IntrusionLabs / threat intelligence

Sign in

← Back to feed

114.218.57.21

TAGGED SUSPICIOUS how we decide →

Threat Confidence

40%

Location

🇨🇳 CN

ASN

AS4134 · Chinanet

Cloud Provider

—

Total Events

14

Below average by volume

Agent Count

2

First / Last Seen

2026-04-25 10:31 — 2026-05-22 21:26

Attack Types

ssh:bruteforce

MITRE ATT&CK Techniques

Reconnaissance

T1595

Initial Access

T1078

Credential Access

T1110 T1110.001

Discovery

T1016 T1046 T1082

External Corroboration

Blocklist.de

Reported 2026-05-31 21:02

blocklist_de:reported

Campaigns

Not associated with any campaigns

Session Forensics

scanner ×3 reconnaissance ×1

Sessions

4 (1 with login)

Avg Depth Score

0.26

Commands Executed

1

Files Downloaded

0

Notable Commands

uname -s -m

Fingerprints

HASSH

98f63c4d9c87edbd97ed4747fa031019

SSH Client

SSH-2.0-Go

Evidence Timeline

Scanner 2e4dcf9a9e92 w4m_singapore_01 · 2026-05-22 21:24

15%

Loading events...

Scanner f8ad1ed9b2c0 w4m_singapore_01 · 2026-05-22 21:24

15%

Loading events...

Reconnaissance 8eb1e06d6947 newark_01 · 2026-04-25 10:31

1 1 60%

Loading events...

Scanner acb732a719ad newark_01 · 2026-04-25 10:31

15%

Loading events...