← Back to feed

AS4134 Chinanet

ASN Active medium
Why this campaign was detected
61 IPs from the same network (Chinanet, AS4134) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS4134 · Chinanet
Subnet
Country
🇨🇳 CN
Cloud Provider
Member Count
61 IPs
Average
Total Events
6583
Below average by volume
Started / Ended
2026-02-18 18:12 — ongoing
Attack Types
ftp:bruteforce ssh:bruteforce
MITRE ATT&CK Techniques
Reconnaissance
Initial Access
Credential Access
Discovery
Command and Control
Exfiltration
Member Actors
IP Address Behavior Confidence Flags Events Agents Attack Types Hostname Last Seen
121.14.34.219 credential_harvester 77% 1x OSINT 134 3 ssh:bruteforce 2026-07-15 22:11 evidence →
180.106.83.59 scanner 65% 1x OSINT 91 2 ssh:bruteforce 2026-07-17 19:50 evidence →
58.221.60.25 scanner 65% 1x OSINT 175 2 ssh:bruteforce 2026-07-17 02:49 evidence →
121.227.152.250 credential_harvester 64% 1x OSINT 339 2 ssh:bruteforce 2026-07-15 20:22 evidence →
58.210.182.18 scanner 63% 1x OSINT 47 3 ssh:bruteforce 2026-07-14 13:58 evidence →
14.116.189.74 scanner 61% 1x OSINT 452 2 ssh:bruteforce 2026-07-14 04:17 evidence →
121.227.152.171 scanner 61% 1x OSINT 198 2 ssh:bruteforce 2026-07-14 17:49 evidence →
121.229.25.10 scanner 59% 106 2 ssh:bruteforce 2026-07-17 07:08 evidence →
117.62.22.127 scanner 56% 1x OSINT 311 2 ssh:bruteforce 2026-07-11 19:42 evidence →
221.229.218.50 scanner 55% 264 2 ssh:bruteforce 2026-07-14 05:50 evidence →
49.64.169.153 credential_harvester 53% 933 2 ssh:bruteforce 2026-07-11 17:18 evidence →
27.128.240.75 scanner 52% 71 2 ssh:bruteforce 2026-07-13 19:34 evidence →
118.182.166.128 data_exfiltrator 50% 15 2 ssh:bruteforce 2026-07-15 02:55 evidence →
222.91.124.34 data_exfiltrator 49% 12 2 ssh:bruteforce 2026-07-15 05:43 evidence →
106.44.6.214 malware_dropper 49% 53 1 ssh:bruteforce 2026-07-16 05:01 evidence →
180.101.149.231 scanner 47% 24 2 ssh:bruteforce 2026-07-17 05:09 evidence →
183.6.142.31 opportunistic_bruter 45% 240 2 ssh:bruteforce 2026-07-15 16:27 evidence →
122.226.145.190 opportunistic_bruter 45% 200 2 ssh:bruteforce 2026-07-15 16:17 evidence →
222.174.17.118 opportunistic_bruter 44% 119 2 ssh:bruteforce 2026-07-15 16:39 evidence →
58.42.84.13 opportunistic_bruter 44% 120 2 ssh:bruteforce 2026-07-15 16:04 evidence →
175.4.130.152 opportunistic_bruter 44% 95 2 ssh:bruteforce 2026-07-15 16:00 evidence →
124.117.228.98 reconnaissance 43% 24 2 ssh:bruteforce 2026-07-15 05:10 evidence →
182.45.197.14 opportunistic_bruter 42% 50 2 ssh:bruteforce 2026-07-15 07:12 evidence →
222.223.177.118 scanner 42% 20 2 ssh:bruteforce 2026-07-14 16:59 evidence →
183.129.148.70 ftp_bruter 42% 1x OSINT 1858 2 ftp:bruteforce 2026-07-13 20:34 evidence →
115.236.186.134 opportunistic_bruter 41% 39 2 ssh:bruteforce 2026-07-15 06:10 evidence →
14.153.216.74 opportunistic_bruter 41% 30 2 ssh:bruteforce 2026-07-15 11:35 evidence →
