Check an IP Address, Domain Name, Subnet, or ASN

64.227.70.132 was found in our database!

$ whois 64.227.70.132

country·🇳🇱 The Netherlands

city·Amsterdam

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 64.227.70.132scoring →

confidence

75%High

first_seen·Apr 26, 2026

last_seen·1h ago

sessions·9

events·9

$ sikker protocols 64.227.70.132

HTTP

3 / 3

SMTP

2 / 2

SSH

1 / 1

MSSQL

1 / 1

MONGODB

1 / 1

ELASTICSEARCH

1 / 1

$ sikker summary 64.227.70.132

64.227.70.132 has a threat confidence score of 75%. This IP address from The Netherlands (AS14061, DigitalOcean, LLC) has been observed in 9 honeypot sessions targeting HTTP, SMTP, SSH, MSSQL, MONGODB and 1 other protocols. First observed on April 26, 2026, most recently active April 26, 2026.

$ sikker behaviors 64.227.70.132catalog →

infoHttp Http Method Get2x

HTTP request using GET method.

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttp Fetch Robots Txt1x

HTTP GET request to /robots.txt.

infoSmtp Tls Capability Probe1x

Automated SMTP interaction performing a minimal capability check by issuing EHLO followed by a STARTTLS upgrade request and immediately terminating the session. This pattern is commonly associated with internet-wide scanners, security research crawlers, or opportunistic bots verifying whether an SMTP service supports encrypted communication. The absence of authentication attempts or message submission indicates reconnaissance or service fingerprinting rather than active abuse.

$ sikker primitives 64.227.70.132

http_method_get3 elastic_http_get_request3 smtp_ehlo_greeting1 elastic_root_path_probe1 http_robots_txt_path_probe1 smtp_starttls_upgrade_request1 elastic_http_favicon_path_probe1

$ sikker related 64.227.70.132

🇳🇱·More threats fromThe Netherlands→AS·More threats fromDigitalOcean, LLC→HTTP·More threats targetingHTTP→SMTP·More threats targetingSMTP→SSH·More threats targetingSSH→MSSQ·More threats targetingMSSQL→MONG·More threats targetingMONGODB→ELAS·More threats targetingELASTICSEARCH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
167.71.171.234	85%	278
64.225.103.205	90%	127
142.93.145.126	95%	2,342
128.199.118.234	56%	540
168.144.33.116	51%	22

IP Address	Confidence	Events
94.154.35.215	92%	43,586
45.148.10.121	97%	260,093
130.12.180.51	100%	27,744
93.174.93.12	97%	13,962
4.245.40.125	72%	4