Check an IP Address, Domain Name, Subnet, or ASN

103.168.66.237 was found in our database!

$ whois 103.168.66.237

country·🇺🇸 United States

city·Los Angeles

isp·DIGI VPS

asn·AS142430

network·Standard

$ sikker risk 103.168.66.237scoring →

confidence

92%Very High

first_seen·Apr 12, 2026

last_seen·1h ago

sessions·138

events·138

$ sikker protocols 103.168.66.237

HTTPS

77 / 77

HTTP

61 / 61

$ sikker summary 103.168.66.237

103.168.66.237 has a threat confidence score of 92%. This IP address from United States (AS142430, DIGI VPS) has been observed in 138 honeypot sessions targeting HTTPS, HTTP protocols. Detected attack patterns include http git repository config exposure probe. First observed on April 12, 2026, most recently active April 17, 2026.

$ sikker behaviors 103.168.66.237catalog →

highHttp Git Repository Config Exposure Probe1x

Identifies HTTP GET requests targeting /.git/config, indicating attempts to access exposed Git repository configuration files. Successful access may enable repository reconstruction, credential harvesting, or source code disclosure.

infoHttp Bad Request Route Probe13x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

infoHttps Root Path Request10x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Http Method Get4x

HTTP request using GET method.

infoHttp Root Path Request4x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 103.168.66.237

http_method_get83 https_path_root18 http_path_bad_request13 https_path_dotenv_production3 https_path_dotenv_local2 https_path_dotaws_credentials2 http_path_dotenv1 https_path_dotenv1 http_path_app_dotenv1 http_path_config_json1 https_path_app_dotenv1 http_path_dotenv_local1 https_path_config_json1 http_path_dotgit_config1 http_path_dotenv_staging1 https_path_dotgit_config1 https_path_dotenv_staging1 http_path_dotenv_production1 http_path_dotaws_credentials1 http_path_dotenv_development1

$ sikker related 103.168.66.237

🇺🇸·More threats fromUnited States→AS·More threats fromDIGI VPS→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
103.168.67.159	92%	213
103.168.66.40	50%	5

IP Address	Confidence	Events
137.184.98.37	57%	6
157.254.223.77	95%	3,054
165.232.74.249	60%	26
66.240.205.34	84%	2,540
198.235.24.132	96%	342