← Back to feed

AS53667 FranTech Solutions

ASN Active medium
Why this campaign was detected
5 IPs from the same network (FranTech Solutions, AS53667) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS53667 · FranTech Solutions
Subnet
Country
πŸ‡ΊπŸ‡Έ US
Cloud Provider
Member Count
5 IPs
Below average
Total Events
3154
Below average by volume
Started / Ended
2026-02-16 19:17 — ongoing
Attack Types
ssh:bruteforce
MITRE ATT&CK Techniques
Reconnaissance
Initial Access
Credential Access
Discovery
Command and Control
Member Actors
IP Address Behavior Confidence Flags Events Agents Attack Types Hostname Last Seen
209.141.47.217 credential_harvester 76% 1x OSINT 1614 3 ssh:bruteforce a 2026-07-13 15:23 evidence →
104.244.74.84 credential_harvester 72% 1x OSINT 1226 3 ssh:bruteforce β€” 2026-07-11 04:15 evidence →
199.195.251.168 credential_harvester 41% 90 2 ssh:bruteforce β€” 2026-07-15 22:37 evidence →
209.141.33.207 credential_harvester 33% 146 2 ssh:bruteforce β€” 2026-07-03 08:05 evidence →
199.195.252.227 reconnaissance 29% 64 1 ssh:bruteforce β€” 2026-07-11 17:26 evidence →
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds