← Back to feed

AS134768 CHINANET SHAANXI province Cloud Base network

ASN Active medium
Why this campaign was detected
5 IPs from the same network (CHINANET SHAANXI province Cloud Base network, AS134768) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS134768 · CHINANET SHAANXI province Cloud Base network
Subnet
Country
🇨🇳 CN
Cloud Provider
Member Count
5 IPs
Below average
Total Events
304
Below average by volume
Started / Ended
2026-02-20 07:55 — ongoing
Attack Types
ssh:bruteforce
MITRE ATT&CK Techniques
Reconnaissance
Initial Access
Credential Access
Discovery
Command and Control
Member Actors
IP Address Behavior Confidence Flags Events Agents Attack Types Hostname Last Seen
113.141.171.139 scanner 65% 1x OSINT 155 2 ssh:bruteforce 2026-07-17 04:01 evidence →
117.34.125.173 scanner 53% 1x OSINT 127 2 ssh:bruteforce 2026-07-08 07:39 evidence →
103.236.96.84 reconnaissance 35% 20 2 ssh:bruteforce 2026-07-04 19:30 evidence →
117.34.85.168 scanner 29% 1x OSINT 12 2 ssh:bruteforce 2026-07-11 03:38 evidence →
113.142.162.15 scanner 16% 1x OSINT 2 1 ssh:bruteforce 2026-07-09 13:11 evidence →
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds