Check an IP Address, Domain Name, Subnet, or ASN

185.217.126.16 was found in our database!

$ whois 185.217.126.16

country·🇫🇷 France

city·Lauterbourg

isp·Contabo GmbH

asn·AS51167

network·Standard

$ sikker risk 185.217.126.16scoring →

confidence

73%High

first_seen·Apr 2, 2026

last_seen·1h ago

sessions·3

events·3

$ sikker protocols 185.217.126.16

HTTPS

3 / 3

$ sikker summary 185.217.126.16

185.217.126.16 has a threat confidence score of 73%. This IP address from France (AS51167, Contabo GmbH) has been observed in 3 honeypot sessions targeting HTTPS protocols. Detected attack patterns include https dotenv environment file exposure probe. First observed on April 2, 2026, most recently active April 2, 2026.

$ sikker behaviors 185.217.126.16catalog →

highHttps Dotenv Environment File Exposure Probe3x

Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.

$ sikker primitives 185.217.126.16

https_path_dotenv3

$ sikker related 185.217.126.16

🇫🇷·More threats fromFrance→AS·More threats fromContabo GmbH→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
94.72.110.157	95%	560
144.91.88.152	82%	6
194.163.159.77	95%	1,201
194.180.176.29	95%	681
212.47.73.255	79%	144

IP Address	Confidence	Events
5.135.106.93	100%	78,493
137.74.16.122	97%	351
51.91.168.102	99%	693,173
54.38.41.116	86%	38,218
54.38.94.109	98%	54,075