← Back to feed
Location
🇧🇷 BR / Flores da Cunha
ASN
AS264157 · GUAREZE FIBRA LTDA
Cloud Provider
—
Total Events
25
Average by volume
Agent Count
2
First / Last Seen
2026-06-01 00:51 — 2026-06-01 01:41
Attack Types
MITRE ATT&CK Techniques
External Corroboration
Blocklist.de
blocklist_de:reported
DShield Top Attackers
dshield:top_attacker
Campaigns
Multi-Agent Scan
SCAN
Active
medium
88 IPs
203158 events
2026-03-10 — ongoing · 88 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
15 IPs
5279 events
2026-03-10 — ongoing · 15 IPs independently targeted the same honeypot sensors within a 24-hour window. Hosted on Linode. Scanning the same …
Multi-Agent Scan
SCAN
Active
medium
103 IPs
204994 events
2026-03-10 — ongoing · 103 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
167 IPs
228590 events
2026-02-22 — ongoing · 167 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
HASSH 16443846184e… — SSH-2.0-Go (90 IPs, 18 countries)
HASSH
Active
high
🇺🇸 US
90 IPs
70839 events
mysql:bruteforcessh:bruteforce
2026-02-22 — ongoing · 90 IPs are running an identical SSH client (HASSH fingerprint 16443846184e…). Top network: Network Solutions, LLC (AS19871). Geographic …
Session Forensics
Sessions
3 (3 with login)
Avg Depth Score
0.9
Commands Executed
17
Files Downloaded
0
Notable Commands
- if [ -r /proc/cpuinfo ] && [ -r /proc/meminfo ] && grep -q "model name" /proc/cpuinfo 2>/dev/null && grep -q "MemTotal" /proc/meminfo 2>/dev/null; then; echo "valid"; else; echo "honeypot"; fi
- if [ -r /proc/cpuinfo ]
- then
- else
- fi
- [ -r /proc/meminfo ]
Fingerprints
HASSH
SSH Client
Evidence Timeline
Interactive Operator
532f6b25a3bb
LOGIN
5
1
90%
Loading events...
HASSH 16443846184eafd…
SSH-2.0-Go
$ if [ -r /proc/cpuinfo ] && [ -r /proc/meminfo ] && grep -q …$ if [ -r /proc/cpuinfo ]$ then $ else $ fi
Interactive Operator
ac98b2fc5d25
LOGIN
6
1
90%
Loading events...
HASSH 16443846184eafd…
SSH-2.0-Go
$ if [ -r /proc/cpuinfo ] && [ -r /proc/meminfo ] && grep -q …$ if [ -r /proc/cpuinfo ]$ [ -r /proc/meminfo ]$ then $ else
Interactive Operator
297afd919b1c
LOGIN
6
1
90%
Loading events...
HASSH 16443846184eafd…
SSH-2.0-Go
$ if [ -r /proc/cpuinfo ] && [ -r /proc/meminfo ] && grep -q …$ if [ -r /proc/cpuinfo ]$ [ -r /proc/meminfo ]$ then $ else