We Looked at What Our Own Scoring Engine Rated Maximum Confidence. It Was Someone Trying to Break In.

We run an autonomous threat scoring engine called OZ. It ingests indicators from our feeds, scores them on a composite of novelty, significance, and confidence, and makes decisions — publish, block, safelist — without a human in the loop for anything below the critical threshold. As of today it has made 8.36 million decisions.

This afternoon we asked a simple question: what did OZ score at maximum confidence? What single indicator, across 8.36 million decisions, earned a perfect score?

The answer was 101.198.0.133.

That IP address belongs to IDC, China Telecommunications Corporation — AS23724, China Telecom's datacenter infrastructure arm, network 101.198.0.0/22. It has 363 reports in AbuseIPDB from 20 distinct reporters. Eight security vendors flag it malicious or suspicious on VirusTotal: Fortinet, BitDefender, CyRadar, SOCRadar, Lionic, G-Data, GreyNoise, CRDF. It appears in 50 OTX threat intelligence pulses.

Forty-nine of those pulses are ours. Because this IP spent several days in late May attacking dugganusa.com.

Three times in 48 hours, on May 24 and May 25, this China Telecom address probed our public-facing application with exploit traffic. Each time, PreCog — our behavioral detection layer — caught it, auto-blocked it, and filed an AbuseIPDB report with the timestamp, the attack category, and the VirusTotal score at the time of blocking. The comments in those reports read: "Detected attacking dugganusa.com | Attack: Exploit Public-Facing Application | VirusTotal: 3 malware detections | Source: DugganUSA PreCog auto-block."

OZ scored it maximum confidence not because of a single high-value indicator. It scored it maximum because the same IP appeared across multiple feed sources, generated multiple autonomous block decisions, accumulated abuse reports that fed back into the enrichment pipeline, and the cross-source corroboration drove the BDE score to 100. The system found the attacker by looking at its own telemetry.

This is what vectorized pattern analysis actually means in practice. It does not mean building a model and asking it what is interesting. It means indexing everything — feeds, decisions, enrichment results, abuse reports — in a format where correlations surface automatically when you query across them. The pattern that made this IP a maximum-confidence indicator was not visible in any single source. It emerged from the intersection of the block events, the feed ingestion, the AbuseIPDB enrichment, and the OZ decision history, all pointing at the same address from different angles.

The observation is a small one. China Telecom datacenter infrastructure probing a threat intelligence platform is not surprising. That the probe failed is not surprising. That the platform documented it, reported it, scored it, published it, and then found it again by asking what it was most confident about — that is the part that is worth writing down.

The attacker tried to exploit a platform that indexes attackers. The platform indexed them. They are now in 50 OTX pulses, an AbuseIPDB record with 363 reports, a VirusTotal entry with 8 malicious vendor hits, and a STIX feed consumed by enterprise security operations teams. They achieved the opposite of their intent. The platform does not just protect itself — it documents the people who test it.

The VShell cluster we found in the same session — seven IPs across AS984, OCTOPUS WEB SOLUTION INC, Hong Kong, all running VShell C2 listeners on port 8884 with the documented 637-byte authentication fingerprint — is a different story and a different post. But it came from the same question: what is the engine actually seeing? The answer today was one attacker who hit us and got documented, and one cluster of Chinese-nexus post-exploitation infrastructure that nobody asked for specifically but the data surfaced anyway.

That is the methodology. Not clever queries. Not expert intuition applied to a filtered dataset. An engine that scores everything it sees, a corpus that accumulates the results, and the willingness to ask what the machine rated highest and actually look at the answer.

The answer today was China Telecom trying our door. The door held. The receipt exists.

How do AI models see YOUR brand?

AIPM has audited 250+ domains. 15 seconds. Free while still in beta.

Audit your site now → aipmsec.com