IOC Radar
IPMediumSignal 66/100

198.98.55.71

Location
United StatesUnited States
New York, New York
ASN
AS53667
FranTech Solutions
First Seen
Oct 23, 2025
Last Seen
Jun 12, 2026
Oct 23
First Seen
232d ago
Jun 12
Last Seen
today
23
Reports
source reports
66%
Confidence
medium
Found in 23 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
66%
Signal Score
66 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

57 techniques

Network Information

CountryUSUnited States
RegionNew York, New York
ASNAS53667
OrganizationFranTech Solutions

IP Category

Proxy
Proxy server
VPN
VPN exit node

Feed Intelligence Summary

23 reports66% confidence
23
Source reports
66%
Confidence score
Category tags
abuseaccess attemptsaccess controlaccount compromiseactive scanactive scanningaggressive-detectionasiaattackattack sourceattacker-ipaustraliaauthenticationauthentication abuseauthentication attackauthentication attacksauthentication attemptsauthentication brute forceauthentication failureauthentication-attemptsauthentication_attemptsauthentication_bypassauthentication_failuresautomated attackautomated attack attemptsautomated attacksautomated threatautomated-attackbad reputationbad web botblock listblocklist_allblog spambotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attacksbrute force attemptbrute force attemptsbrute-forcebrute_forcebrute_force_attemptbruteforcec2cisco devicecisco exploitation attemptcisco exploitation attemptscloud infrastructurecloud infrastructure attackcloud servicescode-injectioncommand & controlcommand and controlcommand injectioncommunication protocolcompromised credentialscompromised hostcompromised systemsconnection-resetcowriecowrie datacowrie honeypotcredential accesscredential access attemptcredential attackcredential harvestingcredential stuffingcredential-abusecredential-attackcredential-stuffingcredential_accesscredential_stuffingcredentialsdata encryptiondata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackddos mitigationdecoy systemdenial of servicedevice managementdictionary attackdigital oceandionaeadionaea honeypotdistributed attacksdnsdns attackencryptionenterprise networkingeuropeexploitexploit attemptsexploit public-facing applicationexploitation activityexploitation attemptexploited hostexport-to-otxexternal ip addressexternal remote servicesfail2ban blockfail2ban detectionfail2ban eventfail2ban triggeredfailed loginfailed login attemptsfattfrancefraud ordersfraud voipftpftp attackftp brute forceftp brute-forceftp scangb_hostedhackinghoneypot 24h activityhoneytrap honeypothttp brute forcehttp scanhttp scannerhttpsidentity & access exploitationinbound communicationindiainformation technologyinfrastructure acquisitionreconnaissanceinitial accessinjection activityinjection attacksinternet scaninternet-facingintrusion detectionintrusion preventioniot securityiot targetedipv4ipv4 addressesipv4 attacksipv4_addressit infrastructurekill-chain exploitationkill-chain reconnaissancekill-chain:exploitationkill-chain:reconnaissancelamplamp stacklateral movementlinux systemslinux-server-attacksloginlogin attacklogin attemptlogin attemptslogin failurelow-riskmail brute forcemailoney honeypotmalaysiamalicious activitymalicious sftp activitymalicious softwaremalicious ssh activitymalicious-activitymalicious-ipmalwaremalware behaviourmalware capturemalware distributionmispmultiple failed loginsnetworknetwork activitynetwork attacksnetwork communicationnetwork infrastructurenetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork scanning activitynetwork securitynetwork service scanningnetwork traffic analysisnetwork-reconnaissancenetwork_discoverynetwork_reconnaissancenetwork_service_exploitationnorth americanoticeoceaniaopen proxyopencanaryosintoutbound trafficp0fpassword attackpassword attackspassword-guessingpassword_guessingphishingphishing attackphishing trapping of deathport-scanningportscanprocess injectionprotocol exploitationprotocol-probingproxypublicly accessible infrastructureransomwareraspberry-pirdp scanreconnaissancereconnaissance attemptremote accessremote serviceremote servicesremote_accessresearchresearchedresource hijackingscams & fraudscanscannerscannersscanning activityscanning_activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer activitysentrypeer botnetserver exploitationserver securityservice discoveryservice scansftp attacksftp exploitation attemptssip brute forcesip scanningsmtpsmtp attacksmtp scansocial engineeringsocradar honeypotsoftware developmentspamsql injectionsql-injectionsshssh attackssh bruteforcessh monitoringssh scanssh-bruteswedensystem accesst-pott1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.003t1059.004t1059.007t1071t1071.001t1076t1077t1078t1078.002t1078.003t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1505.002t1550.002t1552.001t1563t1565t1566.001t1566.002t1566.003t1573t1573.001t1587.001t1588.004t1589t1589.002t1590t1590.001t1592t1595t1595.001t1595.002t1595.003ta0043 - reconnaissancetannertargeting databasetcp protocoltelecommunicationstelnettelnet scantelnet threatthreat actorthreat detectionthreat intelligencethreat preventionthreat-feedtlp:whitetor nodetpotunattributed activityunauthorized accessunauthorized loginunauthorized login attemptsunited kingdomunited statesunknown actorusvalid accountsvnc protocolvoidtrapvoidtrap-intelligencevoipvoip attackvpnvpn ipvpsvulnerability scanvultrvultr infrastructureweb app attackweb application attackweb attackweb brute forceweb exploitweb exploitationweb login attackweb spamweb trafficweb-application-attack

Activity Timeline

1 total obs
Jun 12Jun 12

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
1
Minimal
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
66
SIGNAL
Signal Score
66%
Confidence
23
Reports
First seenOct 23, 2025
Last seenJun 12, 2026
GeolocationUS
CountryUnited States
LocationNew York, New York
ASNAS53667
OrgFranTech Solutions
Coords40.6032, -74.1819
ProxyVPN

VirusTotal

Not checked

WHOIS

description
Banned by Fail2Ban [sshd]

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 7 months ago · Last seen today
Appeared in 23 threat reports