Check an IP Address, Domain Name, Subnet, or ASN

8.213.218.53 was found in our database!

$ whois 8.213.218.53

country·🇹🇭 Thailand

city·Bangkok

isp·Alibaba US Technology Co., Ltd.

asn·AS45102

network·Standard

$ sikker risk 8.213.218.53scoring →

confidence

90%Very High

first_seen·Mar 12, 2026

last_seen·1m ago

sessions·18

events·18

$ sikker protocols 8.213.218.53

HTTP

8 / 8

FTP

4 / 4

SMTP

4 / 4

RDP

2 / 2

$ sikker summary 8.213.218.53

8.213.218.53 has a threat confidence score of 90%. This IP address from Thailand (AS45102, Alibaba US Technology Co., Ltd.) has been observed in 18 honeypot sessions targeting HTTP, FTP, SMTP, RDP protocols. Detected attack patterns include http dotenv file exposure probe. First observed on March 12, 2026, most recently active April 21, 2026.

$ sikker behaviors 8.213.218.53catalog →

highHttp Dotenv File Exposure Probe4x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

mediumRdp Nla Ntlm Authentication Attempt2x

Identifies RDP clients attempting authentication using Network Level Authentication (NLA) with the NTLM challenge-response protocol. This occurs during the CredSSP negotiation phase before a remote desktop session is established and indicates an active credential authentication attempt against the RDP service

infoHttp Http Method Get3x

HTTP request using GET method.

infoHttp Root Path Request3x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 8.213.218.53

smtp_ehlo_greeting8 http_method_get7 ftp_user_probe4 http_path_dotenv4 ftp_password_attempt4 smtp_starttls_upgrade_request4 ftp_session_quit3 rdp_nla_ntlm_auth2 smtp_quit_session_termination1

$ sikker related 8.213.218.53

🇹🇭·More threats fromThailand→AS·More threats fromAlibaba US Technology Co., Ltd.→HTTP·More threats targetingHTTP→FTP·More threats targetingFTP→SMTP·More threats targetingSMTP→RDP·More threats targetingRDP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
8.213.226.36	86%	14,624
8.209.241.244	76%	196
47.239.118.193	65%	7
43.108.9.79	88%	106
47.82.102.46	87%	11,415

IP Address	Confidence	Events
101.51.103.169	89%	8,187
152.32.247.233	96%	5,241
203.154.222.73	83%	1,348
118.193.56.172	93%	650
47.87.70.243	97%	258