Check an IP Address, Domain Name, Subnet, or ASN

32.192.252.248 was found in our database!

$ whois 32.192.252.248

country·🇺🇸 United States

network·Standard

$ sikker risk 32.192.252.248scoring →

confidence

97%Very High

first_seen·Apr 16, 2026

last_seen·2d ago

sessions·440

events·440

$ sikker protocols 32.192.252.248

HTTP

440 / 440

$ sikker summary 32.192.252.248

32.192.252.248 has a threat confidence score of 97%. This IP address from United States has been observed in 440 honeypot sessions targeting HTTP protocols. Detected attack patterns include http dotenv file exposure probe. First observed on April 16, 2026, most recently active April 17, 2026.

$ sikker behaviors 32.192.252.248catalog →

highHttp Dotenv File Exposure Probe4x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

infoHttp Http Method Get113x

HTTP request using GET method.

infoHttp Root Path Request113x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 32.192.252.248

http_method_get171 http_path_app_dotenv11 http_path_dotenv_local10 http_path_dotenv_production9 http_path_dotenv_staging7 http_path_dotenv4 http_path_dotenv_development3

$ sikker related 32.192.252.248

🇺🇸·More threats fromUnited States→HTTP·More threats targetingHTTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
172.210.81.91	93%	194
13.220.230.230	99%	6,089
209.222.101.54	99%	65,721
194.195.210.47	87%	3,071
45.33.12.122	87%	2,812