About this data
Information about the attacking devices is obtained through our IoT device fingerprinting scans. When an IP is then seen attacking our honeypot sensors or darknet (aka. "network telescope") systems we check it against the latest scan results for that IP and infer the device make-and-model. Please note that this assessment is not necessarily 100% accurate due to device churn and port forwarding (multiple device types responding on different ports). It may also be a device behind that device IP that is actually infected or used for attacks (NAT).