IntrusionLabs / threat intelligence

← Back to feed

66.175.213.4

Threat Confidence

47%

Location

🇺🇸 US / Cedar Knolls

ASN

AS63949 · Akamai Connected Cloud

Cloud Provider

Akamai/Linode

Total Events

11

Below average by volume

Agent Count

2

First / Last Seen

2026-03-03 04:29 — 2026-03-31 04:49

Attack Types

http:scan ssh:bruteforce

External Corroboration

DShield Top Attackers

Reported 2026-03-31 09:08

dshield:top_attacker

Campaigns

Multi-Agent Scan SCAN Active medium

113 IPs 102875 events

2026-03-05 — ongoing

Multi-Agent Scan SCAN Active medium

72 IPs 18223 events

2026-03-05 — ongoing

Multi-Agent Scan SCAN Active medium

112 IPs 99776 events

2026-03-05 — ongoing

Multi-Agent Scan SCAN Active medium

110 IPs 98211 events

2026-03-05 — ongoing

Multi-Agent Scan SCAN Active medium

113 IPs 102386 events

2026-03-05 — ongoing

Multi-Agent Scan SCAN Active medium

112 IPs 102239 events

2026-03-05 — ongoing

Multi-Agent Scan SCAN Active medium

87 IPs 25111 events

2026-03-03 — ongoing

Multi-Agent Scan SCAN Active medium

117 IPs 101021 events

2026-03-01 — ongoing

Multi-Agent Scan SCAN Active medium

119 IPs 100772 events

2026-03-01 — ongoing

Multi-Agent Scan SCAN Active medium

58 IPs 17715 events

2026-02-28 — ongoing

Multi-Agent Scan SCAN Active medium

85 IPs 24198 events

2026-02-27 — ongoing

Multi-Agent Scan SCAN Active medium

7 IPs 632 events

2026-02-22 — ongoing

Multi-Agent Scan SCAN Active medium

45 IPs 13722 events

2026-02-22 — ongoing

Session Forensics

scanner ×2 unknown ×5

Sessions

7

Avg Depth Score

0.11

Commands Executed

0

Files Downloaded

0

Fingerprints

SSH Client

{w\xec\xaeh#aH5? <\xb9<\xe2\xf0d\xe8k_n\xf1e\x8b\xear޵\xc0/\xc0+\xc0\xc0\xc0\xc0 \xc0\xc0GET / HTTP/1.1

Recent Events (last 50)

Timestamp	Port	Proto	Event	Location
2026-03-31 04:49:26	:80	http	HTTP GET request	sin
2026-03-24 18:08:11	:80	http	HTTP GET request	sea
2026-03-23 04:34:40	:80	http	HTTP GET request	sea
2026-03-22 19:52:27	:80	http	HTTP GET request	sea
2026-03-21 01:16:52	:80	http	HTTP GET request	sea
2026-03-03 04:29:12	:22	ssh	cowrie.session.closed	sin
2026-03-03 04:29:12	:22	ssh	cowrie.client.version	sin
2026-03-03 04:29:12	:22	ssh	cowrie.session.connect	sin
2026-03-03 04:29:11	:22	ssh	cowrie.session.closed	sin
2026-03-03 04:29:11	:22	ssh	cowrie.client.version	sin
2026-03-03 04:29:11	:22	ssh	cowrie.session.connect	sin