← Back to feed
AS134768 CHINANET SHAANXI province Cloud Base network
ASN Active mediumWhy this campaign was detected
5 IPs from the same network (CHINANET SHAANXI province Cloud Base network, AS134768) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS134768 · CHINANET SHAANXI province Cloud Base network
Subnet
—
Country
🇨🇳 CN
Cloud Provider
—
Member Count
5 IPs
Below average
Total Events
304
Below average by volume
Started / Ended
2026-02-20 07:55 — ongoing
Attack Types
MITRE ATT&CK Techniques
Initial Access
Command and Control
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 113.141.171.139 | scanner | 65% | 1x OSINT | 155 | 2 | ssh:bruteforce | — | 2026-07-17 04:01 | evidence → |
| 117.34.125.173 | scanner | 53% | 1x OSINT | 127 | 2 | ssh:bruteforce | — | 2026-07-08 07:39 | evidence → |
| 103.236.96.84 | reconnaissance | 35% | 20 | 2 | ssh:bruteforce | — | 2026-07-04 19:30 | evidence → | |
| 117.34.85.168 | scanner | 29% | 1x OSINT | 12 | 2 | ssh:bruteforce | — | 2026-07-11 03:38 | evidence → |
| 113.142.162.15 | scanner | 16% | 1x OSINT | 2 | 1 | ssh:bruteforce | — | 2026-07-09 13:11 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds