I am confident that if anyone watches activity to their public facing web servers, they will see many requests from China. I see 50+ http & https hits every hour to my web servers from China.
Does not appear to be any successful login occurring. Can someone offer suggestions of what might be happening?
Would it be Reconnaissance and then eventually human intervention will try to break in?