IntrusionLabs IntrusionLabs
← Back to feed

45.194.70.249

TAGGED SUSPICIOUS how we decide →
Threat Confidence
35%
Location
🇸🇨 SC
ASN
AS135377 · UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Cloud Provider
Total Events
5
Below average by volume
Agent Count
1
First / Last Seen
2026-05-04 05:10 — 2026-05-04 05:10
Attack Types
http:scan
MITRE ATT&CK Techniques
Reconnaissance
T1595.002
Initial Access
T1190
External Corroboration
Not flagged by any external feeds
Campaigns
Subnet 45.194.70.0/24 SUBNET Active high 🇸🇨 SC
3 IPs 12 events
ftp:bruteforcehttp:scan
2026-05-04 — ongoing · 3 IPs from the same /24 subnet (45.194.70.0/24) were observed attacking our sensors within the same time window. …
Session Forensics
web_probe ×5
Sessions
5
Avg Depth Score
0.25
Commands Executed
0
Files Downloaded
0
Evidence Timeline
Web Probe ebb8791953105e70 newark_01 · 2026-05-04 05:10
25%
Loading events...
Web Probe 483d0500070f670f newark_01 · 2026-05-04 05:10
25%
Loading events...
Web Probe d49755f64845249d newark_01 · 2026-05-04 05:10
25%
Loading events...
Web Probe c939df6ef31dfb47 newark_01 · 2026-05-04 05:10
25%
Loading events...
Web Probe eef103754c6e2539 newark_01 · 2026-05-04 05:10
25%
Loading events...
Non-Session Events
Timestamp Port Proto Event Source Location
2026-05-04 05:10:20 :80 http HTTP GET request opencanary ewr
2026-05-04 05:10:20 :80 http HTTP GET request opencanary ewr
2026-05-04 05:10:19 :80 http HTTP GET request opencanary ewr
2026-05-04 05:10:18 :80 http HTTP GET request opencanary ewr
2026-05-04 05:10:18 :80 http HTTP GET request opencanary ewr