Check an IP Address, Domain Name, Subnet, or ASN

23.177.184.46 was found in our database!

$ whois 23.177.184.46

country·🇺🇸 United States

city·Fremont

isp·ZhouyiSat Communications

asn·AS400992

network·Standard

$ sikker risk 23.177.184.46scoring →

confidence

100%Very High

first_seen·Mar 13, 2026

last_seen·12d ago

sessions·400

events·400

$ sikker protocols 23.177.184.46

HTTP

260 / 260

HTTPS

72 / 72

SSH

68 / 68

$ sikker summary 23.177.184.46

23.177.184.46 has a threat confidence score of 100%. This IP address from United States (AS400992, ZhouyiSat Communications) has been observed in 400 honeypot sessions targeting HTTP, HTTPS, SSH protocols. Detected attack patterns include http dotenv file exposure probe, https dotenv environment file exposure probe. First observed on March 13, 2026, most recently active March 17, 2026.

$ sikker behaviors 23.177.184.46catalog →

highHttp Dotenv File Exposure Probe115x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

highHttps Dotenv Environment File Exposure Probe6x

Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.

infoHttps Root Path Request59x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 23.177.184.46

http_method_get189 http_path_dotenv126 ssh_echo_semicolon_uname_a_sequence68 https_path_root64 http_phpunit_eval_stdin_php_path_access63 https_path_dotenv6

$ sikker related 23.177.184.46

🇺🇸·More threats fromUnited States→AS·More threats fromZhouyiSat Communications→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→SSH·More threats targetingSSH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
185.236.25.178	83%	13
23.172.217.58	62%	14
185.236.25.175	60%	57
185.245.35.68	35%	3
185.250.180.3	82%	6

IP Address	Confidence	Events
66.210.241.74	77%	424
20.171.32.10	50%	35
162.254.3.130	86%	26,188
47.254.16.93	88%	21
20.14.88.150	76%	154