60.174.205.133 malware_dropper 41% 1x OSINT 13 1 ssh:bruteforce 2026-07-11 09:16 evidence →
106.81.33.108 opportunistic_bruter 40% 60 2 ssh:bruteforce 2026-07-14 07:26 evidence →
182.37.52.234 opportunistic_bruter 40% 60 2 ssh:bruteforce 2026-07-14 06:57 evidence →
218.13.43.88 opportunistic_bruter 40% 20 2 ssh:bruteforce 2026-07-15 02:14 evidence →
61.174.209.6 opportunistic_bruter 39% 20 2 ssh:bruteforce 2026-07-14 17:24 evidence →
125.93.252.89 reconnaissance 39% 1x OSINT 19 1 ssh:bruteforce 2026-07-15 14:53 evidence →
27.17.30.150 reconnaissance 36% 1x OSINT 8 1 ssh:bruteforce 2026-07-14 17:41 evidence →
222.173.95.86 scanner 33% 51 2 ssh:bruteforce 2026-07-15 03:17 evidence →
60.190.17.170 scanner 32% 20 2 ssh:bruteforce 2026-07-15 17:28 evidence →
114.220.238.21 reconnaissance 32% 13 1 ssh:bruteforce 2026-07-14 19:16 evidence →
183.144.224.117 opportunistic_bruter 32% 20 1 ssh:bruteforce 2026-07-15 11:02 evidence →
58.56.204.118 scanner 32% 10 2 ssh:bruteforce 2026-07-15 21:44 evidence →
14.29.215.35 scanner 32% 12 2 ssh:bruteforce 2026-07-15 17:28 evidence →
60.190.30.154 scanner 31% 16 2 ssh:bruteforce 2026-07-15 08:43 evidence →
222.215.99.88 opportunistic_bruter 31% 10 1 ssh:bruteforce 2026-07-15 16:23 evidence →
221.234.36.123 reconnaissance 31% 1x OSINT 8 1 ssh:bruteforce 2026-07-11 20:13 evidence →
114.217.10.60 credential_probe 31% 1x OSINT 46 2 ssh:bruteforce 2026-07-12 02:48 evidence →
220.176.247.166 opportunistic_bruter 31% 20 1 ssh:bruteforce 2026-07-14 20:49 evidence →
222.186.57.88 scanner 31% 12 2 ssh:bruteforce 2026-07-15 03:59 evidence →
222.74.219.131 scanner 30% 16 2 ssh:bruteforce 2026-07-14 19:43 evidence →
117.62.245.177 opportunistic_bruter 29% 20 1 ssh:bruteforce 2026-07-14 06:47 evidence →
14.29.248.43 scanner 29% 1x OSINT 7 1 ssh:bruteforce 2026-07-17 03:02 evidence →
171.15.52.193 scanner 29% 1x OSINT 4 1 ssh:bruteforce 2026-07-16 12:05 evidence →
60.170.122.58 opportunistic_bruter 28% 10 1 ssh:bruteforce 2026-07-14 07:20 evidence →
144.123.118.22 opportunistic_bruter 28% 10 1 ssh:bruteforce 2026-07-13 22:27 evidence →
121.229.9.97 scanner 26% 1x OSINT 28 1 ssh:bruteforce 2026-07-14 02:59 evidence →
124.31.106.235 scanner 23% 2 1 ssh:bruteforce 2026-07-17 07:37 evidence →
117.81.233.214 scanner 21% 8 1 ssh:bruteforce 2026-07-15 02:38 evidence →
27.128.202.176 scanner 20% 8 1 ssh:bruteforce 2026-07-14 18:00 evidence →
58.218.110.34 scanner 15% 2 1 ssh:bruteforce 2026-07-13 04:25 evidence →
119.145.5.194 scanner 14% 2 1 ssh:bruteforce 2026-07-12 07:16 evidence →
58.57.170.206 scanner 13% 4 1 ssh:bruteforce 2026-07-11 16:13 evidence →
1.83.125.63 scanner 13% 2 1 ssh:bruteforce 2026-07-11 23:14 evidence →
124.117.195.54 scanner 12% 2 1 ssh:bruteforce 2026-07-11 10:20 evidence →
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds