104.209.7.208
Location
🇺🇸 US / San Jose
ASN
AS8075 · Microsoft Corporation
Cloud Provider
Microsoft Azure
Total Events
65
Average by volume
Agent Count
1
First / Last Seen
2026-03-02 09:27 — 2026-03-02 10:07
Attack Types
External Corroboration
Not flagged by any external feeds
Campaigns
Not associated with any campaigns
Session Forensics
Sessions
8 (8 with login)
Avg Depth Score
0.6
Commands Executed
9
Files Downloaded
0
Notable Commands
- hostname
- whoami
- pwd
- grep 'model name' /proc/cpuinfo 2>/dev/null | head -1 | cut -d ':' -f2- | sed 's/^ *//' | xargs || echo unknown
- xargs
- mount | head -5
Fingerprints
HASSH
SSH Client
Recent Events (last 50)
| Timestamp | Port | Proto | Event | Location |
|---|---|---|---|---|
| 2026-03-02 10:07:07 | :22 | ssh | cowrie.session.closed | sin |
| 2026-03-02 10:07:07 | :22 | ssh | cowrie.log.closed | sin |
| 2026-03-02 10:07:07 | :22 | ssh | cowrie.command.input | sin |
| 2026-03-02 10:07:07 | :22 | ssh | cowrie.session.params | sin |
| 2026-03-02 10:07:06 | :22 | ssh | cowrie.login.success | sin |
| 2026-03-02 10:07:06 | :22 | ssh | cowrie.client.kex | sin |
| 2026-03-02 10:07:06 | :22 | ssh | cowrie.client.version | sin |
| 2026-03-02 10:07:06 | :22 | ssh | cowrie.session.connect | sin |
| 2026-03-02 10:01:26 | :22 | ssh | cowrie.session.closed | sin |
| 2026-03-02 10:01:26 | :22 | ssh | cowrie.log.closed | sin |
| 2026-03-02 10:01:26 | :22 | ssh | cowrie.command.input | sin |
| 2026-03-02 10:01:26 | :22 | ssh | cowrie.session.params | sin |
| 2026-03-02 10:01:25 | :22 | ssh | cowrie.login.success | sin |
| 2026-03-02 10:01:25 | :22 | ssh | cowrie.client.kex | sin |
| 2026-03-02 10:01:25 | :22 | ssh | cowrie.client.version | sin |
| 2026-03-02 10:01:24 | :22 | ssh | cowrie.session.connect | sin |
| 2026-03-02 09:55:44 | :22 | ssh | cowrie.session.closed | sin |
| 2026-03-02 09:55:44 | :22 | ssh | cowrie.log.closed | sin |
| 2026-03-02 09:55:44 | :22 | ssh | cowrie.command.input | sin |
| 2026-03-02 09:55:44 | :22 | ssh | cowrie.session.params | sin |
| 2026-03-02 09:55:43 | :22 | ssh | cowrie.login.success | sin |
| 2026-03-02 09:55:43 | :22 | ssh | cowrie.client.kex | sin |
| 2026-03-02 09:55:43 | :22 | ssh | cowrie.client.version | sin |
| 2026-03-02 09:55:43 | :22 | ssh | cowrie.session.connect | sin |
| 2026-03-02 09:50:05 | :22 | ssh | cowrie.session.closed | sin |
| 2026-03-02 09:50:05 | :22 | ssh | cowrie.log.closed | sin |
| 2026-03-02 09:50:05 | :22 | ssh | cowrie.command.input | sin |
| 2026-03-02 09:50:05 | :22 | ssh | cowrie.session.params | sin |
| 2026-03-02 09:50:05 | :22 | ssh | cowrie.login.success | sin |
| 2026-03-02 09:50:04 | :22 | ssh | cowrie.client.kex | sin |
| 2026-03-02 09:50:04 | :22 | ssh | cowrie.client.version | sin |
| 2026-03-02 09:50:04 | :22 | ssh | cowrie.session.connect | sin |
| 2026-03-02 09:44:27 | :22 | ssh | cowrie.session.closed | sin |
| 2026-03-02 09:44:27 | :22 | ssh | cowrie.log.closed | sin |
| 2026-03-02 09:44:27 | :22 | ssh | cowrie.command.input | sin |
| 2026-03-02 09:44:27 | :22 | ssh | cowrie.session.params | sin |
| 2026-03-02 09:44:26 | :22 | ssh | cowrie.login.success | sin |
| 2026-03-02 09:44:26 | :22 | ssh | cowrie.client.kex | sin |
| 2026-03-02 09:44:26 | :22 | ssh | cowrie.client.version | sin |
| 2026-03-02 09:44:25 | :22 | ssh | cowrie.session.connect | sin |
| 2026-03-02 09:38:39 | :22 | ssh | cowrie.session.closed | sin |
| 2026-03-02 09:38:39 | :22 | ssh | cowrie.log.closed | sin |
| 2026-03-02 09:38:39 | :22 | ssh | cowrie.command.input | sin |
| 2026-03-02 09:38:39 | :22 | ssh | cowrie.session.params | sin |
| 2026-03-02 09:38:39 | :22 | ssh | cowrie.login.success | sin |
| 2026-03-02 09:38:38 | :22 | ssh | cowrie.client.kex | sin |
| 2026-03-02 09:38:38 | :22 | ssh | cowrie.client.version | sin |
| 2026-03-02 09:38:38 | :22 | ssh | cowrie.session.connect | sin |
| 2026-03-02 09:33:04 | :22 | ssh | cowrie.session.closed | sin |
| 2026-03-02 09:33:04 | :22 | ssh | cowrie.log.closed | sin |