← Back to feed
AS53667 FranTech Solutions
ASN Active mediumWhy this campaign was detected
5 IPs from the same network (FranTech Solutions, AS53667) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS53667 · FranTech Solutions
Subnet
—
Country
πΊπΈ US
Cloud Provider
—
Member Count
5 IPs
Below average
Total Events
3154
Below average by volume
Started / Ended
2026-02-16 19:17 — ongoing
Attack Types
MITRE ATT&CK Techniques
Initial Access
Command and Control
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 209.141.47.217 | credential_harvester | 76% | 1x OSINT | 1614 | 3 | ssh:bruteforce | a | 2026-07-13 15:23 | evidence → |
| 104.244.74.84 | credential_harvester | 72% | 1x OSINT | 1226 | 3 | ssh:bruteforce | β | 2026-07-11 04:15 | evidence → |
| 199.195.251.168 | credential_harvester | 41% | 90 | 2 | ssh:bruteforce | β | 2026-07-15 22:37 | evidence → | |
| 209.141.33.207 | credential_harvester | 33% | 146 | 2 | ssh:bruteforce | β | 2026-07-03 08:05 | evidence → | |
| 199.195.252.227 | reconnaissance | 29% | 64 | 1 | ssh:bruteforce | β | 2026-07-11 17:26 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds