IOC Radar
IPMediumSignal 59/100

106.12.15.45

Location
ChinaChina
Beijing, Beijing
ASN
AS38365
Beijing Baidu Netcom Science and Technology Co., Ltd.
First Seen
Apr 16, 2026
Last Seen
May 4, 2026
Apr 16
First Seen
58d ago
May 4
Last Seen
41d ago
9
Reports
source reports
59%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
59%
Signal Score
59 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryCNChina
RegionBeijing, Beijing
ASNAS38365
OrganizationBeijing Baidu Netcom Science and Technology Co., Ltd.

Feed Intelligence Summary

9 reports59% confidence
9
Source reports
59%
Confidence score
Category tags
abuseactive scanaptasiabad reputationblocklistbrute forcebrute-forcebruteforcechinacncredential stuffingcredential-attackexploitation activityidentity & access exploitationindicatornetworkresearchedscannersshssh attackthreat actortpot

Activity Timeline

1 total obs
May 4May 4

Threat Activity Heatmap

· Peak: 2026-05-04
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
59
SIGNAL
Signal Score
59%
Confidence
9
Reports
First seenApr 16, 2026
Last seenMay 4, 2026
GeolocationCN
CountryChina
LocationBeijing, Beijing
ASNAS38365
OrgBeijing Baidu Netcom Science and Technology Co., Ltd.
Coords39.9042, 116.4070

VirusTotal

Not checked

WHOIS

description
Score: 50/100. Labels: abuseipdb:brute-force, abuseipdb:low, abuseipdb:reported, abuseipdb:ssh, cowrie, firehol:unlisted. 106.12.15.45 classified as automated brute-force attacker targeting SSH/Telnet credentials (medium confidence). Origin: enriched. Listed on: AbuseIPDB (brute-force, low, reported).
raw
inetnum: 106.12.0.0 - 106.13.255.255 netname: Baidu descr: Beijing Baidu Netcom Science and Technology Co., Ltd. descr: Baidu Plaza, No.10, Shangdi 10th street, descr: Haidian District Beijing,100080 country: CN admin-c: BN261-AP tech-c: BN261-AP abuse-c: AC1601-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-irt: IRT-BAIDU-CN mnt-lower: MAINT-CNNIC-AP mnt-routes: MAINT-CNNIC-AP last-modified: 2024-03-11T23:30:43Z source: APNIC irt: IRT-BAIDU-CN address: 12f,lixiang building ,zhongguancun,beijing e-mail: [email protected] abuse-mailbox: [email protected] admin-c: ZKY3-AP tech-c: ZKY3-AP auth: # Filtered mnt-by: MAINT-CNNIC-AP last-modified: 2025-11-18T00:35:07Z source: APNIC role: ABUSE CNNICCN country: ZZ address: Beijing, China phone: +000000000 e-mail: [email protected] admin-c: IP50-AP tech-c: IP50-AP nic-hdl: AC1601-AP remarks: Generated from irt object IRT-CNNIC-CN remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-09-19T17:20:32Z source: APNIC person: Baidu Noc address: Baidu Campus,NO.10 Shangdi 10th Street,Haidian District,Beijing The People's Republic of China 100085 country: CN phone: +86-18110062082 e-mail: [email protected] nic-hdl: BN261-AP mnt-by: MAINT-CNNIC-AP last-modified: 2024-03-11T23:28:23Z source: APNIC route: 106.12.0.0/18 descr: Baidu country: CN origin: AS38365 notify: [email protected] mnt-by: MAINT-CNNIC-AP last-modified: 2017-12-21T02:20:17Z source: APNIC route: 106.12.0.0/18 descr: Baidu country: CN origin: AS55967 notify: [email protected] mnt-by: MAINT-CNNIC-AP last-modified: 2017-12-21T02:20:23Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 month ago · Last seen 1 month ago
Appeared in 9 threat reports