Check an IP Address, Domain Name, Subnet, or ASN

8.219.222.66 was found in our database!

$ whois 8.219.222.66

country·🇸🇬 Singapore

isp·Alibaba US Technology Co., Ltd.

asn·AS45102

network·Standard

$ sikker risk 8.219.222.66scoring →

confidence

85%Very High

first_seen·Jan 21, 2026

last_seen·8h ago

first_reported·Mar 13, 2026

last_reported·2d ago

sessions·439

events·573

reports·2

$ sikker protocols 8.219.222.66

REDIS

70 / 135

MSSQL

124 / 124

MONGODB

76 / 108 / 1r

RDP

84 / 84

SSH

52 / 72

MYSQL

33 / 50 / 1r

$ sikker summary 8.219.222.66

8.219.222.66 has a threat confidence score of 85%. This IP address from Singapore (AS45102, Alibaba US Technology Co., Ltd.) has been observed in 439 honeypot sessions and reported 2 times targeting REDIS, MSSQL, MONGODB, RDP, SSH and 1 other protocols. First observed on January 21, 2026, most recently active March 20, 2026.

$ sikker behaviors 8.219.222.66catalog →

mediumMysql User Schema Table Footprint Reconnaissance1x

Attacker enumerates non-system MySQL database schemas and associated table statistics (row counts, storage size, average row size) via metadata queries against the TABLES catalog. This activity indicates targeted discovery of accessible application datasets and data volume profiling to prioritize exfiltration, credential harvesting, or destructive actions against high-value databases.

infoRedis Info Command Invocation4x

Identifies execution of the Redis INFO command (case-insensitive), which retrieves server configuration, version, memory usage, and runtime statistics. This behavior reflects service interrogation and environment fingerprinting activity. While INFO can be used legitimately by administrators, it is also commonly observed during automated scanning and pre-exploitation reconnaissance of exposed Redis instances.

$ sikker primitives 8.219.222.66

redis_info_lowercase14 redis_command_http_host_header_port_63793 mysql_select_tables_metadata_excluding_system_schemas1

$ sikker reports 8.219.222.66submit →

Showing 2 of 2 reports from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 18, 2026, 04:10	Brute Force	MONGODB	SikkerGuard: 2 blocked packets
User	Mar 13, 2026, 21:22	Brute Force	MYSQL	SikkerGuard: 2 blocked packets

$ sikker related 8.219.222.66

🇸🇬·More threats fromSingapore→AS·More threats fromAlibaba US Technology Co., Ltd.→REDI·More threats targetingREDIS→MSSQ·More threats targetingMSSQL→MONG·More threats targetingMONGODB→RDP·More threats targetingRDP→SSH·More threats targetingSSH→MYSQ·More threats targetingMYSQL→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
47.237.191.34	87%	26,461
8.218.174.114	89%	84
47.254.234.203	97%	230
8.210.28.151	88%	134,852
8.210.112.20	81%	25,762

IP Address	Confidence	Events
172.237.74.237	95%	807
149.28.141.178	97%	1,349
43.134.1.142	95%	678
43.134.87.38	95%	669
207.148.117.219	96%	1,458