Check an IP Address, Domain Name, Subnet, or ASN

103.180.237.169 was found in our database!

$ whois 103.180.237.169

country·🇮🇳 India

isp·WEBYNE DATA CENTRE PRIVATE LIMITED

asn·AS151734

network·Standard

$ sikker risk 103.180.237.169scoring →

confidence

85%Very High

first_seen·Apr 8, 2026

last_seen·1h ago

sessions·45

events·45

$ sikker protocols 103.180.237.169

HTTP

18 / 18

HTTPS

18 / 18

ELASTICSEARCH

9 / 9

$ sikker summary 103.180.237.169

103.180.237.169 has a threat confidence score of 85%. This IP address from India (AS151734, WEBYNE DATA CENTRE PRIVATE LIMITED) has been observed in 45 honeypot sessions targeting HTTP, HTTPS, ELASTICSEARCH protocols. First observed on April 8, 2026, most recently active April 12, 2026.

$ sikker behaviors 103.180.237.169catalog →

lowElastic Service Validation And Index Enumeration9x

Client first performs a generic request to the Elasticsearch root endpoint to verify service availability, then proceeds to request /_cat/indices. This sequence reflects staged Elasticsearch reconnaissance where the actor validates that the cluster is reachable before attempting index enumeration and data exposure assessment. Compared to direct index enumeration behaviors, the interaction begins with a service-validation step, suggesting adaptive probing rather than immediate Elasticsearch-specific targeting.

infoHttp Http Method Get8x

HTTP request using GET method.

infoHttp Root Path Request8x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request8x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 103.180.237.169

elastic_http_get_request27 elastic_root_path_probe18 http_method_get9 https_path_root9 elastic_cat_indices_enumeration9

$ sikker related 103.180.237.169

🇮🇳·More threats fromIndia→AS·More threats fromWEBYNE DATA CENTRE PRIVATE LIMITED→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→ELAS·More threats targetingELASTICSEARCH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
103.99.36.182	18%	32
103.180.237.36	100%	194
103.180.213.239	58%	21
103.180.236.156	48%	2
103.180.236.112	64%	38

IP Address	Confidence	Events
203.115.96.234	34%	198
103.182.132.154	100%	1,060
168.144.22.194	23%	1
59.95.97.197	96%	1,319
103.123.53.88	100%	788