IOC Radar
IPMediumSignal 62/100

8.222.225.8

Location
SingaporeSingapore
Singapore, Unknown
ASN
AS45102
Alibaba.com Singapore E-Commerce Private Limited
First Seen
Nov 29, 2024
Last Seen
Apr 21, 2026
Nov 29
First Seen
576d ago
Apr 21
Last Seen
68d ago
16
Reports
source reports
62%
Confidence
medium
Found in 16 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
62%
Signal Score
62 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

67 techniques

Network Information

CountrySGSingapore
RegionSingapore, Unknown
ASNAS45102
OrganizationAlibaba.com Singapore E-Commerce Private Limited

Feed Intelligence Summary

16 reports62% confidence
16
Source reports
62%
Confidence score
Category tags
abuseactive scanactive scanningaerospace & defenseagainst presentakiraanti-debugginganti-vmaptasiaasyncratbackbackdoorbad reputationbelarusbeyondbitcoinblockchainbodybotnetbotnet activitybrute forcebrute_forcec2 communicationchina-nexus aptchiselclick-based attackcloud computingcloud infrastructurecloud migrationcloud securitycloud servicescloud storageclustercobalt strikecode executioncode injectioncoldcommand & controlcommand and controlcommand executioncommentcommodity contracts intermediationcommunication protocolcommunication technologiesconticorecrashcredential accesscredential dumpingcredential harvestingcredential stuffingcredential_accesscrypto exchangecrypto miningcrypto walletcryptocurrencyctacustom malwarecyber espionagecyber riskdarkgatedarksidedata encryptiondata exfiltrationdata store exposuredata theftdcratddosdecentralized financedefensedefense contractingdefense evasiondefense logisticsdefense systemsdefense technologydeltademodenial of servicedigital currencydiseasedistributed attacksdll injectiondonedonutdriver loadingdropelevateencryptencrypted communicationencryptioneol vulnerabilityeuropeexploitexploitation activityextortionfalsefigcaptionfigurefileless malwarefilesfindfirstformatfreebsdfreebsd shellftpgeminighostghosttowngobratgobrat orbgobratt orbgoogle threatgrepgtighasheshookhookshttp scannerhttpshybridicmpidentity & access exploitationimpactimpair defensesimportindicatorindonesiainfoinformation technologyingress tool transferinjection activityinput validation bypassinsideinstalliot securityit infrastructurejuniperjuniper malwarejuniper mxjuniper networksjuniper routersjunosjunos oskernel exploitkillkimsukylateral movementlaunchlauncherlearnlinux malwareloaderlockbitlogiclooplostmachomalicious activitymalicious downloadmalicious linksmalicious powershell activitymalicious softwaremalwaremalware distributionmediamedusametasploitmicromiddlemilitary operationsmobilemobile carriersmobile networksmobile securitymonitoringmulti-cloud managementnation-state activitynational securitynetworknetwork attacksnetwork compromisenetwork device compromisenetwork intrusionnetwork protocolnetwork scanningnetwork securitynetwork_reconnaissancenewsnextnirvananoescapenormal fileoutsidepath traversalphishingphishing attackplaypoolratprocess injectionprotectprotocol exploitationpushpythonqakbotqilinransomhouseransomwarerapidreconreconnaissanceregistry run keysremote accessremote access toolremote servicesreportsreptileresearchedriskrogue threatrootkitrouter exploitrubyrustscannerscheduled taskschoolscripting attackssecurity operationsservicesgshadowshellsingaporeslovakiasmallsmokeloadersocial engineeringsoftware developmentsoftware exploitationspanspawnssh attackstopstreamstringsstrongsuomiswiftsystem disruptiont1003t1005t1014t1021t1021.001t1027t1036t1040t1041t1049t1053t1053.005t1055t1056t1059t1059.001t1059.003t1059.004t1064t1068t1071t1071.001t1074t1076t1078t1086t1090t1090.001t1095t1102t1105t1110t1110.002t1133t1140t1190t1199t1203t1204t1204.001t1204.002t1205t1219t1486t1490t1496t1499.002t1499.003t1505.001t1542t1547t1547.001t1562t1563t1565t1566t1566.001t1566.002t1566.003t1569.002t1573t1573.001t1595t1595.001t1595.002t1595.003t1601targettbodytechtelecom servicestelecommunicationtelecommunicationstelnet threattermthreat actorthreat actor activitythreat intelligencetinyshelltoolstor nodetracetrend microtrend visiontronturlauefi bootkitukraineunauthorized devicesunc3886urlsuser executionveriexec bypassverifyvmwarevoicevulnerability scanwarzoneweb application attackweb application exploitationweb trafficwhispergatewindows malwarewmi event subscriptionwritezerozipline

