← Back to feed

172.104.11.34

            edinburgh.scan.bufferover.run
        

Threat Confidence

39%

Location

🇺🇸 US / Cedar Knolls

ASN

AS63949 · Akamai Connected Cloud

Cloud Provider

Akamai/Linode

Total Events

Below average by volume

Agent Count

First / Last Seen

2026-02-26 04:27 — 2026-03-23 02:17

Attack Types

http:scan ssh:bruteforce

External Corroboration

DShield Top Attackers

Reported 2026-03-27 20:01

dshield:top_attacker

Campaigns

Session Forensics

scanner ×2 unknown ×4

Sessions

Avg Depth Score

0.12

Commands Executed

Files Downloaded

Fingerprints

SSH Client

{w\xfa7i\xef\xdbP/ \xd6l\xab\xc10\xfa\x9f\xf4I\xbes\xe4\xbb+y\xbd\xd6-\xb6\xb5\xc9\xc0/\xc0+\xc0\xc0\xc0\xc0 \xc0\xc0GET / HTTP/1.1

Recent Events (last 50)

Timestamp	Port	Proto	Event	Location
2026-03-26 23:22:16	:80	http	HTTP GET request	sea
2026-03-23 02:17:15	:80	http	HTTP GET request	sea
2026-03-22 22:39:43	:80	http	HTTP GET request	sea
2026-03-14 20:21:38	:22	ssh	cowrie.session.closed	sea
2026-03-14 20:21:38	:22	ssh	cowrie.client.version	sea
2026-03-14 20:21:38	:22	ssh	cowrie.session.connect	sea
2026-03-14 20:21:38	:22	ssh	cowrie.session.closed	sea
2026-03-14 20:21:38	:22	ssh	cowrie.client.version	sea
2026-03-14 20:21:38	:22	ssh	cowrie.session.connect	sea
2026-02-26 04:27:58	:80	http	HTTP GET request	sin