Report for IP: 113.88.169.1

Threat LevelMEDIUM36/1001 rule type
1 incident on record · last seen 1d ago
PTR N/A
Org / ASN Chinanet GD
Country 🇨🇳 China
City Shenzhen, Guangdong
Timezone Asia/Shanghai
Botnet InfrastructureChinaNet (AS4134, China Telecom)
ChinaNet (AS4134) is one of the highest-volume attack-originating ASNs globally, consistently ranking in SANS/DShield top-10 attacker lists. Activity ranges from compromised consumer endpoints to dedicated scan infrastructure. SSH brute-force from this network targets common username dictionaries at scale — automated, persistent credential-harvesting botnet behavior.

Attack Analysis

🇨🇳 China · Shenzhen · 4134 · Chinanet GD
WordPress XML-RPC Abuse
This IP targeted xmlrpc.php, a legacy WordPress endpoint that has been abused for brute-force authentication attacks, credential stuffing, and DDoS amplification. Any direct access to xmlrpc.php is an attack or reconnaissance attempt; modern WordPress sites should disable it entirely.

Reports (1)

Date Severity Description
12 Jun 2026 - 10:52 high Web: xmlrpc.php accessed
Part of EagleEye Intelligence