← Back to feed
AS141679 China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch
ASN Active mediumWhy this campaign was detected
7 IPs from the same network (China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch, AS141679) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS141679 · China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch
Subnet
—
Country
🇨🇳 CN
Cloud Provider
—
Member Count
7 IPs
Below average
Total Events
167
Below average by volume
Started / Ended
2026-03-02 09:50 — ongoing
Attack Types
MITRE ATT&CK Techniques
Initial Access
Command and Control
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 203.83.234.180 | scanner | 53% | 1x OSINT | 42 | 2 | ssh:bruteforce | — | 2026-05-17 04:56 | evidence → |
| 117.72.180.163 | credential_harvester | 40% | 1x OSINT | 9 | 1 | ssh:bruteforce | — | 2026-05-22 00:06 | evidence → |
| 111.228.58.144 | credential_harvester | 37% | 1x OSINT | 2 | 1 | ssh:bruteforce | — | 2026-04-30 21:01 | evidence → |
| 117.72.186.203 | reconnaissance | 37% | 10 | 1 | ssh:bruteforce | — | 2026-05-21 09:38 | evidence → | |
| 117.72.65.215 | scanner | 25% | 1x OSINT | 4 | 1 | ssh:bruteforce | — | 2026-05-21 23:41 | evidence → |
| 117.72.39.70 | scanner | 20% | 1x OSINT | 4 | 1 | ssh:bruteforce | — | 2026-05-17 17:28 | evidence → |
| 117.72.64.105 | scanner | 16% | 4 | 1 | ssh:bruteforce | — | 2026-05-18 05:03 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds