Check an IP Address, Domain Name, Subnet, or ASN

103.215.75.70 was found in our database!

$ whois 103.215.75.70

country·🇮🇳 India

isp·SoloRDP

asn·AS150303

network·Standard

$ sikker risk 103.215.75.70scoring →

confidence

79%High

first_seen·Apr 17, 2026

last_seen·7d ago

sessions·21

events·21

$ sikker protocols 103.215.75.70

HTTP

20 / 20

POSTGRES

1 / 1

$ sikker summary 103.215.75.70

103.215.75.70 has a threat confidence score of 79%. This IP address from India (AS150303, SoloRDP) has been observed in 21 honeypot sessions targeting HTTP, POSTGRES protocols. Detected attack patterns include http dotenv file exposure probe. First observed on April 17, 2026, most recently active April 23, 2026.

$ sikker behaviors 103.215.75.70catalog →

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

infoHttp Http Method Get9x

HTTP request using GET method.

infoHttp Root Path Request9x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 103.215.75.70

http_method_get163 http_path_dotenv2 http_path_dotenv_local2 http_request_path_aws_config_file2 http_path_app_dotenv1 http_path_config_json1 http_path_dotenv_staging1 http_path_dotenv_production1 http_path_dotaws_credentials1 http_path_dotenv_development1

$ sikker related 103.215.75.70

🇮🇳·More threats fromIndia→AS·More threats fromSoloRDP→HTTP·More threats targetingHTTP→POST·More threats targetingPOSTGRES→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
103.215.74.60	57%	36
103.215.74.185	97%	160
103.215.74.213	86%	143

IP Address	Confidence	Events
182.71.50.212	76%	392
49.43.2.218	77%	4
163.5.191.154	94%	857
180.150.250.112	95%	1,575
34.131.211.42	100%	1,197