IntrusionLabs / threat intelligence

Sign in

← Back to feed

14.103.115.123

Threat Confidence

36%

Location

🇨🇳 CN

ASN

AS4811 · China Telecom Group

Cloud Provider

—

Total Events

27

Average by volume

Agent Count

2

First / Last Seen

2026-03-06 18:00 — 2026-04-08 08:13

Attack Types

ssh:bruteforce

MITRE ATT&CK Techniques

Reconnaissance

T1595

Credential Access

T1110 T1110.001

Discovery

T1046

External Corroboration

Not flagged by any external feeds

Campaigns

Multi-Agent Scan SCAN Active medium

188 IPs 290814 events

2026-04-06 — ongoing · 188 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …

Subnet 14.103.115.0/24 SUBNET Active high 🇨🇳 CN

5 IPs 437 events

2026-02-18 — ongoing · 5 IPs from the same /24 subnet (14.103.115.0/24) were observed attacking our sensors within the same time window. …

Session Forensics

scanner ×5 credential_harvester ×3

Sessions

8

Avg Depth Score

0.22

Commands Executed

0

Files Downloaded

0

Fingerprints

HASSH

03a80b21afa810682a776a7d42e5e6fb

SSH Client

SSH-2.0-libssh_0.11.1

Evidence Timeline

Credential Harvester c4061fe0ace0 w4m_seattle_01 · 2026-04-08 08:11

1 35%

Loading events...

Credential Harvester 1bcc36a6e0cc w4m_seattle_01 · 2026-04-08 07:48

1 35%

Loading events...

Scanner b63c8e20f6e8 w4m_singapore_01 · 2026-04-07 10:00

15%

Loading events...

Scanner a2c7364d4d79 w4m_singapore_01 · 2026-04-04 18:18

15%

Loading events...

Scanner c55ba8cad670 w4m_singapore_01 · 2026-03-12 12:59

15%

Loading events...

Scanner bc467e58e1fb w4m_singapore_01 · 2026-03-06 18:14

15%

Loading events...

Scanner 5f4c123cd260 w4m_singapore_01 · 2026-03-06 18:09

15%

Loading events...

Credential Harvester 9f076a515a39 w4m_singapore_01 · 2026-03-06 18:00

1 35%

Loading events...