Check an IP Address, Domain Name, Subnet, or ASN

172.71.148.33 was found in our database!

$ whois 172.71.148.33

country·🇩🇪 Germany

city·Frankfurt am Main

isp·Cloudflare, Inc.

asn·AS13335

network·Standard

$ sikker risk 172.71.148.33scoring →

confidence

22%Low

first_seen·Jan 24, 2026

last_seen·2h ago

sessions·42

events·64

$ sikker protocols 172.71.148.33

HTTP

22 / 36

HTTPS

20 / 28

$ sikker summary 172.71.148.33

172.71.148.33 has a threat confidence score of 22%. This IP address from Germany (AS13335, Cloudflare, Inc.) has been observed in 42 honeypot sessions targeting HTTP, HTTPS protocols. First observed on January 24, 2026, most recently active April 10, 2026.

$ sikker behaviors 172.71.148.33catalog →

mediumWordpress Default Credential Bruteforce4x

Automated authentication attempt against a WordPress login endpoint using the common default username admin and weak password pattern. Indicative of credential stuffing or default password brute-force activity targeting internet-exposed WordPress installations.

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttp Http Method Get1x

HTTP request using GET method.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 172.71.148.33

http_wp_login_form_urlencoded_credentials4 http_wp_login_admin_default_password_attempt4 http_wp_login_form_urlencoded_credentials_unordered4 https_path_dotgit_config3 http_method_get2 https_path_app_dotenv2 https_path_dotenv_development2 https_path_root1 https_path_dotenv_local1 https_path_dotenv_production1 https_phpunit_eval_stdin_rce_probe1 https_path_wp_admin_setup_config_php1

$ sikker related 172.71.148.33

🇩🇪·More threats fromGermany→AS·More threats fromCloudflare, Inc.→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
172.71.172.218	20%	8
162.158.216.4	8%	4
104.23.168.77	9%	7
172.71.158.147	17%	10
104.23.168.23	11%	3

IP Address	Confidence	Events
158.173.156.174	81%	4,895
193.142.146.230	100%	38,597
158.173.154.36	84%	11,373
5.1.77.72	82%	1,627
194.164.192.90	98%	20,326