Say hello to North Korea’s 3rd internet uplink! The North Korean autonomous system AS131279 just got a new uplink to AS133073 Teleglobal Communication Services Limited – which is assigned to Hong Kong, according to APNIC. According to our information, it went live a few days ago on April 3, 2019 at 16:00 UTC.
North Korea currently has 2 existing uplinks, one via China (AS4837 China Unicom Backbone) and another via Russia (AS20485 Closed Joint Stock Company TransTeleCom). This third new uplink gives them more flexibility, redundancy, and resistance against attacks such as DDoS.
Where is this uplink physically connected? We don’t know and can only speculate (or ask Teleglobal). Just because the new uplink is registered to Hong Kong (in the who-is data), does not mean that the physical connection goes there; it is possible that the physical cable is placed somewhere near the Shenyang/Liaoning region.
What does this mean for the North Koreans? For those 0.1% (including foreigners) that have access to the internet, it most likely means better internet. More uplinks allows North Korea to handle more traffic and redirect traffic to different routes in case one fails.
https://bgp.he.net/AS131279#_peers shows the 3 peers (uplinks):
Teleglobal’s website is http://www.kf-idc.com/. Below is the who-is data of AS133073 which lists their contact information:
descr: TELEGLOBAL COMMUNICATION SERVICES LIMITED
address: flat/rm 801 join-in Hang Sing Centre,, 2-16 Kwai Fung Crescent, Kwai Chung, NT.,, Hong Kong
auth: # Filtered
org-name: TELEGLOBAL COMMUNICATION SERVICES LIMITED
address: flat/rm 801 join-in Hang Sing Centre,
address: 2-16 Kwai Fung Crescent, Kwai Chung, NT.,
The Russian uplink to AS20485 Closed Joint Stock Company TransTeleCom was created on October 1, 2017, according to this article:
The North Korean AS131279 was created on December 21, 2009. The uplink to the Chinese AS4837 went live on September 17, 2010 at 08:00 UTC.
November 2019: Academia Program and Inline Filters 🎓 Academia Program We are now offering free access to members of schools and universities. Accounts that register on intelx.io with an email address from a school or university get upgraded automatically. We have published a list of supported domains and add new ones on request. You can
Minutes ago (evening of November 21, 2019) we just stopped an unsuccessful login bruteforce attack. The attacker’s email address is email@example.com and the IPs used in the attack are 18.104.22.168 (a NordVPN IP), 22.214.171.124 and 126.96.36.199. There were 27,601 login attempts from those IPs before stopped by Intelligence X staff. As clearly stated in our
We have added inline statistics & filters. After searching, you can filter by data source, file type or date. Click on the summary line to expand the full statistics view and then click on either the data source, file type or the date heatmap.