← Back to feed
AS23724 IDC, China Telecommunications Corporation
ASN Active mediumWhy this campaign was detected
6 IPs from the same network (IDC, China Telecommunications Corporation, AS23724) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS23724 · IDC, China Telecommunications Corporation
Subnet
—
Country
🇨🇳 CN
Cloud Provider
—
Member Count
6 IPs
Below average
Total Events
863
Below average by volume
Started / Ended
2026-03-03 14:11 — ongoing
Attack Types
MITRE ATT&CK Techniques
Initial Access
Command and Control
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 36.110.172.218 | credential_harvester | 66% | 1x OSINT | 255 | 2 | ssh:bruteforce | — | 2026-05-22 05:04 | evidence → |
| 119.255.245.44 | credential_harvester | 59% | 1x OSINT | 480 | 1 | ssh:bruteforce | — | 2026-05-22 13:46 | evidence → |
| 203.0.104.170 | scanner | 56% | 1x OSINT | 80 | 1 | ssh:bruteforce | — | 2026-05-22 16:33 | evidence → |
| 122.115.224.56 | opportunistic_bruter | 41% | 23 | 1 | ssh:bruteforce | — | 2026-05-18 13:12 | evidence → | |
| 101.237.36.193 | scanner | 38% | 1x OSINT | 10 | 1 | ssh:bruteforce | — | 2026-05-20 13:11 | evidence → |
| 117.79.132.166 | scanner | 37% | 1x OSINT | 15 | 2 | ssh:bruteforce | — | 2026-05-16 02:03 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds