← Back to feed

AS4808 China Unicom Beijing Province Network

ASN Active medium
Why this campaign was detected
7 IPs from the same network (China Unicom Beijing Province Network, AS4808) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS4808 · China Unicom Beijing Province Network
Subnet
Country
🇨🇳 CN
Cloud Provider
Member Count
7 IPs
Below average
Total Events
217
Below average by volume
Started / Ended
2026-02-19 11:36 — ongoing
Attack Types
ssh:bruteforce
MITRE ATT&CK Techniques
Reconnaissance
Initial Access
Credential Access
Discovery
Command and Control
Member Actors
IP Address Behavior Confidence Flags Events Agents Attack Types Hostname Last Seen
117.50.70.169 scanner 61% 1x OSINT 78 2 ssh:bruteforce 2026-07-15 14:38 evidence →
111.203.166.201 opportunistic_bruter 43% 50 2 ssh:bruteforce 2026-07-15 16:48 evidence →
111.200.217.179 opportunistic_bruter 42% 40 2 ssh:bruteforce 2026-07-15 15:37 evidence →
106.75.88.37 scanner 33% 20 1 ssh:bruteforce 2026-07-14 17:50 evidence →
114.115.207.31 scanner 32% 20 2 ssh:bruteforce 2026-07-15 10:15 evidence →
106.75.16.170 scanner 26% 1x OSINT 6 1 ssh:bruteforce 2026-07-15 09:15 evidence →
117.50.130.159 scanner 13% 3 1 ssh:bruteforce 2026-07-11 21:40 evidence →
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds