Check an IP Address, Domain Name, Subnet, or ASN

172.64.217.4 was found in our database!

$ whois 172.64.217.4

country·🇺🇸 United States

city·Los Angeles

isp·Cloudflare, Inc.

asn·AS13335

network·Standard

$ sikker risk 172.64.217.4scoring →

confidence

18%Low

first_seen·Mar 10, 2026

last_seen·1h ago

sessions·6

events·6

$ sikker protocols 172.64.217.4

HTTP

6 / 6

$ sikker summary 172.64.217.4

172.64.217.4 has a threat confidence score of 18%. This IP address from United States (AS13335, Cloudflare, Inc.) has been observed in 6 honeypot sessions targeting HTTP protocols. Detected attack patterns include http dotenv file exposure probe. First observed on March 10, 2026, most recently active March 20, 2026.

$ sikker behaviors 172.64.217.4catalog →

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

infoHttp Root Path Request3x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 172.64.217.4

http_method_get16 http_path_dotenv1

$ sikker related 172.64.217.4

🇺🇸·More threats fromUnited States→AS·More threats fromCloudflare, Inc.→HTTP·More threats targetingHTTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
104.23.253.81	8%	1
172.69.39.139	9%	11
172.71.238.248	9%	12
172.69.114.145	6%	8
172.69.91.95	12%	15

IP Address	Confidence	Events
92.118.39.87	100%	249,974
164.90.155.248	100%	8,176
206.168.34.193	50%	1,690
92.118.39.63	100%	46,683
137.184.65.234	100%	7,711