Check an IP Address, Domain Name, Subnet, or ASN

172.245.21.199 was found in our database!

$ whois 172.245.21.199

country·🇺🇸 United States

city·Los Angeles

isp·HostPapa

asn·AS36352

network·Standard

$ sikker risk 172.245.21.199scoring →

confidence

54%Medium

first_seen·Mar 27, 2026

last_seen·2h ago

sessions·1

events·1

$ sikker protocols 172.245.21.199

HTTPS

1 / 1

$ sikker summary 172.245.21.199

172.245.21.199 has a threat confidence score of 54%. This IP address from United States (AS36352, HostPapa) has been observed in 1 honeypot sessions targeting HTTPS protocols. Detected attack patterns include https dotenv environment file exposure probe. First observed on March 27, 2026, most recently active March 27, 2026.

$ sikker behaviors 172.245.21.199catalog →

highHttps Dotenv Environment File Exposure Probe1x

Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.

$ sikker primitives 172.245.21.199

https_path_dotenv1

$ sikker related 172.245.21.199

🇺🇸·More threats fromUnited States→AS·More threats fromHostPapa→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
157.254.225.75	92%	29
192.210.186.10	100%	1,512
198.46.216.242	32%	17
104.168.56.24	88%	13
198.12.115.30	97%	3,902

IP Address	Confidence	Events
3.132.26.232	100%	13,183
205.251.116.71	95%	1,474
157.254.225.75	92%	29
45.205.1.8	97%	11,106
45.61.184.223	99%	20,292