Check an IP Address, Domain Name, Subnet, or ASN

104.23.166.25 was found in our database!

$ whois 104.23.166.25

country·🇳🇱 The Netherlands

city·Amsterdam

isp·Cloudflare, Inc.

asn·AS13335

network·Standard

$ sikker risk 104.23.166.25scoring →

confidence

13%Low

first_seen·Mar 9, 2026

last_seen·1h ago

sessions·2

events·2

$ sikker protocols 104.23.166.25

HTTP

1 / 1

HTTPS

1 / 1

$ sikker summary 104.23.166.25

104.23.166.25 has a threat confidence score of 13%. This IP address from The Netherlands (AS13335, Cloudflare, Inc.) has been observed in 2 honeypot sessions targeting HTTP, HTTPS protocols. First observed on March 9, 2026, most recently active March 21, 2026.

$ sikker behaviors 104.23.166.25catalog →

mediumHttps Dotgit Repository Configuration Exposure Probe1x

Identifies an HTTPS request targeting the .git/config file within a web-accessible repository directory. Access attempts to /.git/config indicate automated repository exposure scanning intended to retrieve remote origin URLs, repository structure, and potentially credential-bearing configuration data. This is a common reconnaissance technique used to identify misconfigured web servers exposing version control metadata.

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 104.23.166.25

http_method_get1 https_path_dotgit_config1

$ sikker related 104.23.166.25

🇳🇱·More threats fromThe Netherlands→AS·More threats fromCloudflare, Inc.→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
172.71.198.84	13%	7
104.22.20.108	19%	811
172.71.198.85	8%	7
172.69.179.198	7%	8
172.69.134.72	19%	814

IP Address	Confidence	Events
45.148.10.240	100%	499,869
185.130.225.180	97%	2,734
94.23.150.225	100%	220,135
94.154.35.215	93%	34,827
89.34.230.128	96%	937