Check an IP Address, Domain Name, Subnet, or ASN

162.158.39.230 was found in our database!

$ whois 162.158.39.230

country·🇦🇺 Australia

city·Sydney

isp·Cloudflare, Inc.

asn·AS13335

network·Standard

$ sikker risk 162.158.39.230scoring →

confidence

17%Low

first_seen·Mar 11, 2026

last_seen·1h ago

sessions·4

events·4

$ sikker protocols 162.158.39.230

HTTPS

3 / 3

HTTP

1 / 1

$ sikker summary 162.158.39.230

162.158.39.230 has a threat confidence score of 17%. This IP address from Australia (AS13335, Cloudflare, Inc.) has been observed in 4 honeypot sessions targeting HTTPS, HTTP protocols. Detected attack patterns include https dotenv environment file exposure probe. First observed on March 11, 2026, most recently active March 25, 2026.

$ sikker behaviors 162.158.39.230catalog →

highHttps Dotenv Environment File Exposure Probe1x

Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 162.158.39.230

http_method_get2 https_path_root1 https_path_dotenv1

$ sikker related 162.158.39.230

🇦🇺·More threats fromAustralia→AS·More threats fromCloudflare, Inc.→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
162.158.3.151	11%	2
104.23.203.169	15%	366
162.158.217.77	12%	1
172.69.151.218	8%	1
162.158.3.152	6%	4

IP Address	Confidence	Events
110.174.41.242	93%	209
162.158.3.151	11%	2
134.199.175.160	47%	4
162.158.3.152	6%	4
101.0.104.38	99%	7,363