← Back to feed

91.92.40.10

TAGGED MALICIOUS how we decide →

Threat Confidence

59%

Location

🇳🇱 NL / Eygelshoven

ASN

AS197170 · TechTies Inc.

Cloud Provider

—

Total Events

259

Above average by volume

Agent Count

First / Last Seen

2026-06-21 09:44 — 2026-06-21 10:32

Attack Types

ssh:bruteforce

MITRE ATT&CK Techniques

Reconnaissance

T1595 T1595.002

Initial Access

T1078

Execution

T1059.004

Credential Access

T1110 T1110.001

Discovery

T1046 T1082 T1083

External Corroboration

Blocklist.de

Reported 2026-06-21 12:03

blocklist_de:reported

DShield Top Attackers

Reported 2026-06-21 12:01

dshield:top_attacker

Campaigns

Subnet 91.92.40.0/24 SUBNET Active high 🇳🇱 NL

16 IPs 17041 events

ftp:bruteforcessh:bruteforce

2026-06-10 — ongoing · 16 IPs from the same /24 subnet (91.92.40.0/24) were observed attacking our sensors within the same time window. …

Session Forensics

scanner ×1 credential_probe ×1 interactive_operator ×21

Sessions

23 (21 with login)

Avg Depth Score

0.84

Commands Executed

105

Files Downloaded

Notable Commands

export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH; uname=$(uname -s -v -n -m 2>/dev/null); arch=$(uname -m 2>/dev/null); uptime=$(cat /proc/uptime 2>/dev/null | cut -d. -f1); cpus=$( (nproc 2>/dev/null || /usr/bin/nproc 2>/dev/null || grep -c "^processor" /proc/cpuinfo 2>/dev/null) | head -1); cpu_model=$( (grep -m1 -E "model name|Hardware" /proc/cpuinfo | cut -d: -f2- | sed 's/^ *//;s/ *$//' ; lscpu 2>/dev/null | awk -F: '/Model name/ {gsub(/^ +| +$/,"",$2); print $2; exit}' ; dmidecode -s processor-version 2>/dev/null | head -n1 ; uname -p 2>/dev/null) | awk 'NF{print; exit}' ); gpu_info=$( (lspci 2>/dev/null | grep -i vga; lspci 2>/dev/null | grep -i nvidia) 2>/dev/null | head -n50); cat_help=$( (cat --help 2>&1 | tr '\n' ' ') || cat --help 2>&1); ls_help=$( (ls --help 2>&1 | tr '\n' ' ') || ls --help 2>&1); last_output=$(last 2>/dev/null | head -n 10); echo "UNAME:$uname"; echo "ARCH:$arch"; echo "UPTIME:$uptime"; echo "CPUS:$cpus"; echo "CPU_MODEL:$cpu_model"; echo "GPU:$gpu_info"; echo "CAT_HELP:$cat_help"; echo "LS_HELP:$ls_help"; echo "LAST:$last_output"
uname -s -v -n -m 2 > /dev/null
uname -m 2 > /dev/null
cat /proc/uptime 2 > /dev/null | cut -d. -f1
cut -d. -f1

Fingerprints

HASSH

2ec37a7cc8daf20b10e1ad6221061ca5

SSH Client

SSH-2.0-Go

Evidence Timeline

Interactive Operator 81bc93cf7027 w4m_seattle_01 · 2026-06-21 10:32

5 1 90%

Loading events...

Interactive Operator 749590a44f90 w4m_seattle_01 · 2026-06-21 10:30

5 1 90%

Loading events...

Interactive Operator f09c2e05f66e w4m_seattle_01 · 2026-06-21 10:28

5 1 90%

Loading events...

Interactive Operator b48688c5c283 w4m_seattle_01 · 2026-06-21 10:27

5 1 90%

Loading events...

Interactive Operator 5d1707f46bc8 w4m_seattle_01 · 2026-06-21 10:25

5 1 90%

Loading events...

Interactive Operator 5f13521e315d w4m_seattle_01 · 2026-06-21 10:23

5 1 90%

Loading events...

Interactive Operator 907a1d175fca w4m_seattle_01 · 2026-06-21 10:21

5 1 90%

Loading events...

Interactive Operator 03863ca5b04c w4m_seattle_01 · 2026-06-21 10:20

5 1 90%

Loading events...

Interactive Operator 2625853b43f9 w4m_seattle_01 · 2026-06-21 10:18

5 1 90%

Loading events...

Interactive Operator b40e9f83614a w4m_seattle_01 · 2026-06-21 10:16

5 1 90%

Loading events...

Interactive Operator 03d22cf5b0e8 w4m_seattle_01 · 2026-06-21 10:14

5 1 90%

Loading events...

Interactive Operator 8e011343177b w4m_seattle_01 · 2026-06-21 10:12

5 1 90%

Loading events...

Interactive Operator 7c89432a1cfa w4m_seattle_01 · 2026-06-21 10:10

5 1 90%

Loading events...

Interactive Operator 3afe6e4e6346 w4m_seattle_01 · 2026-06-21 10:08

5 1 90%

Loading events...

Interactive Operator b5872b975a91 w4m_seattle_01 · 2026-06-21 10:06

5 1 90%

Loading events...

Interactive Operator 29d0de437f5e w4m_seattle_01 · 2026-06-21 10:04

5 1 90%

Loading events...

Credential Probe 1a8bc872c642 w4m_seattle_01 · 2026-06-21 10:03

1 20%

Loading events...

Interactive Operator c93f0946c149 w4m_seattle_01 · 2026-06-21 10:01

5 1 90%

Loading events...

Interactive Operator fc4a1670d2b4 w4m_seattle_01 · 2026-06-21 09:59

5 1 90%

Loading events...

Interactive Operator 4aeb6458c4dc w4m_seattle_01 · 2026-06-21 09:57

5 1 90%

Loading events...

Interactive Operator e71409a2d2e4 w4m_seattle_01 · 2026-06-21 09:55

5 1 90%

Loading events...

Interactive Operator e81daee6476f w4m_seattle_01 · 2026-06-21 09:53

5 1 90%

Loading events...

Scanner 00f0cad2dd4a w4m_seattle_01 · 2026-06-21 09:44

15%

Loading events...