← Back to feed
AS198584 PIO-Hosting GmbH
ASN Active mediumWhy this campaign was detected
5 IPs from the same network (PIO-Hosting GmbH, AS198584) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS198584 · PIO-Hosting GmbH
Subnet
—
Country
🇩🇪 DE
Cloud Provider
—
Member Count
5 IPs
Below average
Total Events
86
Below average by volume
Started / Ended
2026-05-03 16:10 — ongoing
Attack Types
MITRE ATT&CK Techniques
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 103.161.34.162 | credential_harvester | 48% | 1x OSINT | 20 | 2 | ssh:bruteforce | — | 2026-05-08 23:17 | evidence → |
| 195.62.32.180 | credential_probe | 41% | 1x OSINT | 28 | 2 | ssh:bruteforce | — | 2026-05-09 03:24 | evidence → |
| 195.62.32.212 | credential_probe | 39% | 1x OSINT | 12 | 2 | ssh:bruteforce | — | 2026-05-08 19:40 | evidence → |
| 194.120.230.28 | credential_probe | 34% | 24 | 2 | ssh:bruteforce | — | 2026-05-08 08:13 | evidence → | |
| 92.246.87.54 | credential_probe | 30% | 1x OSINT | 14 | 1 | ssh:bruteforce | — | 2026-05-09 02:40 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds