Check an IP Address, Domain Name, Subnet, or ASN

160.187.141.195 was found in our database!

$ whois 160.187.141.195

country·🇸🇬 Singapore

city·Singapore

isp·WebHorizon Internet Services

asn·AS149020

network·Standard

$ sikker risk 160.187.141.195scoring →

confidence

100%Very High

first_seen·Mar 12, 2026

last_seen·17m ago

first_reported·Mar 18, 2026

last_reported·6d ago

sessions·108

events·108

reports·2

$ sikker protocols 160.187.141.195

HTTPS

104 / 104

HTTP

4 / 4 / 2r

$ sikker summary 160.187.141.195

160.187.141.195 has a threat confidence score of 100%. This IP address from Singapore (AS149020, WebHorizon Internet Services) has been observed in 108 honeypot sessions and reported 2 times targeting HTTPS, HTTP protocols. Detected attack patterns include https dotenv environment file exposure probe, http dotenv file exposure probe. First observed on March 12, 2026, most recently active March 26, 2026.

$ sikker behaviors 160.187.141.195catalog →

highHttps Dotenv Environment File Exposure Probe43x

Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

$ sikker primitives 160.187.141.195

https_path_dotenv44 http_method_get1 http_path_dotenv1

$ sikker reports 160.187.141.195submit →

Showing 2 of 2 reports from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 20, 2026, 08:02	Brute Force	HTTP	SikkerGuard: 2 blocked packets
User	Mar 18, 2026, 19:30	Brute Force	HTTP	SikkerGuard: 2 blocked packets

$ sikker related 160.187.141.195

🇸🇬·More threats fromSingapore→AS·More threats fromWebHorizon Internet Services→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
103.179.45.197	82%	6
103.179.44.30	99%	86

IP Address	Confidence	Events
47.237.191.34	87%	34,553
185.200.117.131	88%	126
157.230.44.79	80%	279
43.156.64.195	94%	18
43.119.33.143	85%	17,214