Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
78.128.112.74 has a threat confidence score of 94%. This IP address from Bulgaria (AS208637, 4 Vendeta Ltd) has been observed in 314 honeypot sessions and reported 1 times targeting SSH, HTTPS, HTTP, TELNET protocols. First observed on January 27, 2026, most recently active March 27, 2026.
Repeated SSH password authentication attempts observed within the same activity window, indicating automated credential guessing against the SSH service. The behavior reflects authentication-based access attempts derived from observed password login events without assuming successful compromise.
Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.
| Reporter | Date | Category | Protocol | Comment |
|---|---|---|---|---|
| User | Feb 26, 2026, 13:36 | Brute Force | TELNET | SikkerGuard: 6 blocked packets |