← Back to feed
AS402253 SKN Subnet & Telecom Ltd
ASN Active mediumWhy this campaign was detected
7 IPs from the same network (SKN Subnet & Telecom Ltd, AS402253) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS402253 · SKN Subnet & Telecom Ltd
Subnet
—
Country
🇨🇭 CH
Cloud Provider
—
Member Count
7 IPs
Below average
Total Events
1096
Below average by volume
Started / Ended
2026-04-21 14:35 — ongoing
Attack Types
MITRE ATT&CK Techniques
Initial Access
Discovery
Command and Control
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 209.99.186.163 | credential_harvester | 67% | 1x OSINT | 292 | 2 | ssh:bruteforce | — | 2026-04-26 20:50 | evidence → |
| 209.99.190.113 | credential_harvester | 53% | 1x OSINT | 225 | 1 | ssh:bruteforce | — | 2026-04-24 08:26 | evidence → |
| 209.99.189.177 | credential_harvester | 52% | 1x OSINT | 225 | 1 | ssh:bruteforce | — | 2026-04-24 00:06 | evidence → |
| 209.99.185.195 | credential_harvester | 50% | 1x OSINT | 310 | 1 | ssh:bruteforce | — | 2026-04-22 10:12 | evidence → |
| 209.99.190.200 | malware_dropper | 49% | 1x OSINT | 23 | 1 | ssh:bruteforce | — | 2026-04-24 06:53 | evidence → |
| 209.99.188.240 | credential_probe | 30% | 1x OSINT | 15 | 1 | ssh:bruteforce | — | 2026-04-26 17:56 | evidence → |
| 209.99.184.125 | scanner | 19% | 6 | 1 | ssh:bruteforce | — | 2026-04-23 04:54 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds