← Back to feed

192.42.116.12

TAGGED SUSPICIOUS how we decide →

Threat Confidence

46%

Location

🇳🇱 NL

ASN

AS215125 · Church of Cyberology

Cloud Provider

—

Total Events

Below average by volume

Agent Count

First / Last Seen

2026-05-01 22:55 — 2026-05-01 22:55

Attack Types

ssh:bruteforce

MITRE ATT&CK Techniques

Initial Access

T1078

Credential Access

T1110 T1110.001

Discovery

T1016 T1082 T1083

Command and Control

T1105

External Corroboration

Blocklist.de

Reported 2026-05-02 02:01

blocklist_de:reported

Tor Exit Nodes

Reported 2026-05-01 15:27

tor:exit_node

Campaigns

Subnet 192.42.116.0/24 SUBNET Active high 🇳🇱 NL

12 IPs 132 events

http:scanssh:bruteforce

2026-04-11 — ongoing · 12 IPs from the same /24 subnet (192.42.116.0/24) were observed attacking our sensors within the same time window. …

Session Forensics

reconnaissance ×1

Sessions

1 (1 with login)

Avg Depth Score

0.6

Commands Executed

Files Downloaded

Notable Commands

echo "cat /proc/1/mounts && ls /proc/1/; curl2" | sh
cat /proc/1/mounts && ls /proc/1/; curl2
curl2

Fingerprints

HASSH

8c917104c76e94afaacd03d2f6016935

SSH Client

SSH-2.0-Go

Evidence Timeline

Reconnaissance 873a89fad390 newark_01 · 2026-05-01 22:55

3 1 60%

Loading events...