Check an IP Address, Domain Name, Subnet, or ASN

104.22.62.180 was found in our database!

$ whois 104.22.62.180

country·🇺🇸 United States

network·Standard

$ sikker risk 104.22.62.180scoring →

confidence

19%Low

first_seen·Apr 4, 2026

last_seen·1h ago

sessions·6

events·6

$ sikker protocols 104.22.62.180

HTTP

4 / 4

HTTPS

2 / 2

$ sikker summary 104.22.62.180

104.22.62.180 has a threat confidence score of 19%. This IP address from United States has been observed in 6 honeypot sessions targeting HTTP, HTTPS protocols. Detected attack patterns include http dotenv file exposure probe. First observed on April 4, 2026, most recently active April 18, 2026.

$ sikker behaviors 104.22.62.180catalog →

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

infoHttp Root Path Request3x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttp Http Method Get2x

HTTP request using GET method.

$ sikker primitives 104.22.62.180

http_method_get4 http_path_dotenv1

$ sikker related 104.22.62.180

🇺🇸·More threats fromUnited States→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
45.79.134.237	88%	23
212.102.40.218	82%	42,391
205.210.31.27	96%	337
13.220.230.230	98%	1,585
209.222.101.54	99%	64,393