209.141.56.48 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 209.141.56.48 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Known Malicious Host 🔴 80/100

Host and Network Information

• Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force

• Tags: attack, Bruteforce, Brute-Force, cowrie, cyber security, ioc, login, malicious, Nextray, phishing, scanner, ssh, SSH, Telnet

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: blocklist_de, blocklist_de_ssh, blocklist_de_strongips, blocklist_net_ua, greensnow, haley_ssh

• Country: United States
• Network:
• Noticed: 50 times
• Protocols Attacked: SSH
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: node.yinriver.top www.xn--mes358ac7d6z2c.xyz xn–mes358ac7d6z2c.xyz status.xn–mes358ac7d6z2c.xyz v4.nuevo009.link vs.nuevo009.link

Open Ports Detected

102 1023 104 1099 110 1119 113 1177 1180 119 1207 122 1235 13 1337 135 139 1433 1450 1521 1554 1599 1604 17 1741 175 177 1800 1801 1883 1911 1926 1935 1962 1970 1976 1978 1985 2 20 2002 2003 2008 2016 2048 2068 2077 2081 2083 2085 2086 2087 21 2108 2181 2195 22 221 2222 2224 23 2323 2327 2332 2345 2375 2379 2404 2433 2455 2548 2552 2569 26 264 2761 2762 3001 3008 3011 3012 3015 3050 3054 3056 3057 3061 3065 3067 3073 3077 3079 3082 3084 3085 3090 3095 3100 3108 311 3118 3125 3126 3128 3137 314 3141 3143 3154 3175 3181 3200 3260 3299 3301 3306 3310 3333 3341 3342 3345 3388 3406 3410 343 3460 3479 3503 3524 3549 3551 3552 3563 3570 3749 3790 385 389 3910 3954 4022 4064 4080 4095 4118 4150 4155 4165 4242 4243 427 4282 43 4343 4369 443 4433 4434 444 4443 4444 4461 4506 4567 461 4643 4664 4700 4734 4782 4840 4848 487 4899 49 4911 4999 5001 5005 5006 5007 5011 502 5025 503 513 515 5201 5227 5234 5235 5238 5241 5244 5252 5254 5269 5270 5278 5357 5431 5432 5435 548 554 5555 5560 5592 5595 5601 5602 5672 5678 5721 5800 5801 5804 5858 5900 5901 5906 5909 5914 5919 5920 5985 5986 6000 6001 6002 6007 6008 6022 6050 631 632 6405 6443 6511 6633 6653 666 6664 6667 6668 6688 6799 70 7001 7004 7011 7012 7014 7015 7071 7078 7080 7171 7218 7272 7401 7415 7433 7434 7443 7548 7634 7657 7700 777 7777 789 79 7900 7989 7998 8004 8006 8007 8008 8009 8010 8012 8016 8017 8018 8027 8030 8055 8058 8059 8060 8069 8081 8085 8086 8087 8089 8090 8096 8098 8104 8108 8110 8112 8115 8123 8128 8139 8172 8181 8187 8188 8197 8200 8241 8250 8284 8291 83 8317 8319 8333 8334 8383 8388 84 8404 8422 843 8432 8440 8443 8447 8480 8482 8502 8510 8545 8554 8561 8563 8574 8584 8593 8595 8607 8649 8663 8703 8723 8728 8732 8743 8779 8784 88 8808 8817 8818 8829 8834 8853 8862 8866 8870 8871 8872 8873 8877 8880 8882 8887 8888 8889 8890 8900 8902 8905 8916 8980 8990 8999 9000 9001 9009 9012 9013 9019 9025 9041 9047 9048 9051 9063 9075 9082 9086 9090 9091 9095 9117 9125 9129 9143 9145 9147 9171 9172 9173 9179 9182 9186 9197 9199 9200 9223 9253 9283 9291 9299 9306 9307 9309 9333 9383 9393 9410 9418 9433 9454 9488 9515 9527 953 9595 9600 9800 9811 9869 9876 9898 9916 992 993 994 995 9981 9993 9997 9998 9999

