← Back to feed
AS134768 CHINANET SHAANXI province Cloud Base network
ASN Active mediumWhy this campaign was detected
5 IPs from the same network (CHINANET SHAANXI province Cloud Base network, AS134768) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS134768 · CHINANET SHAANXI province Cloud Base network
Subnet
—
Country
🇨🇳 CN
Cloud Provider
—
Member Count
5 IPs
Below average
Total Events
507
Below average by volume
Started / Ended
2026-02-20 07:55 — ongoing
Attack Types
MITRE ATT&CK Techniques
Initial Access
Command and Control
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 113.137.40.250 | scanner | 61% | 1x OSINT | 144 | 2 | ssh:bruteforce | — | 2026-05-29 10:49 | evidence → |
| 36.41.173.197 | scanner | 53% | 1x OSINT | 151 | 2 | ssh:bruteforce | — | 2026-05-24 18:50 | evidence → |
| 113.141.171.139 | scanner | 53% | 1x OSINT | 140 | 2 | ssh:bruteforce | — | 2026-05-24 10:22 | evidence → |
| 117.33.242.180 | scanner | 42% | 1x OSINT | 41 | 1 | ssh:bruteforce | — | 2026-05-25 14:33 | evidence → |
| 113.141.70.213 | credential_probe | 19% | 1x OSINT | 31 | 1 | ssh:bruteforce | — | 2026-05-24 12:00 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds