Check an IP Address, Domain Name, Subnet, or ASN

44.202.13.116 was found in our database!

$ whois 44.202.13.116

country·🇺🇸 United States

city·Ashburn

isp·Amazon.com, Inc.

asn·AS14618

network·Standard

$ sikker risk 44.202.13.116scoring →

confidence

88%Very High

first_seen·Mar 12, 2026

last_seen·2h ago

first_reported·Mar 21, 2026

last_reported·Mar 21, 2026

sessions·66

events·66

reports·1

$ sikker protocols 44.202.13.116

HTTPS

36 / 36

HTTP

11 / 11

ELASTICSEARCH

8 / 8

FTP

5 / 5

RDP

3 / 3

SSH

3 / 3

DOCKER

0 / 0 / 1r

$ sikker summary 44.202.13.116

44.202.13.116 has a threat confidence score of 88%. This IP address from United States (AS14618, Amazon.com, Inc.) has been observed in 66 honeypot sessions and reported 1 times targeting HTTPS, HTTP, ELASTICSEARCH, FTP, RDP and 2 other protocols. First observed on March 12, 2026, most recently active April 20, 2026.

$ sikker behaviors 44.202.13.116catalog →

infoHttps Path Robots Txt12x

HTTPS request to /robots.txt.

infoHttp Root Path Request10x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request8x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Http Method Get6x

HTTP request using GET method.

infoFtp Tls Upgrade5x

FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.

$ sikker primitives 44.202.13.116

https_path_robots_txt12 http_method_get10 https_path_root8 elastic_http_get_request8 elastic_http_bad_request_path_probe8 ftp_auth_tls5 https_favicon_ico_request1

$ sikker reports 44.202.13.116submit →

Showing 1 of 1 report from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 21, 2026, 18:39	Brute Force	DOCKER	SikkerGuard: 6 blocked packets

$ sikker related 44.202.13.116

🇺🇸·More threats fromUnited States→AS·More threats fromAmazon.com, Inc.→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→ELAS·More threats targetingELASTICSEARCH→FTP·More threats targetingFTP→RDP·More threats targetingRDP→SSH·More threats targetingSSH→DOCK·More threats targetingDOCKER→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
18.215.234.114	93%	321
54.210.74.150	52%	4
44.220.188.65	31%	29
3.213.226.45	61%	2,135
44.220.185.227	54%	24

IP Address	Confidence	Events
168.235.91.128	80%	1,105
144.172.95.158	100%	7,056
154.16.112.232	100%	355,088
198.235.24.239	99%	437
18.218.118.203	100%	47,973