Map

Whois Information

• NetRange: 209.141.32.0 - 209.141.63.255
• CIDR: 209.141.32.0/19
• NetName: PONYNET-04
• NetHandle: NET-209-141-32-0-1
• Parent: NET209 (NET-209-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS53667
• Organization: FranTech Solutions (SYNDI-5)
• RegDate: 2011-01-27
• Updated: 2012-03-25
• Ref: https://rdap.arin.net/registry/ip/209.141.32.0
• OrgName: FranTech Solutions
• OrgId: SYNDI-5
• Address: 1621 Central Ave
• City: Cheyenne
• StateProv: WY
• PostalCode: 82001
• Country: US
• RegDate: 2010-07-21
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/SYNDI-5
• OrgAbuseHandle: FDI19-ARIN
• OrgAbuseName: Dias, Francisco
• OrgAbusePhone: +1-778-977-8246
• OrgAbuseEmail: admin@frantech.ca
• OrgAbuseRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
• OrgTechHandle: FDI19-ARIN
• OrgTechName: Dias, Francisco
• OrgTechPhone: +1-778-977-8246
• OrgTechEmail: admin@frantech.ca
• OrgTechRef: https://rdap.arin.net/registry/entity/FDI19-ARIN

Links to attack logs

bruteforce-ip-list-2023-01-22 bruteforce-ip-list-2023-01-24 bruteforce-ip-list-2022-10-15 bruteforce-ip-list-2022-11-18 bruteforce-ip-list-2023-01-12 bruteforce-ip-list-2023-01-13 bruteforce-ip-list-2023-01-15 bruteforce-ip-list-2023-03-16 bruteforce-ip-list-2023-03-25 bruteforce-ip-list-2023-03-30 bruteforce-ip-list-2023-03-31 bruteforce-ip-list-2023-04-03 bruteforce-ip-list-2022-09-25 bruteforce-ip-list-2022-09-30 bruteforce-ip-list-2022-11-05 bruteforce-ip-list-2022-11-07 bruteforce-ip-list-2023-02-16 bruteforce-ip-list-2023-03-04 bruteforce-ip-list-2023-04-01 bruteforce-ip-list-2022-12-31 bruteforce-ip-list-2023-01-06 bruteforce-ip-list-2022-10-02 bruteforce-ip-list-2022-10-10 bruteforce-ip-list-2022-10-11 bruteforce-ip-list-2022-10-27 bruteforce-ip-list-2022-11-06 bruteforce-ip-list-2022-11-24 bruteforce-ip-list-2022-12-29 bruteforce-ip-list-2023-01-23 bruteforce-ip-list-2023-01-27 bruteforce-ip-list-2023-01-30 bruteforce-ip-list-2022-09-27 bruteforce-ip-list-2022-10-14 bruteforce-ip-list-2022-10-19 bruteforce-ip-list-2022-10-20 bruteforce-ip-list-2023-03-15 bruteforce-ip-list-2023-03-19 ****** ****** bruteforce-ip-list-2022-12-11 bruteforce-ip-list-2022-12-12 bruteforce-ip-list-2022-10-01 bruteforce-ip-list-2022-10-04 bruteforce-ip-list-2022-10-13 bruteforce-ip-list-2022-10-25 bruteforce-ip-list-2022-11-04 bruteforce-ip-list-2023-01-21 bruteforce-ip-list-2023-02-12 bruteforce-ip-list-2023-02-13 bruteforce-ip-list-2022-12-25 bruteforce-ip-list-2023-03-23 bruteforce-ip-list-2022-12-07 bruteforce-ip-list-2022-12-10 bruteforce-ip-list-2022-10-03 bruteforce-ip-list-2022-10-22 bruteforce-ip-list-2022-11-11 bruteforce-ip-list-2023-01-10 bruteforce-ip-list-2023-01-16 bruteforce-ip-list-2023-03-05 bruteforce-ip-list-2022-12-24 bruteforce-ip-list-2023-03-28 bruteforce-ip-list-2022-12-08 bruteforce-ip-list-2022-12-09 