198.55.98.107 Threat Intelligence and Host Information

Jul 16, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 198.55.98.107 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

Mitre ATT&CK IDs: T1110 - Brute Force
Tags: Adbhoney, brute force, brute-force, Bruteforce, Brute-Force, cisco, cowrie, dionaea, heralding, honeytrap, LAMP, malicious, sentrypeer, sftp, sip, ssh, SSH, T-Pot, virustotal
View other sources: Spamhaus VirusTotal

Country: United States
Network:
Noticed: 16 times
Protocols Attacked: ssh
Countries Attacked: Australia

Malware Detected on Host

Count: 5 ba52d6be8ed36f539c0418a9cff30da7166be2b5620afd5a9323e60811ba802e 3ec06b04581a5ccc11d85758a2b2006e0c27a7902bf894fa9a45752f2b446fba 49e6ffca16370734ec3b02cb18a87ac4cba79541d41db67f562b8fdeecdfa800 710f92685fb9c4eae2e7f36bbd175c1a831bcc3a8fc6beea9b33f5dc0a564d91 df0eb61b97d766173fe6d228d35ca2c31ba22d0a714f6740d6ee928ed2c924be

Open Ports Detected

22 666 81

Map

Whois Information

NetRange: 198.55.96.0 - 198.55.127.255
CIDR: 198.55.96.0/19
NetName: HOSTP-7
NetHandle: NET-198-55-96-0-1
Parent: NET198 (NET-198-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS36352
Organization: HostPapa (HOSTP-7)
RegDate: 2025-01-30
Updated: 2025-05-14
Comment: Geofeed https://geofeeds.oniaas.io/geofeeds.csv
Ref: https://rdap.arin.net/registry/ip/198.55.96.0
OrgName: HostPapa
OrgId: HOSTP-7
Address: 325 Delaware Avenue
Address: Suite 300
City: Buffalo
StateProv: NY
PostalCode: 14202
Country: US
RegDate: 2016-06-06
Updated: 2024-04-26
Ref: https://rdap.arin.net/registry/entity/HOSTP-7
OrgAbuseHandle: NETAB23-ARIN
OrgAbuseName: NETABUSE
OrgAbusePhone: +1-905-315-3455
OrgAbuseEmail: net-abuse-global@hostpapa.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/NETAB23-ARIN
OrgTechHandle: NETTE9-ARIN
OrgTechName: NETTECH
OrgTechPhone: +1-905-315-3455
OrgTechEmail: net-tech-global@hostpapa.com
OrgTechRef: https://rdap.arin.net/registry/entity/NETTE9-ARIN
NetRange: 198.55.98.0 - 198.55.98.255
CIDR: 198.55.98.0/24
NetName: SITL-8
NetHandle: NET-198-55-98-0-1
Parent: HOSTP-7 (NET-198-55-96-0-1)
NetType: Reallocated
OriginAS: AS214940
Organization: Virtualine Technologies (SITL-8)
RegDate: 2025-05-12
Updated: 2025-06-12
Ref: https://rdap.arin.net/registry/ip/198.55.98.0
OrgName: Virtualine Technologies
OrgId: SITL-8
Address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
City: London
StateProv:
PostalCode: WC2H 9JQ
Country: GB
RegDate: 2024-09-05
Updated: 2024-09-11
Comment: Report your complaint:
Comment: abuse@virtualine.org
Ref: https://rdap.arin.net/registry/entity/SITL-8
OrgTechHandle: VAD36-ARIN
OrgTechName: VIRTUALINE ABUSE DEPARTMENT
OrgTechPhone: +447458164463
OrgTechEmail: abuse@virtualine.org
OrgTechRef: https://rdap.arin.net/registry/entity/VAD36-ARIN
OrgAbuseHandle: VAD36-ARIN
OrgAbuseName: VIRTUALINE ABUSE DEPARTMENT
OrgAbusePhone: +447458164463
OrgAbuseEmail: abuse@virtualine.org
OrgAbuseRef: https://rdap.arin.net/registry/entity/VAD36-ARIN

Links to attack logs

digitaloceantoronto-ssh-bruteforce-ip-list-2025-07-16

Share on: