IOC Radar
IPMediumSignal 36/100

92.118.39.212

Location
NetherlandsNetherlands
Amsterdam, North Holland
ASN
AS47890
Pptechnology Limited
First Seen
May 31, 2024
Last Seen
Jun 18, 2026
May 31
First Seen
756d ago
Jun 18
Last Seen
8d ago
28
Reports
source reports
36%
Confidence
medium
Found in 28 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
36%
Signal Score
36 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

39 techniques

Network Information

CountryNLNetherlands
RegionAmsterdam, North Holland
ASNAS47890
OrganizationPptechnology Limited

IP Category

VPN
VPN exit node

Feed Intelligence Summary

28 reports36% confidence
28
Source reports
36%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningapacheapache attackerapplication layer protocolaptattackattacker-ipauto-generated securityautomated attacksautomated multi-vector probingbad reputationbad web botblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute-forcebruteforcec2 communicationcivil servicescode executioncode injectioncode-injectioncommand & controlcommand and controlcommand executioncommunication protocolcredential accesscredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase securityddosddos attackddos attack preparationdecoy systemdenial of servicedistributed attacksdmzhostdnsdns attackdovecotencryptioneuropeexploitexploitationexploitation activityexploited hostftpgovernment technologyhackinghttp scannerhttpshungaryidentity & access exploitationimapimap attackindicatorinformation technologyinfrastructure acquisitionreconnaissanceinitial accessinitial-accessinjection activityinjection attacksintrusion detectionip-addressircit infrastructurelateral movementmailcowmalicious activitymalicious ip addressesmalwaremalware distributionmanualnetherlandsnetworknetwork probingnetwork scanningnetwork securitynetwork service scanningnetwork-attacknorth americapassword attacksphishingphishing attackport-scanprotocol exploitationpublic administrationpublic infrastructurepublic policyransomwarereconnaissanceregulatory agenciesremote accessremote servicesremote system discoveryresearchedroromaniartbhsaasscannerscripting attackssecurity policyservice scansmtpsmtp attackersocial engineeringsocradar honeypotsoftware developmentspamsql-injectionsshssh attacksystem discoveryt1018t1021t1021.001t1040t1046t1053t1055t1059t1059.003t1059.007t1071t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1499.001t1499.002t1499.003t1563t1566.001t1566.002t1566.003t1573t1587.001t1590t1590.001t1595t1595.001t1595.002t1595.003targeting databasetcp/21tcp/23telnet threatthreat actorthreat intelligencethreat intelligence feedthreat preventiontor nodetpotunited statesvoidtrapvpnvpn ipvulnerability scanvulnerability-exploitationvulnerability-scanweb app attackweb application attackweb attackweb exploitationweb scannerweb spamweb trafficweb-attack

Activity Timeline

1 total obs
Jun 18Jun 18

Threat Activity Heatmap

· Peak: 2026-06-18
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
36
SIGNAL
Signal Score
36%
Confidence
28
Reports
First seenMay 31, 2024
Last seenJun 18, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS47890
OrgPptechnology Limited
Coords52.3676, 4.9041
VPN

VirusTotal

Not checked

WHOIS

description
Brute-force source · part of 20-IP coordinated attack

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 8 days ago
Appeared in 28 threat reports