bruteforce-ip-list-2023-01-05 bruteforce-ip-list-2022-09-28 bruteforce-ip-list-2022-09-29 bruteforce-ip-list-2022-10-09 bruteforce-ip-list-2022-11-27 bruteforce-ip-list-2023-01-08 bruteforce-ip-list-2023-02-06 bruteforce-ip-list-2023-02-14 bruteforce-ip-list-2023-02-18 bruteforce-ip-list-2023-02-21 bruteforce-ip-list-2023-03-13 bruteforce-ip-list-2023-03-20 bruteforce-ip-list-2023-01-02 bruteforce-ip-list-2022-10-21 bruteforce-ip-list-2022-10-28 bruteforce-ip-list-2022-11-01 bruteforce-ip-list-2022-11-28 bruteforce-ip-list-2023-02-04 bruteforce-ip-list-2023-02-15 bruteforce-ip-list-2023-01-03 bruteforce-ip-list-2023-01-28 bruteforce-ip-list-2022-11-08 bruteforce-ip-list-2023-01-07 bruteforce-ip-list-2023-01-14 bruteforce-ip-list-2023-01-19 bruteforce-ip-list-2023-02-02 bruteforce-ip-list-2023-03-01 bruteforce-ip-list-2022-11-10 bruteforce-ip-list-2022-11-29 bruteforce-ip-list-2022-12-27 bruteforce-ip-list-2023-01-29 bruteforce-ip-list-2022-10-07 bruteforce-ip-list-2022-10-12 bruteforce-ip-list-2023-02-01 bruteforce-ip-list-2023-02-28 bruteforce-ip-list-2023-03-06 bruteforce-ip-list-2022-12-13 bruteforce-ip-list-2023-04-02 bruteforce-ip-list-2022-09-22 bruteforce-ip-list-2022-10-05 bruteforce-ip-list-2022-10-18 bruteforce-ip-list-2022-10-24 bruteforce-ip-list-2022-11-16 bruteforce-ip-list-2023-01-31 bruteforce-ip-list-2022-09-24 bruteforce-ip-list-2022-10-23 bruteforce-ip-list-2022-11-09 bruteforce-ip-list-2023-03-21 bruteforce-ip-list-2023-01-01 bruteforce-ip-list-2022-10-26 bruteforce-ip-list-2023-03-22 bruteforce-ip-list-2023-03-27 bruteforce-ip-list-2022-12-04 bruteforce-ip-list-2022-12-14 bruteforce-ip-list-2022-12-28 bruteforce-ip-list-2022-09-26 bruteforce-ip-list-2022-11-14 bruteforce-ip-list-2022-11-15 bruteforce-ip-list-2023-02-05 bruteforce-ip-list-2023-02-20 bruteforce-ip-list-2023-03-24 bruteforce-ip-list-2023-03-29 bruteforce-ip-list-2022-12-23 bruteforce-ip-list-2022-12-30 bruteforce-ip-list-2023-01-04 bruteforce-ip-list-2022-11-17 bruteforce-ip-list-2023-01-17 bruteforce-ip-list-2023-02-17 bruteforce-ip-list-2023-03-12 bruteforce-ip-list-2023-04-04 ****** bruteforce-ip-list-2023-01-25 bruteforce-ip-list-2023-01-26 bruteforce-ip-list-2022-09-23 bruteforce-ip-list-2022-11-03 bruteforce-ip-list-2022-11-12 bruteforce-ip-list-2022-11-13 bruteforce-ip-list-2023-01-20 bruteforce-ip-list-2023-02-03 bruteforce-ip-list-2023-02-19 bruteforce-ip-list-2023-01-11 bruteforce-ip-list-2023-03-26 bruteforce-ip-list-2022-12-05 bruteforce-ip-list-2022-10-16 bruteforce-ip-list-2022-10-17 bruteforce-ip-list-2023-01-09 bruteforce-ip-list-2023-03-07 ****** bruteforce-ip-list-2022-12-22 bruteforce-ip-list-2022-12-26 bruteforce-ip-list-2022-10-08 bruteforce-ip-list-2023-01-18 bruteforce-ip-list-2023-02-27 bruteforce-ip-list-2022-12-06 bruteforce-ip-list-2022-11-02 bruteforce-ip-list-2022-11-19 bruteforce-ip-list-2023-03-14