Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
40.124.173.168 has a threat confidence score of 66%. This IP address from United States (AS8075, Microsoft Corporation) has been observed in 81 honeypot sessions targeting HTTPS, HTTP, SSH, MONGODB, WINRM and 8 other protocols. First observed on January 20, 2026, most recently active March 12, 2026.
Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.
Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.
FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.
Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration