← Back to feed
AS4134 Chinanet
ASN Active mediumWhy this campaign was detected
61 IPs from the same network (Chinanet, AS4134) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS4134 · Chinanet
Subnet
—
Country
🇨🇳 CN
Cloud Provider
—
Member Count
61 IPs
Average
Total Events
6583
Below average by volume
Started / Ended
2026-02-18 18:12 — ongoing
Attack Types
MITRE ATT&CK Techniques
Initial Access
Command and Control
Exfiltration
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 121.14.34.219 | credential_harvester | 77% | 1x OSINT | 134 | 3 | ssh:bruteforce | — | 2026-07-15 22:11 | evidence → |
| 180.106.83.59 | scanner | 65% | 1x OSINT | 91 | 2 | ssh:bruteforce | — | 2026-07-17 19:50 | evidence → |
| 58.221.60.25 | scanner | 65% | 1x OSINT | 175 | 2 | ssh:bruteforce | — | 2026-07-17 02:49 | evidence → |
| 121.227.152.250 | credential_harvester | 64% | 1x OSINT | 339 | 2 | ssh:bruteforce | — | 2026-07-15 20:22 | evidence → |
| 58.210.182.18 | scanner | 63% | 1x OSINT | 47 | 3 | ssh:bruteforce | — | 2026-07-14 13:58 | evidence → |
| 14.116.189.74 | scanner | 61% | 1x OSINT | 452 | 2 | ssh:bruteforce | — | 2026-07-14 04:17 | evidence → |
| 121.227.152.171 | scanner | 61% | 1x OSINT | 198 | 2 | ssh:bruteforce | — | 2026-07-14 17:49 | evidence → |
| 121.229.25.10 | scanner | 59% | 106 | 2 | ssh:bruteforce | — | 2026-07-17 07:08 | evidence → | |
| 117.62.22.127 | scanner | 56% | 1x OSINT | 311 | 2 | ssh:bruteforce | — | 2026-07-11 19:42 | evidence → |
| 221.229.218.50 | scanner | 55% | 264 | 2 | ssh:bruteforce | — | 2026-07-14 05:50 | evidence → | |
| 49.64.169.153 | credential_harvester | 53% | 933 | 2 | ssh:bruteforce | — | 2026-07-11 17:18 | evidence → | |
| 27.128.240.75 | scanner | 52% | 71 | 2 | ssh:bruteforce | — | 2026-07-13 19:34 | evidence → | |
| 118.182.166.128 | data_exfiltrator | 50% | 15 | 2 | ssh:bruteforce | — | 2026-07-15 02:55 | evidence → | |
| 222.91.124.34 | data_exfiltrator | 49% | 12 | 2 | ssh:bruteforce | — | 2026-07-15 05:43 | evidence → | |
| 106.44.6.214 | malware_dropper | 49% | 53 | 1 | ssh:bruteforce | — | 2026-07-16 05:01 | evidence → | |
| 180.101.149.231 | scanner | 47% | 24 | 2 | ssh:bruteforce | — | 2026-07-17 05:09 | evidence → | |
| 183.6.142.31 | opportunistic_bruter | 45% | 240 | 2 | ssh:bruteforce | — | 2026-07-15 16:27 | evidence → | |
| 122.226.145.190 | opportunistic_bruter | 45% | 200 | 2 | ssh:bruteforce | — | 2026-07-15 16:17 | evidence → | |
| 222.174.17.118 | opportunistic_bruter | 44% | 119 | 2 | ssh:bruteforce | — | 2026-07-15 16:39 | evidence → | |
| 58.42.84.13 | opportunistic_bruter | 44% | 120 | 2 | ssh:bruteforce | — | 2026-07-15 16:04 | evidence → | |
| 175.4.130.152 | opportunistic_bruter | 44% | 95 | 2 | ssh:bruteforce | — | 2026-07-15 16:00 | evidence → | |
| 124.117.228.98 | reconnaissance | 43% | 24 | 2 | ssh:bruteforce | — | 2026-07-15 05:10 | evidence → | |
| 182.45.197.14 | opportunistic_bruter | 42% | 50 | 2 | ssh:bruteforce | — | 2026-07-15 07:12 | evidence → | |
| 222.223.177.118 | scanner | 42% | 20 | 2 | ssh:bruteforce | — | 2026-07-14 16:59 | evidence → | |
| 183.129.148.70 | ftp_bruter | 42% | 1x OSINT | 1858 | 2 | ftp:bruteforce | — | 2026-07-13 20:34 | evidence → |
| 115.236.186.134 | opportunistic_bruter | 41% | 39 | 2 | ssh:bruteforce | — | 2026-07-15 06:10 | evidence → | |
| 14.153.216.74 | opportunistic_bruter | 41% | 30 | 2 | ssh:bruteforce | — | 2026-07-15 11:35 | evidence → | |
| 60.174.205.133 | malware_dropper | 41% | 1x OSINT | 13 | 1 | ssh:bruteforce | — | 2026-07-11 09:16 | evidence → |
