IntrusionLabs IntrusionLabs
← Back to feed

AS53667 FranTech Solutions

ASN Active medium
Why this campaign was detected
16 IPs from the same network (FranTech Solutions, AS53667) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS53667 · FranTech Solutions
Subnet
Country
πŸ‡ΊπŸ‡Έ US
Cloud Provider
Member Count
16 IPs
Below average
Total Events
5016
Below average by volume
Started / Ended
2026-02-16 19:17 — ongoing
Attack Types
ssh:bruteforce
MITRE ATT&CK Techniques
Reconnaissance
T1595 T1595.002
Initial Access
T1078
Credential Access
T1110 T1110.001
Discovery
T1016 T1046 T1082
Command and Control
T1105
Member Actors
IP Address Behavior Confidence Flags Events Agents Attack Types Hostname Last Seen
198.98.62.211 credential_harvester 72% 1x OSINT 1212 3 ssh:bruteforce contentws.icloud.com 2026-05-05 05:10 evidence →
198.98.55.71 credential_harvester 63% 1x OSINT 1136 2 ssh:bruteforce β€” 2026-05-08 14:37 evidence →
198.98.56.227 credential_harvester 63% 1x OSINT 1568 2 ssh:bruteforce mail.brycev.xyz 2026-05-08 07:37 evidence →
45.61.187.220 credential_harvester 57% 1x OSINT 791 2 ssh:bruteforce node3.anycasthub.com 2026-05-05 11:11 evidence →
198.98.60.130 credential_harvester 50% 1x OSINT 102 2 ssh:bruteforce β€” 2026-05-11 16:54 evidence →
198.98.56.215 credential_harvester 40% 40 2 ssh:bruteforce β€” 2026-05-09 16:08 evidence →
209.141.34.44 credential_probe 35% 1x OSINT 30 2 ssh:bruteforce β€” 2026-05-08 18:03 evidence →
209.141.33.207 credential_harvester 35% 34 1 ssh:bruteforce β€” 2026-05-11 20:53 evidence →
198.98.50.7 credential_harvester 34% 1x OSINT 20 1 ssh:bruteforce β€” 2026-05-09 07:08 evidence →
198.98.52.145 credential_harvester 34% 1x OSINT 14 1 ssh:bruteforce β€” 2026-05-09 13:24 evidence →
209.141.40.68 reconnaissance 33% 1x OSINT 11 1 ssh:bruteforce β€” 2026-05-06 17:58 evidence →
205.185.117.128 credential_probe 29% 12 2 ssh:bruteforce β€” 2026-05-08 21:00 evidence →
107.189.3.72 credential_harvester 28% 14 1 ssh:bruteforce β€” 2026-05-09 00:26 evidence →
199.195.248.228 credential_harvester 25% 1x OSINT 14 1 ssh:bruteforce β€” 2026-05-05 02:05 evidence →
205.185.125.209 credential_probe 25% 1x OSINT 12 1 ssh:bruteforce β€” 2026-05-08 22:11 evidence →
199.195.251.168 credential_probe 19% 6 1 ssh:bruteforce β€” 2026-05-08 21:59 evidence →
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds