27.79.3.35
Location
🇻🇳 VN / Da Nang
ASN
AS7552 · Viettel Group
Cloud Provider
—
Total Events
194
Above average by volume
Agent Count
2
First / Last Seen
2026-04-04 17:34 — 2026-04-04 20:32
Attack Types
External Corroboration
Blocklist.de
blocklist_de:reported
Campaigns
Multi-Agent Scan
SCAN
Active
medium
96 IPs
175299 events
2026-02-27 — ongoing · 96 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
87 IPs
164455 events
2026-02-27 — ongoing · 87 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
91 IPs
165840 events
2026-02-27 — ongoing · 91 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
93 IPs
166550 events
2026-02-27 — ongoing · 93 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
95 IPs
167044 events
2026-02-27 — ongoing · 95 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
42 IPs
7539 events
2026-02-23 — ongoing · 42 IPs independently targeted the same honeypot sensors within a 24-hour window. Hosted on Linode. Scanning the same …
Multi-Agent Scan
SCAN
Active
medium
43 IPs
65660 events
2026-02-22 — ongoing · 43 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
AS7552 Viettel Group
ASN
Active
medium
🇻🇳 VN
24 IPs
3829 events
ssh:bruteforce
2026-02-16 — ongoing · 24 IPs from the same network (Viettel Group, AS7552) were active during overlapping time periods. Temporal correlation across …
Session Forensics
Sessions
37 (6 with login)
Avg Depth Score
0.39
Commands Executed
0
Files Downloaded
0
Fingerprints
HASSH
SSH Client
Recent Events (last 50)
| Timestamp | Port | Proto | Event | Location |
|---|---|---|---|---|
| 2026-04-04 20:32:27 | :22 | ssh | cowrie.session.closed | sea |
| 2026-04-04 20:32:26 | :22 | ssh | cowrie.login.failed | sea |
| 2026-04-04 20:32:24 | :22 | ssh | cowrie.client.kex | sea |
| 2026-04-04 20:32:24 | :22 | ssh | cowrie.client.version | sea |
| 2026-04-04 20:32:24 | :22 | ssh | cowrie.session.connect | sea |
| 2026-04-04 20:00:29 | :22 | ssh | cowrie.session.closed | sea |
| 2026-04-04 20:00:28 | :80 | ssh | cowrie.direct-tcpip.data | sea |
| 2026-04-04 20:00:28 | :80 | ssh | cowrie.direct-tcpip.ja4h | sea |
| 2026-04-04 20:00:28 | :80 | ssh | cowrie.direct-tcpip.request | sea |
| 2026-04-04 20:00:27 | :22 | ssh | cowrie.login.success | sea |
| 2026-04-04 20:00:26 | :22 | ssh | cowrie.client.kex | sea |
| 2026-04-04 20:00:26 | :22 | ssh | cowrie.client.version | sea |
| 2026-04-04 20:00:26 | :22 | ssh | cowrie.session.connect | sea |
| 2026-04-04 19:57:06 | :22 | ssh | cowrie.session.closed | sea |
| 2026-04-04 19:57:05 | :22 | ssh | cowrie.login.failed | sea |
| 2026-04-04 19:57:03 | :22 | ssh | cowrie.client.kex | sea |
| 2026-04-04 19:57:03 | :22 | ssh | cowrie.client.version | sea |
| 2026-04-04 19:57:03 | :22 | ssh | cowrie.session.connect | sea |
| 2026-04-04 19:51:07 | :22 | ssh | cowrie.session.closed | sea |
| 2026-04-04 19:51:06 | :22 | ssh | cowrie.login.failed | sea |
| 2026-04-04 19:51:05 | :22 | ssh | cowrie.client.kex | sea |
| 2026-04-04 19:51:05 | :22 | ssh | cowrie.client.version | sea |
| 2026-04-04 19:51:05 | :22 | ssh | cowrie.session.connect | sea |
| 2026-04-04 19:44:36 | :22 | ssh | cowrie.session.closed | sea |
| 2026-04-04 19:44:34 | :22 | ssh | cowrie.login.failed | sea |
| 2026-04-04 19:44:28 | :22 | ssh | cowrie.client.kex | sea |
| 2026-04-04 19:44:28 | :22 | ssh | cowrie.client.version | sea |
| 2026-04-04 19:44:28 | :22 | ssh | cowrie.session.connect | sea |
| 2026-04-04 19:38:21 | :22 | ssh | cowrie.session.closed | sea |
| 2026-04-04 19:38:20 | :22 | ssh | cowrie.login.failed | sea |
| 2026-04-04 19:38:19 | :22 | ssh | cowrie.client.kex | sea |
| 2026-04-04 19:38:19 | :22 | ssh | cowrie.client.version | sea |
| 2026-04-04 19:38:19 | :22 | ssh | cowrie.session.connect | sea |
| 2026-04-04 18:14:18 | :22 | ssh | cowrie.session.closed | sin |
| 2026-04-04 18:14:17 | :22 | ssh | cowrie.login.failed | sin |
| 2026-04-04 18:14:17 | :22 | ssh | cowrie.client.kex | sin |
| 2026-04-04 18:14:17 | :22 | ssh | cowrie.client.version | sin |
| 2026-04-04 18:14:17 | :22 | ssh | cowrie.session.connect | sin |
| 2026-04-04 18:13:54 | :22 | ssh | cowrie.session.closed | sin |
| 2026-04-04 18:13:53 | :22 | ssh | cowrie.login.failed | sin |
| 2026-04-04 18:13:53 | :22 | ssh | cowrie.client.kex | sin |
| 2026-04-04 18:13:52 | :22 | ssh | cowrie.client.version | sin |
| 2026-04-04 18:13:52 | :22 | ssh | cowrie.session.connect | sin |
| 2026-04-04 18:13:13 | :22 | ssh | cowrie.session.closed | sin |
| 2026-04-04 18:12:22 | :22 | ssh | cowrie.client.kex | sin |
| 2026-04-04 18:12:22 | :22 | ssh | cowrie.client.version | sin |
| 2026-04-04 18:12:22 | :22 | ssh | cowrie.session.connect | sin |
| 2026-04-04 18:10:59 | :22 | ssh | cowrie.session.closed | sin |
| 2026-04-04 18:08:59 | :22 | ssh | cowrie.client.version | sin |
| 2026-04-04 18:08:59 | :22 | ssh | cowrie.session.connect | sin |