication, negotiates transfer modes (ASCII/Binary), enumerates the /reports directory, and attempts to upload info.zip in passive mode. This sequence reflects an authenticated file placement attempt following directory discovery, consistent with staged content deployment onto a writable path.
FTP session where a client probes for valid users, attempts authentication, switches transfer modes (ASCII/Binary), enumerates the /scripts directory, and attempts to upload info.zip via STOR in passive mode. This sequence reflects an authenticated file placement attempt following directory discovery, consistent with efforts to deploy content onto a remotely accessible scripts path.