Check an IP Address, Domain Name, Subnet, or ASN

64.252.88.8 was found in our database!

$ whois 64.252.88.8

country·🇩🇪 Germany

city·Frankfurt am Main

isp·Amazon.com, Inc.

asn·AS16509

network·Standard

$ sikker risk 64.252.88.8scoring →

confidence

74%High

first_seen·Apr 5, 2026

last_seen·1h ago

sessions·4

events·4

$ sikker protocols 64.252.88.8

HTTP

4 / 4

$ sikker summary 64.252.88.8

64.252.88.8 has a threat confidence score of 74%. This IP address from Germany (AS16509, Amazon.com, Inc.) has been observed in 4 honeypot sessions targeting HTTP protocols. Detected attack patterns include http dotenv file exposure probe. First observed on April 5, 2026, most recently active April 6, 2026.

$ sikker behaviors 64.252.88.8catalog →

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

infoHttp Http Method Get3x

HTTP request using GET method.

infoHttp Root Path Request3x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 64.252.88.8

http_method_get14 http_path_dotenv1

$ sikker related 64.252.88.8

🇩🇪·More threats fromGermany→AS·More threats fromAmazon.com, Inc.→HTTP·More threats targetingHTTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
3.129.187.38	100%	39,403
18.218.118.203	100%	39,930
13.231.239.44	97%	605
16.58.56.214	100%	41,874
52.66.69.41	96%	2,914

IP Address	Confidence	Events
165.227.170.171	82%	1,287
87.106.33.160	98%	1,921
176.65.132.107	100%	1,316
89.144.2.92	91%	12
194.164.192.90	98%	14,603