| 106.81.33.108 | opportunistic_bruter | 40% | 60 | 2 | ssh:bruteforce | — | 2026-07-14 07:26 | evidence → | |
| 182.37.52.234 | opportunistic_bruter | 40% | 60 | 2 | ssh:bruteforce | — | 2026-07-14 06:57 | evidence → | |
| 218.13.43.88 | opportunistic_bruter | 40% | 20 | 2 | ssh:bruteforce | — | 2026-07-15 02:14 | evidence → | |
| 61.174.209.6 | opportunistic_bruter | 39% | 20 | 2 | ssh:bruteforce | — | 2026-07-14 17:24 | evidence → | |
| 125.93.252.89 | reconnaissance | 39% | 1x OSINT | 19 | 1 | ssh:bruteforce | — | 2026-07-15 14:53 | evidence → |
| 27.17.30.150 | reconnaissance | 36% | 1x OSINT | 8 | 1 | ssh:bruteforce | — | 2026-07-14 17:41 | evidence → |
| 222.173.95.86 | scanner | 33% | 51 | 2 | ssh:bruteforce | — | 2026-07-15 03:17 | evidence → | |
| 60.190.17.170 | scanner | 32% | 20 | 2 | ssh:bruteforce | — | 2026-07-15 17:28 | evidence → | |
| 114.220.238.21 | reconnaissance | 32% | 13 | 1 | ssh:bruteforce | — | 2026-07-14 19:16 | evidence → | |
| 183.144.224.117 | opportunistic_bruter | 32% | 20 | 1 | ssh:bruteforce | — | 2026-07-15 11:02 | evidence → | |
| 58.56.204.118 | scanner | 32% | 10 | 2 | ssh:bruteforce | — | 2026-07-15 21:44 | evidence → | |
| 14.29.215.35 | scanner | 32% | 12 | 2 | ssh:bruteforce | — | 2026-07-15 17:28 | evidence → | |
| 60.190.30.154 | scanner | 31% | 16 | 2 | ssh:bruteforce | — | 2026-07-15 08:43 | evidence → | |
| 222.215.99.88 | opportunistic_bruter | 31% | 10 | 1 | ssh:bruteforce | — | 2026-07-15 16:23 | evidence → | |
| 221.234.36.123 | reconnaissance | 31% | 1x OSINT | 8 | 1 | ssh:bruteforce | — | 2026-07-11 20:13 | evidence → |
| 114.217.10.60 | credential_probe | 31% | 1x OSINT | 46 | 2 | ssh:bruteforce | — | 2026-07-12 02:48 | evidence → |
| 220.176.247.166 | opportunistic_bruter | 31% | 20 | 1 | ssh:bruteforce | — | 2026-07-14 20:49 | evidence → | |
| 222.186.57.88 | scanner | 31% | 12 | 2 | ssh:bruteforce | — | 2026-07-15 03:59 | evidence → | |
| 222.74.219.131 | scanner | 30% | 16 | 2 | ssh:bruteforce | — | 2026-07-14 19:43 | evidence → | |
| 117.62.245.177 | opportunistic_bruter | 29% | 20 | 1 | ssh:bruteforce | — | 2026-07-14 06:47 | evidence → | |
| 14.29.248.43 | scanner | 29% | 1x OSINT | 7 | 1 | ssh:bruteforce | — | 2026-07-17 03:02 | evidence → |
| 171.15.52.193 | scanner | 29% | 1x OSINT | 4 | 1 | ssh:bruteforce | — | 2026-07-16 12:05 | evidence → |
| 60.170.122.58 | opportunistic_bruter | 28% | 10 | 1 | ssh:bruteforce | — | 2026-07-14 07:20 | evidence → | |
| 144.123.118.22 | opportunistic_bruter | 28% | 10 | 1 | ssh:bruteforce | — | 2026-07-13 22:27 | evidence → | |
| 121.229.9.97 | scanner | 26% | 1x OSINT | 28 | 1 | ssh:bruteforce | — | 2026-07-14 02:59 | evidence → |
| 124.31.106.235 | scanner | 23% | 2 | 1 | ssh:bruteforce | — | 2026-07-17 07:37 | evidence → | |
| 117.81.233.214 | scanner | 21% | 8 | 1 | ssh:bruteforce | — | 2026-07-15 02:38 | evidence → | |
| 27.128.202.176 | scanner | 20% | 8 | 1 | ssh:bruteforce | — | 2026-07-14 18:00 | evidence → | |
| 58.218.110.34 | scanner | 15% | 2 | 1 | ssh:bruteforce | — | 2026-07-13 04:25 | evidence → | |
| 119.145.5.194 | scanner | 14% | 2 | 1 | ssh:bruteforce | — | 2026-07-12 07:16 | evidence → | |
| 58.57.170.206 | scanner | 13% | 4 | 1 | ssh:bruteforce | — | 2026-07-11 16:13 | evidence → | |
| 1.83.125.63 | scanner | 13% | 2 | 1 | ssh:bruteforce | — | 2026-07-11 23:14 | evidence → | |
| 124.117.195.54 | scanner | 12% | 2 | 1 | ssh:bruteforce | — | 2026-07-11 10:20 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds