← Back to feed
Location
🇧🇪 BE / Brussels
ASN
AS396982 · Google LLC
Cloud Provider
—
Total Events
4
Below average by volume
Agent Count
3
First / Last Seen
2026-04-02 16:01 — 2026-05-11 02:39
Attack Types
MITRE ATT&CK Techniques
External Corroboration
Not flagged by any external feeds
Campaigns
Multi-Agent Scan
SCAN
Active
medium
171 IPs
65378 events
2026-05-03 — ongoing · 171 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
78 IPs
129914 events
2026-04-02 — ongoing · 78 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
174 IPs
50446 events
2026-03-19 — ongoing · 174 IPs independently targeted the same honeypot sensors within a 24-hour window. Hosted on Linode. Scanning the same …
AS396982 Google LLC
ASN
Active
medium
🇧🇪 BE
73 IPs
3632 events
ftp:bruteforcehttp:scanmysql:bruteforcessh:bruteforce
2026-02-18 — ongoing · 73 IPs from the same network (Google LLC, AS396982) were active during overlapping time periods. Temporal correlation across …
Session Forensics
Sessions
5
Avg Depth Score
0.2
Commands Executed
0
Files Downloaded
0
Evidence Timeline
FTP Probe
3846032acd77ecea
1
20%
Loading events...
MySQL Probe
03c85648ab29109b
1
20%
Loading events...
MySQL Probe
c9ddd917c943d7e0
1
20%
Loading events...
MySQL Probe
22204d4445dc6862
1
20%
Loading events...
MySQL Probe
10f46f107137531c
1
20%
Loading events...
Non-Session Events
| Timestamp | Port | Proto | Event | Source | Location |
|---|---|---|---|---|---|
| 2026-05-11 02:39:57 | :21 | ftp | FTP connection | opencanary | ewr |
| 2026-05-10 04:51:13 | :3306 | mysql | MySQL connection | opencanary | sea |
| 2026-04-28 17:21:03 | :3306 | mysql | MySQL connection | opencanary | sea |
| 2026-04-14 13:25:57 | :3306 | mysql | MySQL connection | opencanary | sea |
| 2026-04-02 16:01:34 | :3306 | mysql | MySQL connection | opencanary | sin |