IPMediumSignal 100/100
8.221.137.58
Location
JapanTokyo, Tokyo
ASN
AS45102
Alibaba.com Singapore E-Commerce Private Limited
First Seen
Jun 28, 2024
Last Seen
Nov 19, 2025
Found in 26 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryJapan
JapanRegionTokyo, Tokyo
ASNAS45102
OrganizationAlibaba.com Singapore E-Commerce Private Limited
IP Category
⬢
Hosting
Hosting provider
Feed Intelligence Summary
26 reports99% confidence
26
Source reports
99%
Confidence score
Category tags
abuseabuseipdbaccess controlactive scanningapacheapache attackerasiaattackaustraliaauthentication abuseauthentication attemptsauto-generated securitybotnetbrute forcebrute force attackbrute force attacksbrute force attemptsc2c2 communicationc2 servercertcisco devicecitrix securitycommand and controlcommunication protocolcompromised hostcompromised hostscowrie honeypotcowrie interactionscowrie ssh attackscowrie ssh honeypotcredential accesscredential attackcredential harvestingcredential stuffingctadata exfiltrationdata theftdatabase attacksdatabase securitydcom exploitationddosddos attacksdecoy systemdenial of servicedevice managementdionaea honeypotdionaea interactionsdionaea malware samplesdionaea payloadsdistributed attacksenterprise networkingenterprise securityenumerationeuropeexploitexploit attemptsexploitationexploitation attemptexploited hostexternal threatfailed login attemptsfattfatt detectionsfatt signaturesfin scanfinlandfrancefraud voipftpftp brute forcegermanyhackinghoneynet connecthoneytrap eventshoneytrap exploit attemptshoneytrap honeypothoneytrap interactionshttp attackhttp brute forcehttp probinghttp scannericmpindicatorinformation gatheringinfrastructure acquisitionreconnaissanceinitial accessinjection attacksinternet of thingsintrusion detectioniociot botnetiot/ics attackjapanjplamplamp server attacklateral movementlateral movement techniqueslogin attemptmailoney eventsmailoney honeypotmailoney interactionsmalicious activitymalicious file transfermalicious scanmalicious softwaremalicious trafficmalwaremalware analysismalware behaviourmalware capturemalware delivery attemptmalware distributionmalware propagationmanualmicrosoft technologiesmirai botnetmysql brute forcenetworknetwork attacksnetwork discoverynetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork intrusion detectionnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnorth americanull scanoceaniap0fp0f network fingerprintingp0f signaturespassword attackpassword attacksphishingphishing attackphishing trappolandpossible reconnaissancepotential botnet activitypotential exploit attemptspotential intrusionpotential intrusion attemptprocess injectionprotocol exploitationreconnaissancereconnaissance activityremote accessremote access attackremote servicesresearchedresource hijackingrpcscanscannerscanning activityscripting attackssecurity policysensor-taggedsentrypeer botnetsentrypeer eventssentrypeer interactionsservice discoveryservice enumerationsftp attacksingaporesip brute forcesmtpsmtp attacksmtp brute forcesmtp probingsmtp scanningsocial engineeringsocradarsocradar honeypotspamssh attackssh monitoringsuricata alertssynsyn scant1005t1016t1016.001t1018t1020t1021t1021.001t1021.002t1021.004t1040t1041t1046t1047t1053t1055t1059t1059.003t1059.004t1059.007t1068t1071t1071.001t1076t1078t1083t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1195t1199t1203t1204.002t1210t1213t1486t1496t1499.001t1499.002t1499.003t1555t1555.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1572t1573t1573.001t1583t1587.001t1588t1590.001t1592t1595t1595.001t1595.002t1595.003tannertanner eventstanner interactionstcp protocoltcp scantelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontpottpotceudp port scanudp scanunauthorized accessunauthorized access attemptunauthorized loginunited statesvnc protocolvoipvoip attackvulnerability scanweb application attackweb application attacksweb application scanningweb attackweb exploitationweb shell detectionweb trafficxmas scan
Activity Timeline
Nov 19Nov 19
Threat Activity Heatmap
· Peak: 2025-11-19LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
26
Reports
First seenJun 28, 2024
Last seenNov 19, 2025
GeolocationJP
CountryJapan
LocationTokyo, Tokyo
ASNAS45102
OrgAlibaba.com Singapore E-Commerce Private Limited
Coords35.6893, 139.6899
Hosting
VirusTotal
Not checked
WHOIS
- description
- Observed on T-Pot within last 24h; sensors=honeytrap, p0f, suricata; threshold?1; private IPs excluded.
- raw
- inetnum: 8.208.0.0 - 8.223.255.255 netname: ASEPL-SG descr: Alibaba Cloud (Singapore) Private Limited descr: 51 Bras Basah Road #03-06 Lazada One Singapore 189554, Singapore country: SG org: ORG-ASEP1-AP admin-c: ASEP1-AP tech-c: ASEP1-AP abuse-c: AA1926-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-ASEPL-SG mnt-routes: MAINT-ASEPL-SG mnt-irt: IRT-ASEPL-SG last-modified: 2023-11-09T06:37:20Z source: APNIC irt: IRT-ASEPL-SG address: 1 Raffles Place # 59-00 One Raffles Place, Tower One Singapore, Singapore e-mail: [email protected] abuse-mailbox: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-14 mnt-by: MAINT-ASEPL-SG last-modified: 2025-04-14T07:19:15Z source: APNIC organisation: ORG-ASEP1-AP org-name: Alibaba Cloud (Singapore) Private Limited org-type: LIR country: SG address: 51 Bras Basah Road # 03-06 Lazada One Singapore 189554 phone: +8657185022088-76449 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2024-07-11T12:55:24Z source: APNIC role: ABUSE ASEPLSG country: ZZ address: 1 Raffles Place # 59-00 One Raffles Place, Tower One Singapore, Singapore phone: +000000000 e-mail: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP nic-hdl: AA1926-AP remarks: Generated from irt object IRT-ASEPL-SG remarks: [email protected] was validated on 2025-04-14 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-14T07:19:41Z source: APNIC role: Alibabacom Singapore E-Commerce Private Limited a address: 1 Raffles Place #59-00 One Raffles Place, Tower One Singapore, Singapore country: SG phone: +86-571-85022088 fax-no: +86-571-85022088 e-mail: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP nic-hdl: ASEP1-AP mnt-by: MAINT-ASEPL-SG last-modified: 2025-07-01T06:25:24Z source: APNIC route: 8.221.137.0/24 origin: AS134963 descr: Alibaba.com Singapore E-Commerce Private Limited 8 Shenton Way, #45-01 AXA Tower, Singapore 068811 mnt-by: MAINT-ASEPL-SG last-modified: 2020-01-20T08:01:17Z source: APNIC route: 8.221.137.0/24 origin: AS45102 descr: Alibaba.com Singapore E-Commerce Private Limited 8 Shenton Way, #45-01 AXA Tower, Singapore 068811 mnt-by: MAINT-ASEPL-SG last-modified: 2020-01-20T07:33:41Z source: APNIC
- references
- https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, http://cinsscore.com/list/ci-badguys.txt
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 years ago · Last seen 7 months ago
Appeared in 26 threat reports