IPMediumSignal 57/100
209.141.46.83
Location
United StatesLas Vegas, Nevada
ASN
AS53667
FranTech Solutions
First Seen
Jul 27, 2024
Last Seen
Jun 11, 2026
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
57%
Signal Score
57 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionLas Vegas, Nevada
ASNAS53667
OrganizationFranTech Solutions
Feed Intelligence Summary
10 reports57% confidence
10
Source reports
57%
Confidence score
Category tags
ack scanactive scanningaddressaddress firstaerospace & defenseafricaaitm serveramos steakeramos stealerand technology sectorsanydesk moduleappendix baptapt grouparchive fileasiaatomic httpsatomic stealerautomotive manufacturingbackdoorsbankingbcttbha006blockboinc c2bootkitty iocsbotnetbrazanbamboo c2brute forcebrute_forceburnsrat cc2c2 addressc2 domainc2 httpc2 httpsc2 ipc2 ip addressc2 serverc2 serverscheat enginechinacivil servicesck codeck techniquescloud computingcloud migrationcloud securitycloud servicescloud storagecobalt strikecobalt strike frameworkcode executioncode injectioncode issuescode snippetscommand and controlcommand executioncommunication protocolcommunication technologiescompromise notecompromised systemscomputer securitycontrolcredential accesscredential harvestingcredential stuffingcredential_accesscredit card servicescthulhu stealercubacyber attackscyber espionagecyber newscyber security newscyber security updatescyber threatscyber updatesdamndarkracedatadata breachdata encryptiondata exfiltrationdatabase securitydefanged filedefencedefensedefense contractingdefense contractorsdefense evasiondefense logisticsdefense systemsdefense technologydetailsdigital signaturedistributed attacksdocument luresdonald trumpdonexdownload urldownloaderdropperduoyieldoradoelectronics manufacturingeuropeexploitationextortionfake captchafake chromefilefilesfin scanfinaldraft elffinancefinancial servicesfinancial technologyfindfingerprintfirstfirst seenfirst stagefleet managementfooterforeign affairsfrancefreight servicesftpftp brute forcefuturegh0stratghostgambitghostsocksgithubgithub usersgmergo backdoorgoogle meetgovernment agenciesgovernment technologyguidloadergunra ransomwarehacker newshacking newshasheshashes payloadhelldown linuxhidden rootkithigher educationhornshow to hackhta filehta md5hta scripthtmlhtml payloadhttp attackhttp brute forcehttp scannericonicsindicatortypeindonesiaindustrial automationindustrial iotindustrial productioninformation securityinformation technologyinfrastructure acquisitionreconnaissanceinitial accessinjection attacksinsiktinsikt groupintergovernmentaliocsiocs filesiocs hashiocs helldowniocs maliciousiocs zipips httpsipv4ipv4 addressit infrastructureivantijs downloadl fileslandinglatin americalinkslinuxlnk fileloaderlockbitlumma payloadlumma staelermalicious linksmalicious softwaremalwaremalware c2malware campaignmalware hashmalware signingmanualmanufacturing technologymarinemaritime transportmediamekotio bankingmilitary operationsmintsloader c2mitremlpeamobile carriersmobile networksmodelmoneromonitormsimsi filemulti-cloud managementna majesticna starknational securityneshtanetworknetwork intrusionnetwork ipnetwork scanningnetwork securitynetwork service scanningnetwork_reconnaissancenoopldr type1noopldr type2north americanull scanoil and gasopswat oesispalo altopalo alto networkspanelpantegana backdoorpassenger transportationpathloaderpayloadpayload hostpayload urlpayment processingpdf lurephishingphishing attackphishing urlsphobosphpsertphpsert variantpluginplugxplugx c2portspowershower c2private serverprocess injectionprocess manufacturingproof-of-conceptprotocol exploitationproxypscppsexecpublicpublic administrationpublic infrastructurepublic policypullquality controlquite solsjoasquocrail transportransomransomwarereconnaissancereconnaissance activityrecorded futurereddelta c2redditrednovemberregistry keysregulatory agenciesremcos trojanremote accessremote servicesresearchedrhadamanthys c2sample sha256samplessearchsecurity operationsseensemiconductorserver httpserversservers ipservice dllsftp attackshell commandssimilar sha256sitesitessmtp brute forcesocial engineeringsoftware developmentsoftware integritysoftware vulnerabilitysolo airfieldsouth koreasoutheast asiaspark ratsparkratsparkrat trojanssh accessssh attackstarstealc c2stealc payloadstrike c2strike loadersstrongstudio codesupply chain managementsyn scansystem disruptionsystem information discoverysystembct1005t1021t1021.001t1027t1036t1040t1041t1046t1055t1059t1059.001t1059.003t1068t1071t1071.001t1071.002t1076t1078t1083t1110t1110.002t1190t1204t1204.001t1204.002t1486t1490t1496t1499.001t1499.002t1499.003t1530t1554.001t1554.003t1563t1565t1566t1566.001t1566.002t1566.003t1569.002t1571t1583t1583.003t1587.001t1590t1590.001t1590.006t1595t1595.001t1595.002t1595.003tactictag-100tag100 cobalttaiwantcp scantelecom servicestelecommunicationstelnet threatthreat intelligencetls certificatetokentoolstradetransportation and warehousingtransportation infrastructuretransportation technologytrojanizedtrojanspytwittertype nameudp scanunauthorized access attemptunited statesurlsurls httpurls httpsv4 removalvantvbshower c2versionversion bversion cversion dversion eviewvisual studiovssadmin deletewealth managementweb securityweb trafficwindows payloadword documentxmas scanxworm campaignzimbrazip filezipmsi
Activity Timeline
Jun 11Jun 11
Threat Activity Heatmap
LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
57
SIGNAL
Signal Score
57%
Confidence
10
Reports
First seenJul 27, 2024
Last seenJun 11, 2026
GeolocationUS
CountryUnited States
LocationLas Vegas, Nevada
ASNAS53667
OrgFranTech Solutions
Coords36.1697, -115.1236
VirusTotal
Not checked
WHOIS
- description
- CC=US ASN=AS53667 PONYNET
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 day ago
Appeared in 10 threat reports