Check an IP Address, Domain Name, Subnet, or ASN

172.71.103.211 was found in our database!

$ whois 172.71.103.211

country·🇳🇱 The Netherlands

city·Amsterdam

isp·Cloudflare, Inc.

asn·AS13335

network·Standard

$ sikker risk 172.71.103.211scoring →

confidence

18%Low

first_seen·Feb 27, 2026

last_seen·1h ago

sessions·10

events·10

$ sikker protocols 172.71.103.211

HTTP

9 / 9

HTTPS

1 / 1

$ sikker summary 172.71.103.211

172.71.103.211 has a threat confidence score of 18%. This IP address from The Netherlands (AS13335, Cloudflare, Inc.) has been observed in 10 honeypot sessions targeting HTTP, HTTPS protocols. Detected attack patterns include http dotenv file exposure probe. First observed on February 27, 2026, most recently active March 28, 2026.

$ sikker behaviors 172.71.103.211catalog →

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

infoHttp Root Path Request7x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 172.71.103.211

http_method_get100 http_path_dotenv1

$ sikker related 172.71.103.211

🇳🇱·More threats fromThe Netherlands→AS·More threats fromCloudflare, Inc.→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
172.68.164.12	15%	29
162.158.88.74	6%	12
172.69.176.25	15%	16
104.22.66.32	17%	23
172.69.166.40	20%	24

IP Address	Confidence	Events
45.148.10.240	100%	513,505
45.148.10.192	100%	23,439
176.65.148.214	93%	892
51.158.205.203	90%	15,750
130.12.180.51	100%	23,389