← Back to feed
20.55.87.180
Location
🇺🇸 US / Washington
ASN
AS8075 · Microsoft Corporation
Cloud Provider
Microsoft Azure
Total Events
2715
Top 1% by volume
Agent Count
1
First / Last Seen
2026-04-29 04:46 — 2026-04-29 06:44
Attack Types
MITRE ATT&CK Techniques
Reconnaissance
Initial Access
Execution
External Corroboration
Not flagged by any external feeds
Session Forensics
Sessions
311 (100 with login)
Avg Depth Score
0.62
Commands Executed
185
Files Downloaded
0
Notable Commands
- hostname 2>/dev/null || echo unknown
- lspci 2>/dev/null | grep -i 'vga\|3d\|display' | sed 's/^.*: //' | head -1 || nvidia-smi --query-gpu=name --format=csv,noheader 2>/dev/null | head -1 || echo 'No GPU found'
- nvidia-smi --query-gpu=name --format=csv,noheader
- bash -c 'df -k / | tail -1 | awk "{print int(\$2/1048576)}"' 2>/dev/null || echo 0
- df -k / | tail -1 | awk "{print int(\$2/1048576)}"
- if command -v yum >/dev/null 2>&1; then echo yum; elif command -v apt >/dev/null 2>&1; then echo apt; elif command -v dnf >/dev/null 2>&1; then echo dnf; elif command -v pacman >/dev/null 2>&1; then echo pacman; else echo none; fi
- if command -v yum
- then echo yum
- elif command -v apt
- then echo apt
- elif command -v dnf
- then echo dnf
- elif command -v pacman
- then echo pacman
- else echo none
- free -m | awk '/^Mem:/{printf "%.1f", $2/1024}' 2>/dev/null || echo 0
- nproc 2>/dev/null || grep -c '^processor' /proc/cpuinfo 2>/dev/null || echo 0
- uname -m 2>/dev/null || echo unknown
- ssh -V 2>&1 || echo unknown
- uname -a 2>/dev/null || echo unknown
Fingerprints
HASSH
SSH Client
Evidence Timeline
Reconnaissance
950b3f5a9dea
LOGIN
1
1
60%
Loading events...
Reconnaissance
12afcf88fbf6
LOGIN
2
1
60%
Loading events...
HASSH 16443846184eafd…
SSH-2.0-Go
$ lspci 2>/dev/null | grep -i 'vga\|3d\|display' | sed 's/^.*…$ nvidia-smi --query-gpu=name --format=csv,noheader
Reconnaissance
0f85782bdd6c
LOGIN
2
1
60%
Loading events...
HASSH 16443846184eafd…
SSH-2.0-Go
$ bash -c 'df -k / | tail -1 | awk "{print int(\$2/1048576)}"…$ df -k / | tail -1 | awk "{print int(\$2/1048576)}"
Interactive Operator
ae22707ed3db
LOGIN
11
1
90%
Loading events...
HASSH 16443846184eafd…
SSH-2.0-Go
$ if command -v yum >/dev/null 2>&1; then echo yum; elif comm…$ if command -v yum$ then echo yum$ elif command -v apt$ then echo apt
Reconnaissance
557046a05c6a
LOGIN
1
1
60%
Loading events...
Reconnaissance
2f69271bb588
LOGIN
1
1
60%
Loading events...
Interactive Operator
09447fce5681
LOGIN
11
1
90%
Loading events...
HASSH 16443846184eafd…
SSH-2.0-Go
$ if command -v yum >/dev/null 2>&1; then echo yum; elif comm…$ if command -v yum$ then echo yum$ elif command -v apt$ then echo apt
Reconnaissance
99b0942bcd7c
LOGIN
1
1
60%
Loading events...
Reconnaissance
4329a27b7947
LOGIN
1
1
60%
Loading events...
Reconnaissance
3bcfbef953fd
LOGIN
1
1
60%
Loading events...
Interactive Operator
818e53d30665
LOGIN
11
1
90%
Loading events...
HASSH 16443846184eafd…
SSH-2.0-Go
$ if command -v yum >/dev/null 2>&1; then echo yum; elif comm…$ if command -v yum$ then echo yum$ elif command -v apt$ then echo apt
Reconnaissance
dd6f7c752ddc
LOGIN
1
1
60%
Loading events...
Reconnaissance
6c85d7f1d5a9
LOGIN
1
1
60%
Loading events...
Reconnaissance
1c9c41eee183
LOGIN
1
1
60%
Loading events...
Reconnaissance
ff142f67d50b
LOGIN
1
1
60%
Loading events...
