Check an IP Address, Domain Name, Subnet, or ASN

162.158.87.93 was found in our database!

$ whois 162.158.87.93

country·🇩🇪 Germany

city·Frankfurt am Main

isp·Cloudflare, Inc.

asn·AS13335

network·Standard

$ sikker risk 162.158.87.93scoring →

confidence

19%Low

first_seen·Mar 15, 2026

last_seen·1h ago

sessions·3

events·3

$ sikker protocols 162.158.87.93

HTTP

3 / 3

$ sikker summary 162.158.87.93

162.158.87.93 has a threat confidence score of 19%. This IP address from Germany (AS13335, Cloudflare, Inc.) has been observed in 3 honeypot sessions targeting HTTP protocols. Detected attack patterns include http dotenv file exposure probe. First observed on March 15, 2026, most recently active April 8, 2026.

$ sikker behaviors 162.158.87.93catalog →

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

mediumWordpress Urlencoded Auth Probe1x

Identifies HTTP sessions where WordPress authentication is attempted through URL-encoded form credential submission. This pattern is commonly associated with automated login probing, credential stuffing frameworks, or scripted reconnaissance against WordPress admin authentication workflows.

$ sikker primitives 162.158.87.93

http_method_get1 http_path_dotenv1 http_path_xmlrpc_php1 http_wp_login_form_urlencoded_credentials_unordered1

$ sikker related 162.158.87.93

🇩🇪·More threats fromGermany→AS·More threats fromCloudflare, Inc.→HTTP·More threats targetingHTTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
162.158.186.117	9%	9
162.158.90.234	10%	6
104.23.229.62	18%	13
172.71.102.217	10%	15
104.23.168.16	20%	37

IP Address	Confidence	Events
146.0.42.48	86%	65,864
194.164.192.90	98%	17,608
89.163.204.62	87%	82,789
158.173.156.174	76%	1,694
193.142.146.230	100%	38,348