Check an IP Address, Domain Name, Subnet, or ASN

103.168.66.141 was found in our database!

$ whois 103.168.66.141

country·🇺🇸 United States

city·Los Angeles

isp·DIGI VPS

asn·AS142430

network·Standard

$ sikker risk 103.168.66.141scoring →

confidence

79%High

first_seen·Apr 17, 2026

last_seen·1d ago

sessions·35

events·35

$ sikker protocols 103.168.66.141

HTTPS

35 / 35

$ sikker summary 103.168.66.141

103.168.66.141 has a threat confidence score of 79%. This IP address from United States (AS142430, DIGI VPS) has been observed in 35 honeypot sessions targeting HTTPS protocols. Detected attack patterns include https dotenv environment file exposure probe. First observed on April 17, 2026, most recently active April 18, 2026.

$ sikker behaviors 103.168.66.141catalog →

highHttps Dotenv Environment File Exposure Probe1x

Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.

$ sikker primitives 103.168.66.141

https_path_root4 https_path_dotenv2 https_path_dotenv_production2 https_path_dotenv_local1

$ sikker related 103.168.66.141

🇺🇸·More threats fromUnited States→AS·More threats fromDIGI VPS→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
103.168.66.237	93%	220
103.168.67.107	85%	20
103.168.67.159	92%	213
103.168.66.40	50%	5

IP Address	Confidence	Events
173.255.221.189	85%	2,750
66.132.224.227	98%	447
162.216.150.232	71%	221
170.205.31.254	99%	12,304
157.254.223.76	95%	3,534