IntrusionLabs IntrusionLabs
← Back to feed

66.132.195.125

TAGGED SUSPICIOUS how we decide →
Threat Confidence
33%
Location
🇺🇸 US
ASN
AS398324 · Censys, Inc.
Cloud Provider
Total Events
6
Below average by volume
Agent Count
2
First / Last Seen
2026-05-04 16:54 — 2026-05-25 14:47
Attack Types
http:scan ssh:bruteforce
MITRE ATT&CK Techniques
Reconnaissance
T1595 T1595.002
Initial Access
T1190
Credential Access
T1110 T1110.001
Discovery
T1046
External Corroboration
Not flagged by any external feeds
Campaigns
Not associated with any campaigns
Session Forensics
scanner ×1 web_probe ×2
Sessions
3
Avg Depth Score
0.22
Commands Executed
0
Files Downloaded
0
Fingerprints
HASSH
873a5fb5fedc2d4f8638ebde4abc6cfc
SSH Client
SSH-2.0-Go
Evidence Timeline
Web Probe 8f27a28976f3e821 w4m_singapore_01 · 2026-05-25 14:47
25%
Loading events...
Scanner 3116be00adea w4m_singapore_01 · 2026-05-24 11:39
15%
Loading events...
Web Probe 82ce1b33caa22651 newark_01 · 2026-05-04 16:54
25%
Loading events...
Non-Session Events
Timestamp Port Proto Event Source Location
2026-05-25 14:47:34 :80 http HTTP GET request opencanary sin
2026-05-04 16:54:48 :80 http HTTP GET request opencanary ewr