198.98.55.127 Threat Intelligence and Host Information

Share on:

May 31, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 198.98.55.127 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

Tags: cyber security, ioc, malicious, Nextray, phishing
View other sources: Spamhaus VirusTotal
Country: United States
Network:
Noticed: 29 times
Protocols Attacked: ntp
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
Passive DNS Results: nc.mahodou.moe frens.mahodou.moe mahodou.moe www.mahodou.moe

Open Ports Detected

10000 10001 10005 10007 10011 10018 10019 10020 10023 10029 10030 10033 10038 10041 10044 10047 10049 10052 10065 10075 10080 10082 10087 10089 10093 10100 10123 10134 10180 10201 10210 10243 10249 10250 10251 10256 10302 10397 10399 10443 10445 10477 10554 10810 10909 10911 10935 10943 11000 11007 11027 11110 11112 11184 11210 11211 11288 11300 11371 11401 11434 11443 11680 11920 12000 12056 12082 12084 12101 12103 12104 12107 12110 12112 12118 12120 12122 12123 12127 12128 12129 12136 12140 12141 12146 12148 12149 12152 12160 12161 12167 12173 12174 12183 12192 12193 12194 12203 12207 12212 12219 12221 12222 12224 12225 12228 12229 12234 12240 12247 12259 12262 12263 12270 12278 12279 12282 12285 12287 12288 12289 12290 12291 12301 12302 12303 12308 12312 12320 12323 12328 12331 12332 12334 12335 12340 12345 12347 12348 12349 12350 12352 12365 12370 12372 12379 12388 12397 12401 12402 12403 12405 12412 12415 12416 12421 12424 12426 12427 12428 12429 12434 12437 12440 12448 12449 12450 12452 12455 12457 12458 12459 12466 12471 12473 12474 12480 12481 12488 12496 12498 12499 12511 12515 12516 12525 12527 12538 12539 12542 12543 12548 12550 12553 12554 12570 12573 12576 12581 12582 12584 12588 13082 13084 13443 13579 14084 14147 14182 14265 14344 14402 14407 14524 14825 14873 14875 14895 14901 15002 15018 15038 15044 15084 16005 16008 16010 16018 16019 16025 16026 16028 16029 16030 16032 16035 16037 16041 16044 16046 16049 16050 16052 16058 16059 16060 16066 16067 16069 16073 16075 16077 16083 16086 16088 16089 16092 16093 16095 16102 16104 16316 16601 16992 16993 17000 17001 17020 17084 17443 17772 17773 17777 17780 18000 18001 18003 18004 18009 18010 18015 18020 18021 18027 18032 18035 18037 18042 18045 18047 18049 18052 18056 18058 18061 18062 18070 18075 18076 18081 18093 18102 18106 18112 18182 18239 18245 18264 18556 18802 18888 19000 19016 19017 19071 19082 19200 20000 20001 20018 20030 20070 20084 20090 20107 20121 20182 20185 20200 20208 20256 20325 20440 20443 20512 20547 20800 20880 20892 20894 20900 21025 21082 21083 21084 21200 21233 21242 21243 21247 21248 21251 21252 21255 21256 21257 21260 21264 21272 21275 21278 21282 21288 21292 21294 21295 21306 21307 21308 21311 21312 21316 21319 21323 21325 21327 21357 21379 21500 21935 22 22000 22084 22103 22107 22556 22705 23023 23082 23128 23424 24082 24808 25004 25006 25007 25010 25084 25105 25565 25952 27015 27017 27105 28001 28015 28017 28080 29799 30002

Map

Whois Information

NetRange: 198.98.48.0 - 198.98.63.255
CIDR: 198.98.48.0/20
NetName: PONYNET-06
NetHandle: NET-198-98-48-0-1
Parent: NET198 (NET-198-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS53667
Organization: FranTech Solutions (SYNDI-5)
RegDate: 2012-07-05
Updated: 2012-07-05
Ref: https://rdap.arin.net/registry/ip/198.98.48.0
OrgName: FranTech Solutions
OrgId: SYNDI-5
Address: 1621 Central Ave
City: Cheyenne
StateProv: WY
PostalCode: 82001
Country: US
RegDate: 2010-07-21
Updated: 2024-11-25
Ref: https://rdap.arin.net/registry/entity/SYNDI-5
OrgTechHandle: FDI19-ARIN
OrgTechName: Dias, Francisco
OrgTechPhone: +1-778-977-8246
OrgTechEmail: admin@frantech.ca
OrgTechRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
OrgAbuseHandle: FDI19-ARIN
OrgAbuseName: Dias, Francisco
OrgAbusePhone: +1-778-977-8246
OrgAbuseEmail: admin@frantech.ca
OrgAbuseRef: https://rdap.arin.net/registry/entity/FDI19-ARIN

Links to attack logs