Check an IP Address, Domain Name, Subnet, or ASN

119.40.84.186 was found in our database!

$ whois 119.40.84.186

country·🇧🇩 Bangladesh

city·Dhaka

isp·BDCOM Online Limited

asn·AS24122

network·Standard

$ sikker risk 119.40.84.186scoring →

confidence

100%Very High

first_seen·Jan 30, 2026

last_seen·3d ago

first_reported·Feb 27, 2026

last_reported·29d ago

sessions·72

events·194

reports·1

$ sikker protocols 119.40.84.186

HTTP

51 / 161 / 1r

HTTPS

20 / 32

RDP

1 / 1

$ sikker summary 119.40.84.186

119.40.84.186 has a threat confidence score of 100%. This IP address from Bangladesh (AS24122, BDCOM Online Limited) has been observed in 72 honeypot sessions and reported 1 times targeting HTTP, HTTPS, RDP protocols. Detected attack patterns include http dotenv file exposure probe, https dotenv environment file exposure probe. First observed on January 30, 2026, most recently active March 25, 2026.

$ sikker behaviors 119.40.84.186catalog →

highHttp Dotenv File Exposure Probe32x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

highHttps Dotenv Environment File Exposure Probe2x

Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.

infoHttp Root Path Request3x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request3x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 119.40.84.186

http_method_get95 http_path_dotenv32 https_path_root3 https_path_dotenv2

$ sikker reports 119.40.84.186submit →

Showing 1 of 1 report from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Feb 27, 2026, 13:06	Brute Force	HTTP	SikkerGuard: 6 blocked packets

$ sikker related 119.40.84.186

🇧🇩·More threats fromBangladesh→AS·More threats fromBDCOM Online Limited→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→RDP·More threats targetingRDP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
210.4.68.73	51%	453
210.4.64.130	19%	35
119.40.87.33	34%	118
210.4.66.211	22%	30
210.4.67.222	33%	147

IP Address	Confidence	Events
103.239.255.215	97%	3,133
45.64.134.75	94%	186,642
202.84.34.85	40%	310
43.230.210.131	44%	348
103.239.252.132	100%	527