Check an IP Address, Domain Name, Subnet, or ASN

172.70.163.57 was found in our database!

$ whois 172.70.163.57

country·🇬🇧 United Kingdom

city·London

isp·Cloudflare, Inc.

asn·AS13335

network·Standard

$ sikker risk 172.70.163.57scoring →

confidence

20%Low

first_seen·Apr 30, 2026

last_seen·59m ago

sessions·2

events·2

$ sikker protocols 172.70.163.57

HTTP

2 / 2

$ sikker summary 172.70.163.57

172.70.163.57 has a threat confidence score of 20%. This IP address from United Kingdom (AS13335, Cloudflare, Inc.) has been observed in 2 honeypot sessions targeting HTTP protocols. Detected attack patterns include http dotenv file exposure probe. First observed on April 30, 2026, most recently active May 3, 2026.

$ sikker behaviors 172.70.163.57catalog →

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

mediumWordpress Urlencoded Auth Probe1x

Identifies HTTP sessions where WordPress authentication is attempted through URL-encoded form credential submission. This pattern is commonly associated with automated login probing, credential stuffing frameworks, or scripted reconnaissance against WordPress admin authentication workflows.

$ sikker primitives 172.70.163.57

http_method_get3 http_path_dotenv1 http_wp_login_form_urlencoded_credentials_unordered1

$ sikker related 172.70.163.57

🇬🇧·More threats fromUnited Kingdom→AS·More threats fromCloudflare, Inc.→HTTP·More threats targetingHTTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
172.71.159.172	19%	22
172.71.182.200	19%	15
104.23.187.24	22%	22
172.70.86.139	19%	8
172.71.160.18	17%	8

IP Address	Confidence	Events
185.53.211.215	94%	1,344
88.80.189.24	43%	550
51.89.235.201	88%	92,762
31.58.214.23	100%	4,828
195.140.214.18	88%	773