Check an IP Address, Domain Name, Subnet, or ASN

8.216.3.212 was found in our database!

$ whois 8.216.3.212

country·🇯🇵 Japan

city·Tokyo

isp·Alibaba US Technology Co., Ltd.

asn·AS45102

network·Standard

$ sikker risk 8.216.3.212scoring →

confidence

69%High

first_seen·Apr 5, 2026

last_seen·1d ago

sessions·17

events·17

$ sikker protocols 8.216.3.212

REDIS

7 / 7

HTTP

4 / 4

MSSQL

3 / 3

SMTP

1 / 1

MYSQL

1 / 1

ELASTICSEARCH

1 / 1

$ sikker summary 8.216.3.212

8.216.3.212 has a threat confidence score of 69%. This IP address from Japan (AS45102, Alibaba US Technology Co., Ltd.) has been observed in 17 honeypot sessions targeting REDIS, HTTP, MSSQL, SMTP, MYSQL and 1 other protocols. First observed on April 5, 2026, most recently active April 29, 2026.

$ sikker behaviors 8.216.3.212catalog →

mediumMysql User Schema Table Footprint Reconnaissance1x

Attacker enumerates non-system MySQL database schemas and associated table statistics (row counts, storage size, average row size) via metadata queries against the TABLES catalog. This activity indicates targeted discovery of accessible application datasets and data volume profiling to prioritize exfiltration, credential harvesting, or destructive actions against high-value databases.

infoHttp Http Method Get2x

HTTP request using GET method.

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoRedis Info Command Invocation1x

Identifies execution of the Redis INFO command (case-insensitive), which retrieves server configuration, version, memory usage, and runtime statistics. This behavior reflects service interrogation and environment fingerprinting activity. While INFO can be used legitimately by administrators, it is also commonly observed during automated scanning and pre-exploitation reconnaissance of exposed Redis instances.

$ sikker primitives 8.216.3.212

redis_info_lowercase4 elastic_http_get_request4 http_method_get2 elastic_root_path_probe2 elastic_cat_indices_enumeration1 elastic_http_bad_request_path_probe1 redis_command_http_host_header_port_63791 mysql_select_tables_metadata_excluding_system_schemas1

$ sikker related 8.216.3.212

🇯🇵·More threats fromJapan→AS·More threats fromAlibaba US Technology Co., Ltd.→REDI·More threats targetingREDIS→HTTP·More threats targetingHTTP→MSSQ·More threats targetingMSSQL→SMTP·More threats targetingSMTP→MYSQ·More threats targetingMYSQL→ELAS·More threats targetingELASTICSEARCH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
47.239.119.74	78%	3,725
47.76.130.255	83%	61,419
47.243.64.124	95%	1,273
47.245.28.97	96%	1,791
8.216.3.150	12%	4

IP Address	Confidence	Events
47.245.28.97	96%	1,791
118.193.61.170	100%	1,206
210.149.87.82	92%	39
8.216.3.150	12%	4
49.212.205.206	95%	456