198.98.57.230 Threat Intelligence and Host Information

Share on:
Apr 29, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Likely Malicious Host 🟠 60/100

Host and Network Information

  • Tags: Nextray, SSH, TOR, Telnet, VPN, anna paula, associated, attack, currc3adculo, cyber security, from email, headers, ioc, login, malicious, malspam email, msi file, phishing, probing, scanner, scanning, tuesday, utf8, webscan, webscanner bruteforce web app attack, zip archive
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: blocklist_net_ua, haley_ssh, sblam, stopforumspam_180d, stopforumspam_365d, stopforumspam_90d, tor_exits, tor_exits_1d, tor_exits_30d, tor_exits_7d

  • Country: United States of America
  • Network: AS53667 frantech solutions
  • Noticed: 50 times
  • Protcols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 10 a4a63515b6bd2562e94430e10629c0c9e69309b2281dc857628cd537909c0352 e7711425a3037a9b4a805b185c9096b2db65a523f07c8f908ab89d1da37370b7 f046b65739764aa74d38bfaf666094d45ad087b3bc6430c5a19c599b1735a54e 25837be752586ccedb7da8ab32d563a7baa799d91ca69067f0b8acc14dfc0923 eb5d9b1d6c60b8aec27b43fb1878d607242c2798fadb2c114bd343bc626b2cca f2d2ac74db5bbbb4afb1818bf345019c15a5688b574e53c5f93aa41b1df353c4 857df9f995f743358d9379eb9d8ef7848e7969ecc13394600eadbf973076d664 a7e484d7cdbcb39538cd203c269d39b15d59f1703cf73429ca67128bb66c0a00 4fa3f2617f30ba961c5a8ba15364a6b9c70882bf4f405cc868ef734bfefeed91 b472aec8c63a88f49e0efa6fbbad0c82a1c9d96551c6300b237fd92675385b86

Map

Whois Information

  • NetRange: 198.98.48.0 - 198.98.63.255
  • CIDR: 198.98.48.0/20
  • NetName: PONYNET-06
  • NetHandle: NET-198-98-48-0-1
  • Parent: NET198 (NET-198-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS53667
  • Organization: FranTech Solutions (SYNDI-5)
  • RegDate: 2012-07-05
  • Updated: 2012-07-05
  • Ref: https://rdap.arin.net/registry/ip/198.98.48.0
  • OrgName: FranTech Solutions
  • OrgId: SYNDI-5
  • Address: 1621 Central Ave
  • City: Cheyenne
  • StateProv: WY
  • PostalCode: 82001
  • Country: US
  • RegDate: 2010-07-21
  • Updated: 2017-01-28
  • Ref: https://rdap.arin.net/registry/entity/SYNDI-5
  • OrgTechHandle: FDI19-ARIN
  • OrgTechName: Dias, Francisco
  • OrgTechPhone: +1-778-977-8246
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
  • OrgAbuseHandle: FDI19-ARIN
  • OrgAbuseName: Dias, Francisco
  • OrgAbusePhone: +1-778-977-8246
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/FDI19-ARIN

Links to attack logs

aws-ssh-bruteforce-ip-list-2021-05-11