← Back to feed
AS402253 SKN Subnet & Telecom Ltd
ASN Active mediumWhy this campaign was detected
6 IPs from the same network (SKN Subnet & Telecom Ltd, AS402253) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS402253 · SKN Subnet & Telecom Ltd
Subnet
—
Country
🇨🇭 CH
Cloud Provider
—
Member Count
6 IPs
Below average
Total Events
4372
Below average by volume
Started / Ended
2026-04-21 14:35 — ongoing
Attack Types
MITRE ATT&CK Techniques
Discovery
Command and Control
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 209.99.184.143 | credential_harvester | 73% | DROP1x OSINT | 933 | 3 | ssh:bruteforce | — | 2026-06-07 18:15 | evidence → |
| 209.99.189.174 | credential_harvester | 71% | DROP1x OSINT | 976 | 3 | ssh:bruteforce | — | 2026-06-06 05:44 | evidence → |
| 209.99.191.19 | credential_harvester | 64% | DROP1x OSINT | 1061 | 2 | ssh:bruteforce | — | 2026-06-11 05:42 | evidence → |
| 209.99.189.177 | credential_harvester | 58% | DROP1x OSINT | 1397 | 2 | ssh:bruteforce | — | 2026-06-07 22:13 | evidence → |
| 209.99.188.121 | web_probe | 30% | DROP | 2 | 2 | http:scan | — | 2026-06-10 22:27 | evidence → |
| 209.99.186.68 | web_probe | 14% | DROP | 3 | 1 | http:scan | — | 2026-06-05 22:11 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds