← Back to feed
Subnet 198.235.24.0/24
SUBNET Active highWhy this campaign was detected
38 IPs from the same /24 subnet (198.235.24.0/24) were observed attacking our sensors within the same time window. All belong to Google LLC (AS396982). Concentrated activity from adjacent IPs is a strong indicator of a single operator or coordinated botnet.
Primary ASN
AS396982 · Google LLC
Subnet
198.235.24.0/24
Country
πΊπΈ US
Cloud Provider
—
Member Count
38 IPs
Below average
Total Events
518
Below average by volume
Started / Ended
2026-02-18 04:44 — ongoing
Attack Types
MITRE ATT&CK Techniques
Initial Access
Discovery
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 198.235.24.236 | scanner | 67% | 1x OSINT | 26 | 3 | http:scanssh:bruteforce | β | 2026-07-17 21:59 | evidence → |
| 198.235.24.200 | scanner | 66% | 1x OSINT | 17 | 3 | http:scanssh:bruteforce | β | 2026-07-17 10:55 | evidence → |
| 198.235.24.93 | scanner | 65% | 1x OSINT | 17 | 3 | http:scanssh:bruteforce | β | 2026-07-17 04:39 | evidence → |
| 198.235.24.58 | scanner | 63% | 1x OSINT | 22 | 3 | http:scanssh:bruteforce | β | 2026-07-15 16:31 | evidence → |
| 198.235.24.40 | scanner | 62% | 1x OSINT | 17 | 3 | http:scanssh:bruteforce | β | 2026-07-15 10:07 | evidence → |
| 198.235.24.134 | scanner | 61% | 1x OSINT | 9 | 3 | http:scanssh:bruteforce | β | 2026-07-15 17:03 | evidence → |
| 198.235.24.72 | scanner | 60% | 1x OSINT | 15 | 3 | http:scanssh:bruteforce | β | 2026-07-14 18:21 | evidence → |
| 198.235.24.14 | scanner | 60% | 1x OSINT | 14 | 3 | http:scanssh:bruteforce | β | 2026-07-14 18:20 | evidence → |
| 198.235.24.76 | scanner | 60% | 1x OSINT | 11 | 3 | http:scanssh:bruteforce | β | 2026-07-14 17:07 | evidence → |
| 198.235.24.83 | scanner | 59% | 1x OSINT | 18 | 3 | http:scanssh:bruteforce | β | 2026-07-13 17:23 | evidence → |
| 198.235.24.241 | scanner | 59% | 1x OSINT | 17 | 3 | http:scanssh:bruteforce | β | 2026-07-13 16:37 | evidence → |
| 198.235.24.230 | scanner | 57% | 1x OSINT | 7 | 3 | http:scanssh:bruteforce | β | 2026-07-13 16:22 | evidence → |
| 198.235.24.228 | scanner | 54% | 1x OSINT | 11 | 3 | http:scanssh:bruteforce | β | 2026-07-11 18:24 | evidence → |
| 198.235.24.27 | scanner | 50% | 1x OSINT | 10 | 2 | http:scanssh:bruteforce | β | 2026-07-17 17:02 | evidence → |
| 198.235.24.155 | scanner | 50% | 1x OSINT | 14 | 2 | http:scanssh:bruteforce | β | 2026-07-17 04:12 | evidence → |
| 198.235.24.206 | scanner | 47% | 1x OSINT | 20 | 2 | http:scanssh:bruteforce | β | 2026-07-15 10:30 | evidence → |
| 198.235.24.234 | scanner | 46% | 1x OSINT | 18 | 2 | http:scanssh:bruteforce | β | 2026-07-14 21:11 | evidence → |
| 198.235.24.88 | web_probe | 45% | 1x OSINT | 10 | 2 | http:scanssh:bruteforce | β | 2026-07-15 03:15 | evidence → |
| 198.235.24.112 | scanner | 45% | 1x OSINT | 18 | 2 | http:scanssh:bruteforce | β | 2026-07-14 10:21 | evidence → |
| 198.235.24.45 | scanner | 44% | 1x OSINT | 19 | 2 | http:scanssh:bruteforce | β | 2026-07-13 22:38 | evidence → |
| 198.235.24.202 | scanner | 44% | 1x OSINT | 20 | 3 | ssh:bruteforce | β | 2026-07-11 10:36 | evidence → |
| 198.235.24.177 | web_probe | 43% | 1x OSINT | 5 | 2 | http:scanssh:bruteforce | β | 2026-07-14 12:44 | evidence → |
| 198.235.24.60 | web_probe | 43% | 1x OSINT | 6 | 2 | http:scanssh:bruteforce | β | 2026-07-13 22:51 | evidence → |
| 198.235.24.37 | scanner | 42% | 1x OSINT | 30 | 2 | http:scanssh:bruteforce | β | 2026-07-12 08:11 | evidence → |
| 198.235.24.74 | scanner | 42% | 1x OSINT | 7 | 2 | http:scanssh:bruteforce | β | 2026-07-13 06:56 | evidence → |
| 198.235.24.68 | scanner | 40% | 1x OSINT | 11 | 2 | http:scanssh:bruteforce | β | 2026-07-13 10:22 | evidence → |
| 198.235.24.143 | scanner | 40% | 1x OSINT | 8 | 2 | ssh:bruteforce | β | 2026-07-17 22:32 | evidence → |
| 198.235.24.142 | scanner | 38% | 1x OSINT | 14 | 2 | http:scanssh:bruteforce | β | 2026-07-11 00:20 | evidence → |
| 198.235.24.99 | scanner | 37% | 1x OSINT | 18 | 2 | ssh:bruteforce | β | 2026-07-15 22:07 | evidence → |
| 198.235.24.195 | scanner | 37% | 1x OSINT | 16 | 2 | ssh:bruteforce | β | 2026-07-15 22:21 | evidence → |
| 198.235.24.30 | web_probe | 37% | 1x OSINT | 5 | 2 | http:scanssh:bruteforce | β | 2026-07-11 00:20 | evidence → |
| 198.235.24.180 | web_probe | 34% | 1x OSINT | 2 | 2 | http:scan | β | 2026-07-14 14:58 | evidence → |
| 198.235.24.237 | scanner | 33% | 2x OSINT | 8 | 2 | ssh:bruteforce | β | 2026-07-12 02:16 | evidence → |
| 198.235.24.186 | scanner | 32% | 1x OSINT | 14 | 2 | ssh:bruteforce | β | 2026-07-13 05:01 | evidence → |
| 198.235.24.52 | scanner | 30% | 1x OSINT | 18 | 2 | ssh:bruteforce | β | 2026-07-11 17:01 | evidence → |
| 198.235.24.160 | web_probe | 27% | 10 | 1 | http:scan | β | 2026-07-17 02:13 | evidence → | |
| 198.235.24.15 | scanner | 22% | 1x OSINT | 4 | 1 | ssh:bruteforce | β | 2026-07-13 16:16 | evidence → |
| 198.235.24.4 | web_probe | 18% | 12 | 1 | http:scan | β | 2026-07-12 00:37 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds