← Back to feed
Location
🇩🇪 DE
ASN
AS33984 · Surfplanet GmbH
Cloud Provider
—
Total Events
34
Average by volume
Agent Count
2
First / Last Seen
2026-05-08 13:18 — 2026-06-05 04:42
Attack Types
MITRE ATT&CK Techniques
External Corroboration
Not flagged by any external feeds
Campaigns
Multi-Agent Scan
SCAN
Active
medium
9 IPs
1344 events
2026-05-08 — ongoing · 9 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
216 IPs
249292 events
2026-05-05 — ongoing · 216 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Subnet 78.111.67.0/24
SUBNET
Active
high
🇩🇪 DE
7 IPs
2382 events
ssh:bruteforce
2026-05-03 — ongoing · 7 IPs from the same /24 subnet (78.111.67.0/24) were observed attacking our sensors within the same time window. …
Multi-Agent Scan
SCAN
Active
medium
4 IPs
309 events
2026-05-02 — ongoing · 4 IPs independently targeted the same honeypot sensors within a 24-hour window. Hosted on Vultr. Scanning the same …
HASSH 14b2ddda386a… — SSH-2.0-libssh2_1.11.0 (358 IPs, 41 countries)
HASSH
Active
high
🇺🇸 US
358 IPs
85869 events
ssh:bruteforce
2026-04-22 — ongoing · 358 IPs are running an identical SSH client (HASSH fingerprint 14b2ddda386a…). Top network: HostPapa (AS36352). Geographic and ASN …
Multi-Agent Scan
SCAN
Active
medium
3 IPs
445 events
2026-04-08 — ongoing · 3 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
250 IPs
280405 events
2026-03-19 — ongoing · 250 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
241 IPs
283586 events
2026-03-19 — ongoing · 241 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
28 IPs
4438 events
2026-03-03 — ongoing · 28 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
8 IPs
1979 events
2026-03-03 — ongoing · 8 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
22 IPs
3466 events
2026-03-03 — ongoing · 22 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
19 IPs
1948 events
2026-03-03 — ongoing · 19 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
30 IPs
6209 events
2026-03-03 — ongoing · 30 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
219 IPs
249925 events
2026-03-03 — ongoing · 219 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
16 IPs
2646 events
2026-02-24 — ongoing · 16 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
7 IPs
1320 events
2026-02-24 — ongoing · 7 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Session Forensics
Sessions
4
Avg Depth Score
0.35
Commands Executed
0
Files Downloaded
0
Fingerprints
HASSH
SSH Client
Evidence Timeline
Credential Harvester
cfc99d279336
5
40%
Loading events...
HASSH 14b2ddda386a4d1…
SSH-2.0-libssh2_1.11.0
Credential Harvester
9b8acd55dd86
5
40%
Loading events...
HASSH 14b2ddda386a4d1…
SSH-2.0-libssh2_1.11.0
Credential Harvester
f0e3ea9ffabb
5
40%
Loading events...
HASSH 14b2ddda386a4d1…
SSH-2.0-libssh2_1.11.0