199.195.253.241 Threat Intelligence and Host Information

Share on:

Feb 28, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Host and Network Information

Tags: Malicious IP, Portscan, Telnet, blacklist, botnet, bruteforce, cowrie, fail2ban, labels, mirai, nmap, portscan, scan, sensor2, site2, tcp, telnet, tsec
View other sources: Spamhaus VirusTotal
Contained within other IP sets: haley_ssh
Country: United States of America
Network: AS53667 frantech solutions
Noticed: 34 times
Protcols Attacked: SSH
Passive DNS Results: aninakuna.com

Malware Detected on Host

Count: 3 56bd30906af00ae1251a3c2e22f9dd96d18be3832cb2298f1ee58879f060c702 358e13efee8652c537b6be0198a6bfb7760647b269e55a47fc99be13dda952ec 0034a97d40bf211ffd76f12931e86180cbee0cae280d9bcc54ddf69400912c47

Map

Whois Information

NetRange: 199.195.248.0 - 199.195.255.255
CIDR: 199.195.248.0/21
NetName: PONYNET-05
NetHandle: NET-199-195-248-0-1
Parent: NET199 (NET-199-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS53667
Organization: FranTech Solutions (SYNDI-5)
RegDate: 2012-06-06
Updated: 2012-06-06
Ref: https://rdap.arin.net/registry/ip/199.195.248.0
OrgName: FranTech Solutions
OrgId: SYNDI-5
Address: 1621 Central Ave
City: Cheyenne
StateProv: WY
PostalCode: 82001
Country: US
RegDate: 2010-07-21
Updated: 2017-01-28
Ref: https://rdap.arin.net/registry/entity/SYNDI-5
OrgTechHandle: FDI19-ARIN
OrgTechName: Dias, Francisco
OrgTechPhone: +1-778-977-8246
OrgTechEmail: [email protected]
OrgTechRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
OrgAbuseHandle: FDI19-ARIN
OrgAbuseName: Dias, Francisco
OrgAbusePhone: +1-778-977-8246
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://rdap.arin.net/registry/entity/FDI19-ARIN

Links to attack logs

ntp-bruteforce-ip-list-2022-07-11 ntp-bruteforce-ip-list-2022-07-15