IPMediumSignal 56/100
92.205.108.192
Location
GermanyStrasbourg, Hesse
ASN
AS21499
GCN SXB1
First Seen
Feb 9, 2025
Last Seen
Jun 7, 2026
Found in 23 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
56%
Signal Score
56 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryGermany
GermanyRegionStrasbourg, Hesse
ASNAS21499
OrganizationGCN SXB1
Feed Intelligence Summary
23 reports56% confidence
23
Source reports
56%
Confidence score
Category tags
abuseaccess controlaccount discoveryaccount profilingaccount takeoveractive scanactive scanningapacheapache attackeraptattackaustraliaauthenticationauthentication abuseauthentication attackauthentication bypassbad reputationbad web botblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute-forcec2 communicationcommand & controlcommand and controlcommunication protocolcompromise attemptcompromised credentialscompromised hostcompromised systemscredential accesscredential stuffingctadata exfiltrationdata store exposuredatabase securityddosddos attackdedecoy systemdenial of servicedictionary attackdistributed attackseuropeexfiltrationexploitation activityexploited hostexternal ipfinlandfrfrancefraud voipgermanyhackingidentity & access exploitationimapimap attackindicatorinitial accessinjection activityinjection attacksintrusion detectionioclateral movementlogin attacklogin brute forcemalicious activitymalicious softwaremalwaremalware distributionnetworknetwork attacksnetwork intrusionnetwork protocolnetwork securitynetwork service scanningnetwork trafficnetwork traffic analysisoceaniapassword attackpassword attackspassword sprayingphishingprocess injectionreconnaissanceremote accessresearchedscams & fraudscanscannersecurity operationssecurity policyservice scansmtpsmtp attackersshssh attackt1021t1021.004t1040t1046t1055t1059t1059.003t1059.004t1071t1071.001t1078t1078.002t1078.003t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1497t1499.001t1499.002t1499.003t1550t1550.002t1555t1555.003t1565t1567t1573t1573.001t1588t1588.002t1588.004t1589t1589.002t1595t1595.001t1595.002t1595.003tcp protocolthreat actorthreat intelligencethreat preventiontor nodevalid accountsvulnerability scanweb app attackweb application attackweb exploitation
Activity Timeline
Jun 7Jun 7
Threat ScoreMedium Risk
56
SIGNAL
Signal Score
56%
Confidence
23
Reports
First seenFeb 9, 2025
Last seenJun 7, 2026
GeolocationDE
CountryGermany
LocationStrasbourg, Hesse
ASNAS21499
OrgGCN SXB1
Coords50.1109, 8.6821
VirusTotal
Not checked
WHOIS
- description
- IPV4 hosts detected attempting to brute force SSH on private honeypot
- raw
- inetnum: 92.205.96.0 - 92.205.111.255 netname: DE-GD-EMEA-DCN country: DE admin-c: HM5126-RIPE tech-c: HM5126-RIPE status: SUB-ALLOCATED PA org: ORG-GDNB2-RIPE mnt-by: GODADDY-MNT created: 2022-08-08T23:19:06Z last-modified: 2022-08-08T23:19:06Z source: RIPE mnt-lower: MNT-HEG-MASS mnt-routes: MNT-HEG-MASS organisation: ORG-GDNB2-RIPE org-name: Go Daddy Netherlands B.V. org-type: OTHER address: H.J.E. Wenckebachweg 127 address: 1096 AM address: Amsterdam address: NETHERLANDS phone: +14805058809 fax-no: +14805058844 admin-c: JB12522-RIPE abuse-c: AR16180-RIPE mnt-ref: GODADDY-MNT mnt-ref: MNT-GDG-NL mnt-by: GODADDY-MNT created: 2019-06-03T08:36:52Z last-modified: 2019-06-04T07:31:45Z source: RIPE # Filtered role: HEG Mass address: HEG Mass address: Daimler Strasse 9-11 address: 50354 Huerth address: Germany phone: +49 2203 1045 0 admin-c: JUPP tech-c: JUPP nic-hdl: HM5126-RIPE mnt-by: MNT-HEG-MASS created: 2015-11-05T11:32:14Z last-modified: 2023-04-28T10:37:52Z source: RIPE # Filtered route: 92.205.96.0/20 origin: AS21499 mnt-by: GODADDY-MNT created: 2022-02-23T18:56:07Z last-modified: 2022-02-23T18:56:07Z source: RIPE descr: GCN SXB1
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 7 days ago
Appeared in 23 threat reports