← Back to feed
AS17623 China Unicom Shenzen network
ASN Active mediumWhy this campaign was detected
6 IPs from the same network (China Unicom Shenzen network, AS17623) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS17623 · China Unicom Shenzen network
Subnet
—
Country
🇨🇳 CN
Cloud Provider
—
Member Count
6 IPs
Below average
Total Events
34
Below average by volume
Started / Ended
2026-04-13 09:17 — ongoing
Attack Types
MITRE ATT&CK Techniques
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 58.250.244.36 | scanner | 35% | 10 | 2 | ssh:bruteforce | — | 2026-04-15 15:00 | evidence → | |
| 58.250.244.64 | scanner | 29% | 4 | 1 | ssh:bruteforce | — | 2026-04-14 13:24 | evidence → | |
| 58.251.255.86 | scanner | 25% | 4 | 1 | ssh:bruteforce | — | 2026-04-14 18:57 | evidence → | |
| 58.251.255.139 | scanner | 24% | 4 | 1 | ssh:bruteforce | — | 2026-04-14 16:09 | evidence → | |
| 112.91.141.244 | scanner | 24% | 4 | 1 | ssh:bruteforce | — | 2026-04-14 05:17 | evidence → | |
| 112.91.140.209 | scanner | 22% | 8 | 1 | ssh:bruteforce | — | 2026-04-13 10:57 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds