← Back to feed
AS4808 China Unicom Beijing Province Network
ASN Active mediumWhy this campaign was detected
7 IPs from the same network (China Unicom Beijing Province Network, AS4808) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS4808 · China Unicom Beijing Province Network
Subnet
—
Country
🇨🇳 CN
Cloud Provider
—
Member Count
7 IPs
Below average
Total Events
680
Below average by volume
Started / Ended
2026-02-19 11:36 — ongoing
Attack Types
MITRE ATT&CK Techniques
Initial Access
Command and Control
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 117.50.51.198 | scanner | 58% | 1x OSINT | 323 | 2 | ssh:bruteforce | — | 2026-05-16 01:32 | evidence → |
| 117.50.70.125 | credential_harvester | 58% | 1x OSINT | 228 | 2 | ssh:bruteforce | — | 2026-05-16 06:11 | evidence → |
| 114.242.24.31 | scanner | 53% | 1x OSINT | 67 | 2 | ssh:bruteforce | — | 2026-05-14 16:08 | evidence → |
| 117.50.152.101 | scanner | 52% | 1x OSINT | 14 | 2 | ssh:bruteforce | — | 2026-05-20 21:03 | evidence → |
| 106.75.88.44 | scanner | 49% | 1x OSINT | 27 | 2 | ssh:bruteforce | — | 2026-05-18 16:13 | evidence → |
| 117.50.138.166 | opportunistic_bruter | 48% | 1x OSINT | 15 | 2 | ssh:bruteforce | — | 2026-05-20 03:22 | evidence → |
| 114.248.14.131 | opportunistic_bruter | 24% | 6 | 1 | ssh:bruteforce | — | 2026-05-15 14:15 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds