IPMediumSignal 41/100
8.210.108.254
Location
Hong KongHong Kong, HCW
ASN
AS45102
Hong Kong
First Seen
May 23, 2025
Last Seen
Apr 15, 2026
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
41%
Signal Score
41 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryHong Kong
Hong KongRegionHong Kong, HCW
ASNAS45102
OrganizationHong Kong
Feed Intelligence Summary
15 reports41% confidence
15
Source reports
41%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningapplication layer protocolasiaattackaustraliaauthentication abuseauthentication attacksautomated attackbad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptbruteforcebruteforcingc2 communicationcloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommand and controlcommunication protocolcompromised hostcredential accesscredential stuffingdata exfiltrationdata store exposureddosddos participationdecoy systemdenial of servicedistributed attackseuropeexploit activityexploitation activityexploited hostexternal threat actorfail2ban triggeredfailed login attemptsfinlandfranceftp brute forcegermanyhackinghoneynet connecthong konghttp brute forceidentity & access exploitationindicatorinjection activitylog analysislogin attemptlogin brute forcemalicious activitymalicious domainmalicious softwaremalwaremalware distributionnetworknetwork intrusionnetwork intrusion detectionnetwork probenetwork probingnetwork reconnaissancenetwork scanningnetwork securitynorth americaoceaniapassword attackpassword attackspolandpossible intrusion attemptpossible vulnerability exploitationpotential brute forceprocess injectionprotocol exploitationransomwarereconnaissanceremote accessresearchedresource hijackingscanscannerscannersscanning activitysecurity operationssecurity policyservice enumerationsipsmtp brute forcesocradar honeypotsshssh attackt1018t1021t1021.001t1021.002t1021.004t1040t1046t1055t1059t1059.004t1068t1071t1071.001t1078t1078.004t1083t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1499.001t1499.002t1499.003t1565t1573t1573.001t1589t1589.002t1590t1591t1592t1592.001t1593t1595t1595.001t1595.002t1595.003tcp scantelecommunicationstelnet threatthreat actorthreat intelligencethreat preventiontor nodeudp scanunauthorized access attemptunauthorized login attemptsunited kingdomunited statesvoipvulnerability scanvultrweb application attackweb exploitation
Activity Timeline
Apr 15Apr 15
Threat Activity Heatmap
· Peak: 2026-04-15LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
41
SIGNAL
Signal Score
41%
Confidence
15
Reports
First seenMay 23, 2025
Last seenApr 15, 2026
GeolocationHK
CountryHong Kong
LocationHong Kong, HCW
ASNAS45102
OrgHong Kong
Coords22.2908, 114.1501
VirusTotal
Not checked
WHOIS
- description
- IPV4 hosts detected attempting to brute force SSH on private honeypot
- raw
- inetnum: 8.208.0.0 - 8.223.255.255 netname: ASEPL-SG descr: Alibaba Cloud (Singapore) Private Limited descr: 51 Bras Basah Road #03-06 Lazada One Singapore 189554, Singapore country: SG org: ORG-ASEP1-AP admin-c: ASEP1-AP tech-c: ASEP1-AP abuse-c: AA1926-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-ASEPL-SG mnt-routes: MAINT-ASEPL-SG mnt-irt: IRT-ASEPL-SG last-modified: 2023-11-09T06:37:20Z source: APNIC irt: IRT-ASEPL-SG address: 1 Raffles Place # 59-00 One Raffles Place, Tower One Singapore, Singapore e-mail: [email protected] abuse-mailbox: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-14 mnt-by: MAINT-ASEPL-SG last-modified: 2025-04-14T07:19:15Z source: APNIC organisation: ORG-ASEP1-AP org-name: Alibaba Cloud (Singapore) Private Limited org-type: LIR country: SG address: 51 Bras Basah Road # 03-06 Lazada One Singapore 189554 phone: +8657185022088-76449 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2024-07-11T12:55:24Z source: APNIC role: ABUSE ASEPLSG country: ZZ address: 1 Raffles Place # 59-00 One Raffles Place, Tower One Singapore, Singapore phone: +000000000 e-mail: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP nic-hdl: AA1926-AP remarks: Generated from irt object IRT-ASEPL-SG remarks: [email protected] was validated on 2025-04-14 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-14T07:19:41Z source: APNIC role: Alibabacom Singapore E-Commerce Private Limited a address: 1 Raffles Place #59-00 One Raffles Place, Tower One Singapore, Singapore country: SG phone: +86-571-85022088 fax-no: +86-571-85022088 e-mail: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP nic-hdl: ASEP1-AP mnt-by: MAINT-ASEPL-SG last-modified: 2015-12-10T01:04:19Z source: APNIC route: 8.210.108.0/24 origin: AS134963 descr: Alibaba.com Singapore E-Commerce Private Limited 8 Shenton Way, #45-01 AXA Tower, Singapore 068811 mnt-by: MAINT-ASEPL-SG last-modified: 2020-01-20T07:42:26Z source: APNIC route: 8.210.108.0/24 origin: AS45102 descr: Alibaba.com Singapore E-Commerce Private Limited 8 Shenton Way, #45-01 AXA Tower, Singapore 068811 mnt-by: MAINT-ASEPL-SG last-modified: 2020-01-20T07:04:08Z source: APNIC
- references
- https://redpiranha.net, https://jamesbrine.com.au/bruteforce-ip-list-2025-09-03/, https://jamesbrine.com.au, https://jamesbrine.com.au/vultrparis-ssh-bruteforce-ip-list-2025-07-30/, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 2 months ago
Appeared in 15 threat reports