Check an IP Address, Domain Name, Subnet, or ASN

103.168.67.107 was found in our database!

$ whois 103.168.67.107

country·🇺🇸 United States

city·Los Angeles

isp·DIGI VPS

asn·AS142430

network·Standard

$ sikker risk 103.168.67.107scoring →

confidence

85%Very High

first_seen·Apr 17, 2026

last_seen·2d ago

sessions·20

events·20

$ sikker protocols 103.168.67.107

HTTP

20 / 20

$ sikker summary 103.168.67.107

103.168.67.107 has a threat confidence score of 85%. This IP address from United States (AS142430, DIGI VPS) has been observed in 20 honeypot sessions targeting HTTP protocols. Detected attack patterns include http dotenv file exposure probe. First observed on April 17, 2026, most recently active April 17, 2026.

$ sikker behaviors 103.168.67.107catalog →

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

infoHttp Http Method Get11x

HTTP request using GET method.

infoHttp Root Path Request11x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 103.168.67.107

http_method_get22 http_path_dotenv_local2 http_path_dotenv1 http_path_dotenv_production1 http_path_dotaws_credentials1 http_request_path_aws_config_file1

$ sikker related 103.168.67.107

🇺🇸·More threats fromUnited States→AS·More threats fromDIGI VPS→HTTP·More threats targetingHTTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
103.168.66.237	93%	220
103.168.66.141	79%	35
103.168.67.159	92%	213
103.168.66.40	50%	5

IP Address	Confidence	Events
173.255.221.189	85%	2,750
66.132.224.227	98%	447
162.216.150.232	71%	221
170.205.31.254	99%	12,304
157.254.223.76	95%	3,534