Check an IP Address, Domain Name, Subnet, or ASN

64.252.72.244 was found in our database!

$ whois 64.252.72.244

country·🇺🇸 United States

city·Boardman

isp·Amazon.com, Inc.

asn·AS16509

network·Standard

$ sikker risk 64.252.72.244scoring →

confidence

82%Very High

first_seen·Apr 18, 2026

last_seen·54m ago

sessions·28

events·28

$ sikker protocols 64.252.72.244

HTTP

28 / 28

$ sikker summary 64.252.72.244

64.252.72.244 has a threat confidence score of 82%. This IP address from United States (AS16509, Amazon.com, Inc.) has been observed in 28 honeypot sessions targeting HTTP protocols. Detected attack patterns include http dotenv file exposure probe. First observed on April 18, 2026, most recently active May 1, 2026.

$ sikker behaviors 64.252.72.244catalog →

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

infoHttp Http Method Get18x

HTTP request using GET method.

infoHttp Root Path Request18x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttp Fetch Robots Txt9x

HTTP GET request to /robots.txt.

$ sikker primitives 64.252.72.244

http_method_get48 http_robots_txt_path_probe9 http_path_dotenv1

$ sikker related 64.252.72.244

🇺🇸·More threats fromUnited States→AS·More threats fromAmazon.com, Inc.→HTTP·More threats targetingHTTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
52.193.244.90	97%	7,382
3.132.26.232	100%	23,976
15.158.253.102	63%	22
18.116.101.220	100%	56,133
3.130.168.2	100%	47,433

IP Address	Confidence	Events
154.127.53.103	96%	4,190
18.116.101.220	100%	56,139
35.222.218.211	92%	11
161.35.135.119	99%	217
34.139.59.183	91%	14