199.195.250.45 Threat Intelligence and Host Information

Share on:
Apr 29, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force
  • Tags: Bruteforce, Nextray, SSH, Telnet, attack, brute-force, bruteforce, cowrie, cyber security, ioc, last update, login, malicious, phishing, scanner, ssh, tcp, telnet, unique count, windows server
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: et_compromised

  • Country: United States of America
  • Network: AS53667 frantech solutions
  • Noticed: 44 times
  • Protcols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 6 a6568883aa559c36aa4beb1b404556178ba85c16f3dcb0d127534be11bf6c33d ed62723ed4f57b0d0e0b864b9d7bfcf5622c9711bfd339ada23e9f15c8096019 c80d44a392d8a8619bff34097b9994e446db7df86b8cecb97e8a52e9ea55dba4 e9aed148554cf717660e8f0a2f2de64fb156be454fb9f7ac818aec79ad7741cc c6946ab8cef1cda51158c75f957192b0bdfd9f40228887fd3e586bd34b9898c8 0eb90f4eb6604642b15480dbc3095a9018740fbde53d2c4be71571d8602f75b2

Map

Whois Information

  • NetRange: 199.195.248.0 - 199.195.255.255
  • CIDR: 199.195.248.0/21
  • NetName: PONYNET-05
  • NetHandle: NET-199-195-248-0-1
  • Parent: NET199 (NET-199-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS53667
  • Organization: FranTech Solutions (SYNDI-5)
  • RegDate: 2012-06-06
  • Updated: 2012-06-06
  • Ref: https://rdap.arin.net/registry/ip/199.195.248.0
  • OrgName: FranTech Solutions
  • OrgId: SYNDI-5
  • Address: 1621 Central Ave
  • City: Cheyenne
  • StateProv: WY
  • PostalCode: 82001
  • Country: US
  • RegDate: 2010-07-21
  • Updated: 2017-01-28
  • Ref: https://rdap.arin.net/registry/entity/SYNDI-5
  • OrgAbuseHandle: FDI19-ARIN
  • OrgAbuseName: Dias, Francisco
  • OrgAbusePhone: +1-778-977-8246
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
  • OrgTechHandle: FDI19-ARIN
  • OrgTechName: Dias, Francisco
  • OrgTechPhone: +1-778-977-8246
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/FDI19-ARIN

Links to attack logs

awsau-ssh-bruteforce-ip-list-2022-02-16 awsau-ssh-bruteforce-ip-list-2022-02-17 bruteforce-ip-list-2022-02-24 awsau-ssh-bruteforce-ip-list-2022-02-20 bruteforce-ip-list-2022-02-22