Check an IP Address, Domain Name, Subnet, or ASN

38.92.47.195 was found in our database!

$ whois 38.92.47.195

country·🇺🇸 United States

city·Dallas

isp·Tier.Net Technologies LLC

asn·AS397423

network·Standard

$ sikker risk 38.92.47.195scoring →

confidence

89%Very High

first_seen·Mar 27, 2026

last_seen·Mar 27, 2026

sessions·14

events·14

$ sikker protocols 38.92.47.195

HTTP

11 / 11

FTP

1 / 1

SSH

1 / 1

MYSQL

1 / 1

$ sikker summary 38.92.47.195

38.92.47.195 has a threat confidence score of 89%. This IP address from United States (AS397423, Tier.Net Technologies LLC) has been observed in 14 honeypot sessions targeting HTTP, FTP, SSH, MYSQL protocols. Detected attack patterns include http dotenv file exposure probe, http git repository config exposure probe. First observed on March 27, 2026, most recently active March 27, 2026.

$ sikker behaviors 38.92.47.195catalog →

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

highHttp Git Repository Config Exposure Probe1x

Identifies HTTP GET requests targeting /.git/config, indicating attempts to access exposed Git repository configuration files. Successful access may enable repository reconstruction, credential harvesting, or source code disclosure.

infoHttp Root Path Request6x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 38.92.47.195

http_method_get10 ftp_user_probe1 ftp_session_quit1 http_path_dotenv1 ftp_password_attempt1 http_path_dotgit_config1 sql_enumerate_tables_capital1 http_phpunit_eval_stdin_php_path_access1 mysql_set_names_utf8mb4_collate_general_ci1

$ sikker related 38.92.47.195

🇺🇸·More threats fromUnited States→AS·More threats fromTier.Net Technologies LLC→HTTP·More threats targetingHTTP→FTP·More threats targetingFTP→SSH·More threats targetingSSH→MYSQ·More threats targetingMYSQL→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
147.124.203.35	80%	9
147.124.204.27	12%	4
192.154.253.174	45%	22
185.241.149.175	42%	5
154.16.171.227	97%	16

IP Address	Confidence	Events
91.193.232.67	80%	406
18.218.118.203	100%	52,738
147.135.15.2	99%	13,346
64.64.116.158	80%	383
74.249.178.45	88%	205