Activity Timeline

1 total obs
Apr 21Apr 21

Threat Activity Heatmap

· Peak: 2026-04-21
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
62
SIGNAL
Signal Score
62%
Confidence
16
Reports
First seenNov 29, 2024
Last seenApr 21, 2026
GeolocationSG
CountrySingapore
LocationSingapore, Unknown
ASNAS45102
OrgAlibaba.com Singapore E-Commerce Private Limited
Coords1.3521, 103.8200

VirusTotal

Not checked

WHOIS

description
CC=SG ASN=ASNone
raw
inetnum: 8.208.0.0 - 8.223.255.255 netname: ASEPL-SG descr: Alibaba Cloud (Singapore) Private Limited descr: 51 Bras Basah Road #03-06 Lazada One Singapore 189554, Singapore country: SG org: ORG-ASEP1-AP admin-c: ASEP1-AP tech-c: ASEP1-AP abuse-c: AA1926-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-ASEPL-SG mnt-routes: MAINT-ASEPL-SG mnt-irt: IRT-ASEPL-SG last-modified: 2023-11-09T06:37:20Z source: APNIC irt: IRT-ASEPL-SG address: 1 Raffles Place e-mail: [email protected] abuse-mailbox: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-14 mnt-by: MAINT-ASEPL-SG last-modified: 2025-09-04T07:13:51Z source: APNIC organisation: ORG-ASEP1-AP org-name: Alibaba Cloud (Singapore) Private Limited org-type: LIR country: SG address: 51 Bras Basah Road # 03-06 Lazada One Singapore 189554 phone: +8657185022088-76449 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2024-07-11T12:55:24Z source: APNIC role: ABUSE ASEPLSG country: ZZ address: 1 Raffles Place # 59-00 One Raffles Place, Tower One Singapore, Singapore phone: +000000000 e-mail: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP nic-hdl: AA1926-AP remarks: Generated from irt object IRT-ASEPL-SG remarks: [email protected] was validated on 2025-04-14 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-14T07:19:41Z source: APNIC role: Alibabacom Singapore E-Commerce Private Limited a address: 1 Raffles Place #59-00 One Raffles Place, Tower One Singapore, Singapore country: SG phone: +86-571-85022088 fax-no: +86-571-85022088 e-mail: [email protected] admin-c: ASEP1-AP tech-c: ASEP1-AP nic-hdl: ASEP1-AP mnt-by: MAINT-ASEPL-SG last-modified: 2025-07-01T06:25:24Z source: APNIC route: 8.222.225.0/24 origin: AS134963 descr: Alibaba.com Singapore E-Commerce Private Limited 51 Bras Basah Road #04-08 Lazada One Singapore 189554 mnt-by: MAINT-ASEPL-SG last-modified: 2022-10-19T17:44:16Z source: APNIC route: 8.222.225.0/24 origin: AS45102 descr: Alibaba.com Singapore E-Commerce Private Limited 51 Bras Basah Road #04-08 Lazada One Singapore 189554 mnt-by: MAINT-ASEPL-SG last-modified: 2022-10-19T17:08:10Z source: APNIC
references
https://www.trendmicro.com/en_us/research/25/g/revisiting-unc3886-tactics-to-defend-against-present-risk.html, https://feeds.feedburner.com/threatintelligence/pvexyqv7v0v, https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 16 threat reports