Reconnaissance
10ff2c56f8cf
LOGIN
1
1
60%
Loading events...
Reconnaissance
f693a270ca71
LOGIN
1
1
60%
Loading events...
Reconnaissance
5407525fd07a
LOGIN
1
1
60%
Loading events...
Reconnaissance
5dafec4e91b5
LOGIN
1
1
60%
Loading events...
Reconnaissance
9622b4fffdd2
LOGIN
1
1
60%
Loading events...
Reconnaissance
ffa743833bb5
LOGIN
1
1
60%
Loading events...
Reconnaissance
80987c94f911
LOGIN
1
1
60%
Loading events...
Reconnaissance
50366153e06d
LOGIN
1
1
60%
Loading events...
Reconnaissance
c98f4e9642d8
LOGIN
1
1
60%
Loading events...
Reconnaissance
4974b141e557
LOGIN
1
1
60%
Loading events...
Reconnaissance
1c296b701548
LOGIN
1
1
60%
Loading events...
Reconnaissance
7e6bd6156ecf
LOGIN
2
1
60%
Loading events...
HASSH 16443846184eafd…
SSH-2.0-Go
$ lspci 2>/dev/null | grep -i 'vga\|3d\|display' | sed 's/^.*…$ nvidia-smi --query-gpu=name --format=csv,noheader
Reconnaissance
b28ee6cfebdb
LOGIN
1
1
60%
Loading events...
Reconnaissance
efde2eb838e7
LOGIN
2
1
60%
Loading events...
HASSH 16443846184eafd…
SSH-2.0-Go
$ bash -c 'df -k / | tail -1 | awk "{print int(\$2/1048576)}"…$ df -k / | tail -1 | awk "{print int(\$2/1048576)}"
Reconnaissance
597430fc6328
LOGIN
1
1
60%
Loading events...
Reconnaissance
218c7a20c0da
LOGIN
1
1
60%
Loading events...
Reconnaissance
c10c90efe92f
LOGIN
1
1
60%
Loading events...
Reconnaissance
9204d3c2d6d2
LOGIN
1
1
60%
Loading events...
Reconnaissance
797e73263ecb
LOGIN
1
1
60%
Loading events...
Reconnaissance
08180aabde48
LOGIN
1
1
60%
Loading events...
Reconnaissance
ad333bd25b59
LOGIN
1
1
60%
Loading events...
Reconnaissance
559c5644afc0
LOGIN
1
1
60%
Loading events...
Reconnaissance
9fc6f6feda26
LOGIN
2
1
60%
Loading events...
HASSH 16443846184eafd…
SSH-2.0-Go
$ bash -c 'df -k / | tail -1 | awk "{print int(\$2/1048576)}"…$ df -k / | tail -1 | awk "{print int(\$2/1048576)}"
Reconnaissance
84e64834ea76
LOGIN
1
1
60%
Loading events...
Reconnaissance
047416dace5a
LOGIN
1
1
60%
Loading events...
Reconnaissance
aa98767a367a
LOGIN
2
1
60%
Loading events...
HASSH 16443846184eafd…
SSH-2.0-Go
$ bash -c 'df -k / | tail -1 | awk "{print int(\$2/1048576)}"…$ df -k / | tail -1 | awk "{print int(\$2/1048576)}"
Reconnaissance
0b426c0cdbfe
LOGIN
1
1
60%
Loading events...
Reconnaissance
9dcac88a5c43
LOGIN
1
1
60%
Loading events...
Reconnaissance
f77efa87e9cc
LOGIN
2
1
60%
Loading events...
HASSH 16443846184eafd…
SSH-2.0-Go
$ bash -c 'df -k / | tail -1 | awk "{print int(\$2/1048576)}"…$ df -k / | tail -1 | awk "{print int(\$2/1048576)}"
Reconnaissance
99a9cb7d8b9e
LOGIN
1
1
60%
Loading events...
Interactive Operator
17f65787d0c8
LOGIN
11
1
90%
Loading events...
HASSH 16443846184eafd…
SSH-2.0-Go
$ if command -v yum >/dev/null 2>&1; then echo yum; elif comm…$ if command -v yum$ then echo yum$ elif command -v apt$ then echo apt
Reconnaissance
864aabd80db6
LOGIN
1
1
60%
Loading events...
Reconnaissance
215698c74fa8
LOGIN
1
1
60%
Loading events...
Reconnaissance
637e75be67e1
LOGIN
1
1
60%
Loading events...
Reconnaissance
50450d44d06d
LOGIN
1
1
60%
Loading events...