8.208.10.94 — Alibaba US Technology Co., Ltd., GB — Very High (89%)

Check an IP Address, Domain Name, Subnet, or ASN

8.208.10.94 was found in our database!

Confidence Level

89%

Very High?

Geolocation

🇬🇧

United Kingdom

ISPAlibaba US Technology Co., Ltd.

ASNAS45102

Activity Timeline

First seenJan 23, 2026, 10:00 PM

Last seen40m ago

152Sessions

760Events

Protocol Breakdown

HTTPS

49 / 566

REDIS

22 / 59

POSTGRES

26 / 47

HTTP

13 / 38

TELNET

16 / 22

FTP

9 / 10

MONGODB

10 / 10

MSSQL

6 / 6

IMAP

1 / 2

8.208.10.94 has a very high threat confidence level of 89%, originating from United Kingdom, on the Alibaba US Technology Co., Ltd. network (45102). It has been observed across 152 sessions targeting HTTPS, REDIS, POSTGRES, HTTP, TELNET and 4 other protocols, First observed on January 23, 2026, most recently active March 5, 2026.

Behaviors

Classified behavioral patterns observed

Redis Service Fingerprint Enumeration

low11x

Identifies Redis service discovery and basic environment enumeration where an actor probes with invalid commands, validates availability using PING, retrieves server metadata via INFO (case variations), and gracefully exits with QUIT. This pattern is commonly used to fingerprint exposed Redis instances before exploitation.

Redis Automated Service Fingerprinting Sequence

low11x

Identifies an automated Redis service probing sequence consisting of PING, INFO (uppercase invocation), execution of a deliberately nonexistent command to assess error handling behavior, and QUIT. This tightly grouped pattern reflects reconnaissance and fingerprinting activity used by scanners and exploitation frameworks to determine Redis version, configuration details, and command availability prior to follow-on exploitation attempts. The inclusion of a nonexistent command indicates capability probing rather than normal client interaction.

Https Root Path Request

info1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

Http Bad Request Route Probe

info1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

Primitives

Individual actions observed

Https Path Root145 Redis Ping11 Redis Quit11 Redis Info Uppercase11 Redis Nonexistent Command11 Mongodb Ismaster10 Http Method Get1 Http Path Bad Request1

Related Threats

Explore related threat intelligence

🇬🇧More threats fromUnited Kingdom ASMore threats fromAlibaba US Technology Co., Ltd.HTTPSMore threats targetingHTTPS REDISMore threats targetingREDIS POSTGRESMore threats targetingPOSTGRES HTTPMore threats targetingHTTP TELNETMore threats targetingTELNET FTPMore threats targetingFTP MONGODBMore threats targetingMONGODB MSSQLMore threats targetingMSSQL IMAPMore threats targetingIMAP { }Browse allAttack Patterns

WHOIS Lookup

IP Address	Confidence	Events
47.83.120.22	85%	46,235
43.99.4.47	83%	795
47.253.183.81	99%	3,257
47.238.155.10	30%	2
8.210.28.151	88%	104,342

IP Address	Confidence	Events
196.196.253.20	100%	720
85.11.183.25	85%	474
51.89.235.201	89%	37,316
64.89.163.145	100%	13,956
85.11.183.27	84%	431