IPMediumSignal 58/100

`185.199.94.188`

Location

Canada

Toronto, Ontario

ASN

AS30456

Gameserverkings

First Seen

Mar 18, 2026

Last Seen

Jun 16, 2026

Mar 18

First Seen

101d ago

Jun 16

Last Seen

11d ago

Reports

source reports

58%

Confidence

medium

Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

58%

Signal Score

58 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

20 techniques

Network Information

Country

Canada

RegionToronto, Ontario

ASNAS30456

OrganizationGameserverkings

Feed Intelligence Summary

6 reports58% confidence

Source reports

58%

Confidence score

Category tags

access controlactive scanactive scanningaptautomated attack activitybotnetbotnet activitybrute forcebrute force attackbrute-forcecanadacommand and controlcommunication protocolcowriecredential accesscredential stuffingdistributed attackseuropeexploitation activityftphackinghttp scanneridentity & access exploitationindicatormalwarenetherlandsnetworknetwork securitynlnorth americapassword attacksprotocol exploitationreconnaissanceremote accessremote servicesresearchresearchedscannerscanning activitysecurity operationssecurity policysmtpssh attackssh-brutet1021.001t1040t1046t1071t1071.001t1076t1078t1090t1110.001t1110.002t1110.003t1110.004t1190t1496t1499.002t1499.003t1563t1595.001t1595.002t1595.003telnet threatthreat actorthreat intelligencethreat preventiontor nodeunited statesweb traffic

Activity Timeline

1 total obs

Jun 16Jun 16

Threat Activity Heatmap

· Peak: 2026-06-16

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Threat ScoreMedium Risk

SIGNAL

Signal Score

58%

Confidence

Reports

First seenMar 18, 2026

Last seenJun 16, 2026

GeolocationCA

CountryCanada

LocationToronto, Ontario

ASNAS30456

OrgGameserverkings

Coords43.6532, -79.3832

VirusTotal

Not checked

WHOIS

description: Auto-submitted attacker IPs from 6-region honeypot mesh (cowrie/dionaea/heralding/suricata).

`185.199.94.188`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey