Check an IP Address, Domain Name, Subnet, or ASN

64.89.163.24 was found in our database!

$ whois 64.89.163.24

country·🇬🇧 United Kingdom

isp·Netiface America, Inc.

asn·AS401626

network·Standard

$ sikker risk 64.89.163.24scoring →

confidence

76%High

first_seen·Feb 5, 2026

last_seen·11m ago

sessions·36

events·82

$ sikker protocols 64.89.163.24

HTTP

28 / 74

TELNET

8 / 8

$ sikker summary 64.89.163.24

64.89.163.24 has a threat confidence score of 76%. This IP address from United Kingdom (AS401626, Netiface America, Inc.) has been observed in 36 honeypot sessions targeting HTTP, TELNET protocols. Detected attack patterns include http dotenv file exposure probe. First observed on February 5, 2026, most recently active March 22, 2026.

$ sikker behaviors 64.89.163.24catalog →

highHttp Dotenv File Exposure Probe3x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 64.89.163.24

http_method_get7 telnet_command_cd5 telnet_command_wget_http_download5 http_path_dotenv3

$ sikker related 64.89.163.24

🇬🇧·More threats fromUnited Kingdom→AS·More threats fromNetiface America, Inc.→HTTP·More threats targetingHTTP→TELN·More threats targetingTELNET→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
64.89.163.154	100%	11,956
64.89.163.244	100%	859
64.89.163.243	100%	5,721
64.89.163.167	100%	16,394
64.89.163.137	94%	4,069

IP Address	Confidence	Events
185.91.69.5	93%	4,574
94.72.102.118	95%	836
194.213.3.5	96%	3,078
185.247.137.178	84%	447
64.89.163.134	93%	3,467