Check an IP Address, Domain Name, Subnet, or ASN

172.71.183.202 was found in our database!

$ whois 172.71.183.202

country·🇳🇱 The Netherlands

city·Amsterdam

isp·Cloudflare, Inc.

asn·AS13335

network·Standard

$ sikker risk 172.71.183.202scoring →

confidence

25%Low

first_seen·Feb 6, 2026

last_seen·1h ago

sessions·45

events·46

$ sikker protocols 172.71.183.202

HTTP

27 / 27

HTTPS

18 / 19

$ sikker summary 172.71.183.202

172.71.183.202 has a threat confidence score of 25%. This IP address from The Netherlands (AS13335, Cloudflare, Inc.) has been observed in 45 honeypot sessions targeting HTTP, HTTPS protocols. Detected attack patterns include http dotenv file exposure probe. First observed on February 6, 2026, most recently active March 21, 2026.

$ sikker behaviors 172.71.183.202catalog →

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

mediumWordpress Default Credential Bruteforce4x

Automated authentication attempt against a WordPress login endpoint using the common default username admin and weak password pattern. Indicative of credential stuffing or default password brute-force activity targeting internet-exposed WordPress installations.

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 172.71.183.202

http_method_get15 https_path_root9 http_wp_login_form_urlencoded_credentials4 http_wp_login_admin_default_password_attempt4 http_wp_login_form_urlencoded_credentials_unordered4 https_git_head_file_access3 http_path_dotenv1 https_path_dotenv1 https_path_config_json1 https_path_dotgit_config1 https_path_dotaws_credentials1

$ sikker related 172.71.183.202

🇳🇱·More threats fromThe Netherlands→AS·More threats fromCloudflare, Inc.→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
172.68.10.180	13%	50
172.71.184.183	10%	46
172.71.126.200	7%	3
104.22.20.120	10%	18
172.69.134.73	19%	725

IP Address	Confidence	Events
178.16.53.51	52%	12
45.148.10.240	100%	501,587
194.50.16.198	100%	5,101
94.23.150.225	100%	221,353
130.12.180.51	100%	22,097