216.21.224.199 Threat Intelligence and Host Information

Jul 03, 2025 ipinfopage

General

IP Address
216.21.224.199
IPv4 Address
Location
🇺🇸 United States
US
Network
AS19871
NETWORK-SOLUTIONS-HOSTING
Threat Score
75/100
Critical
aaaaabusecontactacceptaddressadivadministrator
Attack Intelligence
MITRE ATT&CK Techniques
T1023 - Shortcut Modification, T1045 - Software Packing, T1053 - Scheduled Task/Job, T1055 - Process Injection, T1057 - Process Discovery, T1060 - Registry Run Keys / Startup Folder, T1071.001 - Web Protocols, T1071.004 - DNS, T1071 - Application Layer Protocol, T1083 - File and Directory Discovery, T1089 - Disabling Security Tools, T1105 - Ingress Tool Transfer, T1112 - Modify Registry, T1114.002 - Remote Email Collection, T1129 - Shared Modules, T1158 - Hidden Files and Directories, T1204 - User Execution, T1210 - Exploitation of Remote Services, T1222.002 - Linux and Mac File and Directory Permissions Modification, T1553.002 - Code Signing, T1553 - Subvert Trust Controls, T1566 - Phishing, T1568.002 - Domain Generation Algorithms, T1568 - Dynamic Resolution, T1574.008 - Path Interception by Search Order Hijacking, T1583.001 - Domains, T1583.005 - Botnet, T1583 - Acquire Infrastructure, TA0002 - Execution, TA0003 - Persistence, TA0004 - Privilege Escalation, TA0005 - Defense Evasion, TA0007 - Discovery, TA0011 - Command and Control
Open Ports Detected
80
Geographic Location
Country
United States
City
Unknown
Region
Unknown
Coordinates
37.7510, -97.8220
Network Information
ASN
AS19871
Organization
NETWORK-SOLUTIONS-HOSTING
Network
AS19871 NETWORK-SOLUTIONS-HOSTING
WHOIS Information
NetRange
216.21.224.0 - 216.21.227.255
CIDR
216.21.224.0/22
NetName
RCOM-1BLK
NetHandle
NET-216-21-224-0-1
Parent
NET216 (NET-216-0-0-0-0)
NetType
Direct Allocation
OriginAS
Organization
Register.com, Inc (REG)
RegDate
1999-09-08
Updated
2024-11-25
Comment
ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
Ref
https://rdap.arin.net/registry/entity/REG
OrgName
Register.com, Inc
OrgId
REG
Address
5335 Gate Parkway
City
Jacksonville
StateProv
FL
PostalCode
32256
Country
US
OrgNOCHandle
CUSTO-ARIN
OrgNOCName
Customer Service
OrgNOCPhone
+1-800-899-9724
OrgNOCEmail
noc@web.com
OrgNOCRef
https://rdap.arin.net/registry/entity/CUSTO-ARIN

  • Country: United States
  • Network:
  • Noticed: 5 times
  • Protocols Attacked: SSH
  • Countries Attacked: Germany, Netherlands, United States of America

Malware Detected on Host

Count: 148 4d85eec1d22e1866b7b0853cdeafde0507dd0cc2b50c558be9580fa752742534 4ff29debfb949ccfe44b74d3001439f4b383b16f05b2b6cfe5a7b6d94e6abfae b5b76cad9691e2286e8f169e104ec3e778145acc8b4209f057729c968bcf973d 38978353e060c9a05f5e6843be43b16558abb5ea25af10dd9c8c2d2da8772a4a f954a88d3b37dceece3adfeac5856413b4e63fc1d333fc92dc4c96082377bda6 b358e1cd08e5cad186eb24c90e58cb9f7fd3deb7e9513fd187b8cdf04828a79c 89b85eedeb488da14d574dd70b8859d8a25f1b2a3d8b07e819967bac5c9bc00a 8a9465ea1c53d494c3b64b01645a9b938ee81a6e6c7c7a2bd0cdebdb612ccedb 166c0cb237bb10f9abb91fff0a37a2261a6c65e6360799cf97c7ea6b95d1032d 1f649ded90d30ef19ae42e1dba7e01043c316c9283e7829287b5e6220c1f4b6e

Disclaimer
This page contains threat intelligence information for the IPv4 address 216.21.224.199 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.