← Back to feed
Subnet 147.185.132.0/24
SUBNET Active highWhy this campaign was detected
22 IPs from the same /24 subnet (147.185.132.0/24) were observed attacking our sensors within the same time window. All belong to Google LLC (AS396982). Concentrated activity from adjacent IPs is a strong indicator of a single operator or coordinated botnet.
Primary ASN
AS396982 · Google LLC
Subnet
147.185.132.0/24
Country
πΊπΈ US
Cloud Provider
—
Member Count
22 IPs
Below average
Total Events
348
Below average by volume
Started / Ended
2026-02-16 19:56 — ongoing
Attack Types
MITRE ATT&CK Techniques
Initial Access
Discovery
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 147.185.132.120 | scanner | 64% | 1x OSINT | 37 | 3 | http:scanssh:bruteforce | β | 2026-07-15 22:59 | evidence → |
| 147.185.132.100 | scanner | 62% | 1x OSINT | 20 | 3 | http:scanssh:bruteforce | β | 2026-07-15 15:35 | evidence → |
| 147.185.132.91 | scanner | 60% | 1x OSINT | 12 | 3 | http:scanssh:bruteforce | β | 2026-07-15 02:37 | evidence → |
| 147.185.132.42 | scanner | 60% | 1x OSINT | 8 | 3 | http:scanssh:bruteforce | β | 2026-07-15 04:48 | evidence → |
| 147.185.132.237 | scanner | 58% | 17 | 3 | http:scanssh:bruteforce | β | 2026-07-15 22:41 | evidence → | |
| 147.185.132.168 | scanner | 57% | 1x OSINT | 11 | 3 | http:scanssh:bruteforce | β | 2026-07-13 10:07 | evidence → |
| 147.185.132.48 | scanner | 55% | 1x OSINT | 27 | 3 | http:scanssh:bruteforce | β | 2026-07-11 16:21 | evidence → |
| 147.185.132.114 | scanner | 55% | 1x OSINT | 30 | 3 | http:scanssh:bruteforce | β | 2026-07-11 10:57 | evidence → |
| 147.185.132.16 | scanner | 55% | 13 | 3 | http:scanssh:bruteforce | β | 2026-07-14 16:05 | evidence → | |
| 147.185.132.109 | scanner | 55% | 1x OSINT | 19 | 3 | http:scanssh:bruteforce | β | 2026-07-11 16:40 | evidence → |
| 147.185.132.79 | scanner | 53% | 1x OSINT | 13 | 3 | http:scanssh:bruteforce | β | 2026-07-11 03:24 | evidence → |
| 147.185.132.18 | scanner | 43% | 1x OSINT | 9 | 2 | http:scanssh:bruteforce | β | 2026-07-13 19:05 | evidence → |
| 147.185.132.31 | scanner | 39% | 1x OSINT | 15 | 2 | http:scanssh:bruteforce | β | 2026-07-11 16:14 | evidence → |
| 147.185.132.222 | scanner | 37% | 1x OSINT | 16 | 2 | ssh:bruteforce | β | 2026-07-15 20:13 | evidence → |
| 147.185.132.252 | scanner | 34% | 1x OSINT | 12 | 2 | ssh:bruteforce | β | 2026-07-14 16:56 | evidence → |
| 147.185.132.12 | web_probe | 32% | 1x OSINT | 2 | 2 | http:scan | β | 2026-07-13 09:15 | evidence → |
| 147.185.132.0 | web_probe | 25% | 16 | 1 | http:scan | β | 2026-07-15 08:17 | evidence → | |
| 147.185.132.6 | web_probe | 23% | 15 | 1 | http:scan | β | 2026-07-14 18:26 | evidence → | |
| 147.185.132.1 | web_probe | 22% | 14 | 1 | http:scan | β | 2026-07-14 00:37 | evidence → | |
| 147.185.132.4 | web_probe | 21% | 13 | 1 | http:scan | β | 2026-07-13 10:15 | evidence → | |
| 147.185.132.3 | web_probe | 20% | 15 | 1 | http:scan | β | 2026-07-13 02:37 | evidence → | |
| 147.185.132.2 | web_probe | 19% | 14 | 1 | http:scan | β | 2026-07-12 09:17 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds