IOC Radar
IPMediumSignal 100/100

8.134.199.119

Location
ChinaChina
Guangzhou, Guangdong
ASN
AS37963
Alibaba.com LLC
First Seen
Apr 10, 2025
Last Seen
Apr 11, 2026
Apr 10
First Seen
425d ago
Apr 11
Last Seen
60d ago
10
Reports
source reports
99%
Confidence
medium
4/91
VirusTotal
detections
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

35 techniques

Network Information

CountryCNChina
RegionGuangzhou, Guangdong
ASNAS37963
OrganizationAlibaba.com LLC

Feed Intelligence Summary

10 reports99% confidence
10
Source reports
99%
Confidence score
Category tags
active scanactive scanningaptarmasciiasiaasyncratattackbackdoorbase64-loaderbotnetbotnet activitybotnetdomainbrute forcecensyschinaclipboardhijackercode injectioncoinminercommand and controlcommand executioncredential accesscredential harvestingcredential stuffingcryptocurrencydarktortilladarkvisionratdata exfiltrationdata store exposuredbatloaderdcratddosddos attacksddosagentdistributed attacksdlldocdropped-by-lummastealerelfencodedexeexecutable fileexploitation activityfakecaptchaftp brute forcegafgytgetshellguloaderhajimehijackloaderhtahtmlhttp brute forceidentity & access exploitationindicatorinfostealerinjection activityinternet of thingsiot botnetiot securityiot/ics attackjpg-base64-loaderlokilummastealermalicious activitymalicious powershell activitymalicious softwaremalwaremeterpretermipsmirai botnetmodiloadermoobotmozimsinetworknetwork reconnaissancenetwork scanningopendirphishingphishing attackprocess injectionps1quasarratraccoonclipperransomwareratreconnaissanceremcosratremote accessremote servicesresearchedrev-base64-loadersaint helena, ascension and tristan da cunhascams & fraudscripting attacksservice scansliversmartloadersmoke loadersocial engineeringssh attacksshdkitt1021t1021.001t1027t1040t1055t1059t1059.001t1059.007t1071t1071.001t1076t1086t1105t1110t1110.002t1133t1189t1190t1204t1204.001t1204.002t1486t1496t1499.002t1499.003t1563t1565t1566t1566.001t1566.002t1566.003t1595t1595.001t1595.002t1595.003threat actortor nodetsunamiua-wgetudp port scanvidarvipkeyloggerweb exploitationxloaderxwormzip

Activity Timeline

1 total obs
Apr 11Apr 11

Threat Activity Heatmap

· Peak: 2026-04-11
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
10
Reports
First seenApr 10, 2025
Last seenApr 11, 2026
GeolocationCN
CountryChina
LocationGuangzhou, Guangdong
ASNAS37963
OrgAlibaba.com LLC
Coords23.1181, 113.2539

VirusTotal

4/ 91vendors flagged
4% detection rateJun 8, 2026

WHOIS

raw
inetnum: 8.128.0.0 - 8.159.255.255 netname: ALICLOUD descr: Aliyun Computing Co.LTD country: CN admin-c: ASEP1-AP tech-c: ASEP1-AP abuse-c: AA1926-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-ASEPL-SG mnt-irt: IRT-ASEPL-SG last-modified: 2021-04-14T01:11:45Z source: APNIC irt: IRT-ASEPL-SG address: 1 Raffles Place # 59-00 One Raffles Place, Tower One Singapore, Singapore e-mail: [email protected] abuse-mailbox: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-14 mnt-by: MAINT-ASEPL-SG last-modified: 2025-04-14T07:19:15Z source: APNIC role: ABUSE ASEPLSG country: ZZ address: 1 Raffles Place # 59-00 One Raffles Place, Tower One Singapore, Singapore phone: +000000000 e-mail: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP nic-hdl: AA1926-AP remarks: Generated from irt object IRT-ASEPL-SG remarks: [email protected] was validated on 2025-04-14 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-14T07:19:41Z source: APNIC role: Alibabacom Singapore E-Commerce Private Limited a address: 1 Raffles Place #59-00 One Raffles Place, Tower One Singapore, Singapore country: SG phone: +86-571-85022088 fax-no: +86-571-85022088 e-mail: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP nic-hdl: ASEP1-AP mnt-by: MAINT-ASEPL-SG last-modified: 2025-07-01T06:25:24Z source: APNIC route: 8.134.199.0/24 origin: AS37963 descr: Alibaba.com Singapore E-Commerce Private Limited 8 Shenton Way, #45-01 AXA Tower, Singapore 068811 mnt-by: MAINT-ASEPL-SG last-modified: 2020-02-25T09:24:02Z source: APNIC
references
https://urlhaus.abuse.ch/browse/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 10 threat reports