IOC Radar
IPMediumSignal 54/100

8.222.218.20

Location
SingaporeSingapore
Singapore, North West
ASN
AS45102
Alibaba.com Singapore E-Commerce Private Limited
First Seen
Jun 26, 2024
Last Seen
Jun 7, 2026
Jun 26
First Seen
716d ago
Jun 7
Last Seen
6d ago
10
Reports
source reports
54%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
54%
Signal Score
54 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

63 techniques

Network Information

CountrySGSingapore
RegionSingapore, North West
ASNAS45102
OrganizationAlibaba.com Singapore E-Commerce Private Limited

Feed Intelligence Summary

10 reports54% confidence
10
Source reports
54%
Confidence score
Category tags
active scanningaerospace & defenseagainst presentai applicationsai infrastructureai researchai solutionsalibabaamosandroid appandroid bankingandroid trojananti-debugginganti-vmaptartificial intelligenceasiaatomic macosatomic macos stealerbeyondbotnetbrute forcebrute_forcec2 communicationc2 serverchina-nexus aptcloud computingcloud migrationcloud securitycloud servicescloud storagecode executioncommand and controlcommand executioncommunication protocolcommunication technologiescomputer securitycomputer visioncontactcredential accesscredential dumpingcredential harvestingcredential stuffingcredential theftcredential_accesscryptocurrency threatscryptojackingcvecyber attackscyber espionagecyber newscyber riskcyber security newscyber security updatescyber updatesdata breachdata encryptiondata exfiltrationdata poisoningdeep learningdefensedefense contractingdefense evasiondefense logisticsdefense systemsdefense technologydemodiseasedistributed attacksdll injectiondmitry kalinindownload filedriver loadingencrypted communicationenergyenergy distributionexploitextortionfileless malwarefilesfinancefindftpftp brute forcefuturegithubgoogle drivegpkigpuhacker newshacking newshookhookshow to hackhttp scannerhttpshybridicmpimpactin the wildindicatorindonesiainformation securityinformation technologyinfostealerinfrastructure acquisitionreconnaissanceingress tool transferinitial accessinsideinsiktinsikt groupinstallit infrastructurejuniperkalininkernel exploitkilllateral movementlauncherlearnlinuxmachine learningmacosmalicious activitymalicious downloadmalicious softwaremalwaremalware distributionmanualmarkopolomedusamicromilitary operationsmobilemobile carriersmobile networksmobile securitymodel poisoningmopsledmulti-cloud managementnational securitynatural language processingnetworknetwork device compromisenetwork intrusion attemptnetwork reconnaissancenetwork scanningnetwork securitynetwork_reconnaissancenewsnormal filenvidiaoil & gasphishingphishing attackpower generationpower systemsprocess injectionprotectprotocol exploitationpythonransomwarercereconnaissancerecorded futureregistry run keysremote accessremote access toolremote code executionremote servicesrenewable energyreportsreptileresearchedresource hijackingrhttpproxyriskrootkitscheduled tasksecurity operationssingaporesmallsocial engineeringsoftware developmentsoftware exploitationsoftware vulnerabilitysoumnibotsouth koreassh attackstealcstealerstopsuomisupply chainsupply chain vulnerabilitysystem disruptiont1003t1005t1014t1021t1021.001t1027t1036t1040t1041t1049t1053t1055t1056t1059t1059.004t1064t1068t1071t1071.001t1074t1076t1078t1090t1095t1105t1110t1110.002t1134t1140t1190t1192t1199t1203t1205t1210t1219t1486t1490t1496t1499t1499.002t1499.003t1505t1542t1543t1547t1555t1562t1563t1565t1566t1566.001t1566.002t1566.003t1573t1587.001t1590.001t1592t1595t1595.001t1595.002t1595.003t1601tacacstacacs servertelecom servicestelecommunicationstelnet threatthe hacker newsthreat actorthreat intelligencetinyshelltokentrend microtrend visiontriton inference servertwitteruefi bootkitunauthorized accessunc3886uploadurlsvmwarevoicevortaxvulnerabilityweb trafficwmi event subscriptionwrite

Activity Timeline

1 total obs
Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
54
SIGNAL
Signal Score
54%
Confidence
10
Reports
First seenJun 26, 2024
Last seenJun 7, 2026
GeolocationSG
CountrySingapore
LocationSingapore, North West
ASNAS45102
OrgAlibaba.com Singapore E-Commerce Private Limited
Coords1.3673, 103.8014

VirusTotal

Not checked

WHOIS

description
CC=SG ASN=ASNone
raw
inetnum: 8.208.0.0 - 8.223.255.255 netname: ASEPL-SG descr: Alibaba Cloud (Singapore) Private Limited descr: 51 Bras Basah Road #03-06 Lazada One Singapore 189554, Singapore country: SG org: ORG-ASEP1-AP admin-c: ASEP1-AP tech-c: ASEP1-AP abuse-c: AA1926-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-ASEPL-SG mnt-routes: MAINT-ASEPL-SG mnt-irt: IRT-ASEPL-SG last-modified: 2023-11-09T06:37:20Z source: APNIC irt: IRT-ASEPL-SG address: 1 Raffles Place # 59-00 One Raffles Place, Tower One Singapore, Singapore e-mail: [email protected] abuse-mailbox: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-14 mnt-by: MAINT-ASEPL-SG last-modified: 2025-04-14T07:19:15Z source: APNIC organisation: ORG-ASEP1-AP org-name: Alibaba Cloud (Singapore) Private Limited org-type: LIR country: SG address: 51 Bras Basah Road # 03-06 Lazada One Singapore 189554 phone: +8657185022088-76449 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2024-07-11T12:55:24Z source: APNIC role: ABUSE ASEPLSG country: ZZ address: 1 Raffles Place # 59-00 One Raffles Place, Tower One Singapore, Singapore phone: +000000000 e-mail: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP nic-hdl: AA1926-AP remarks: Generated from irt object IRT-ASEPL-SG remarks: [email protected] was validated on 2025-04-14 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-14T07:19:41Z source: APNIC role: Alibabacom Singapore E-Commerce Private Limited a address: 1 Raffles Place #59-00 One Raffles Place, Tower One Singapore, Singapore country: SG phone: +86-571-85022088 fax-no: +86-571-85022088 e-mail: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP nic-hdl: ASEP1-AP mnt-by: MAINT-ASEPL-SG last-modified: 2025-07-01T06:25:24Z source: APNIC route: 8.222.218.0/24 origin: AS134963 descr: Alibaba.com Singapore E-Commerce Private Limited 51 Bras Basah Road #04-08 Lazada One Singapore 189554 mnt-by: MAINT-ASEPL-SG last-modified: 2022-10-19T17:43:32Z source: APNIC route: 8.222.218.0/24 origin: AS45102 descr: Alibaba.com Singapore E-Commerce Private Limited 51 Bras Basah Road #04-08 Lazada One Singapore 189554 mnt-by: MAINT-ASEPL-SG last-modified: 2022-10-19T17:04:08Z source: APNIC
references
https://cloud.google.com/blog/topics/threat-intelligence/uncovering-unc3886-espionage-operations, Cyber Threat Advisory - Chained Vulnerabilities in NVIDIA Triton Expose AI Servers to Remote Code Execution.pdf, https://www.trendmicro.com/en_us/research/25/g/revisiting-unc3886-tactics-to-defend-against-present-risk.html, https://thehackernews.com/2024/04/new-android-trojan-soumnibot-evades.html

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 6 days ago
Appeared in 10 threat reports