Check an IP Address, Domain Name, Subnet, or ASN

88.151.33.224 was found in our database!

$ whois 88.151.33.224

country·🇳🇱 The Netherlands

city·Dronten

isp·NextGenWebs, S.L.

asn·AS41608

network·Standard

$ sikker risk 88.151.33.224scoring →

confidence

73%High

first_seen·Apr 21, 2026

last_seen·1h ago

sessions·14

events·14

$ sikker protocols 88.151.33.224

HTTP

12 / 12

HTTPS

2 / 2

$ sikker summary 88.151.33.224

88.151.33.224 has a threat confidence score of 73%. This IP address from The Netherlands (AS41608, NextGenWebs, S.L.) has been observed in 14 honeypot sessions targeting HTTP, HTTPS protocols. Detected attack patterns include http dotenv file exposure probe. First observed on April 21, 2026, most recently active May 1, 2026.

$ sikker behaviors 88.151.33.224catalog →

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

infoHttp Http Method Get5x

HTTP request using GET method.

infoHttp Root Path Request5x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 88.151.33.224

http_method_get22 http_path_dotenv1 http_path_app_dotenv1 http_path_dotenv_local1 http_path_dotenv_production1 http_path_dotenv_development1

$ sikker related 88.151.33.224

🇳🇱·More threats fromThe Netherlands→AS·More threats fromNextGenWebs, S.L.→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
195.170.172.108	97%	134
185.213.174.45	43%	12
195.170.172.216	50%	722
88.151.33.33	62%	11
185.213.175.176	85%	833

IP Address	Confidence	Events
149.210.203.167	97%	24
204.76.203.206	92%	37,092
185.189.182.234	93%	2,826
176.65.149.253	98%	2,165
178.62.195.162	75%	5