Check an IP Address, Domain Name, Subnet, or ASN

43.112.73.7 was found in our database!

$ whois 43.112.73.7

country·🇺🇸 United States

isp·Alibaba US Technology Co., Ltd.

asn·AS45102

network·Standard

$ sikker risk 43.112.73.7scoring →

confidence

97%Very High

first_seen·Apr 5, 2026

last_seen·1h ago

sessions·49

events·49

$ sikker protocols 43.112.73.7

HTTP

49 / 49

$ sikker summary 43.112.73.7

43.112.73.7 has a threat confidence score of 97%. This IP address from United States (AS45102, Alibaba US Technology Co., Ltd.) has been observed in 49 honeypot sessions targeting HTTP protocols. Detected attack patterns include http dotenv file exposure probe, http git repository config exposure probe. First observed on April 5, 2026, most recently active April 6, 2026.

$ sikker behaviors 43.112.73.7catalog →

highHttp Dotenv File Exposure Probe2x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

highHttp Git Repository Config Exposure Probe1x

Identifies HTTP GET requests targeting /.git/config, indicating attempts to access exposed Git repository configuration files. Successful access may enable repository reconstruction, credential harvesting, or source code disclosure.

infoHttp Http Method Get15x

HTTP request using GET method.

infoHttp Root Path Request15x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttp Fetch Robots Txt1x

HTTP GET request to /robots.txt.

infoHttp Bad Request Route Probe1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 43.112.73.7

http_method_get255 http_path_dotenv4 http_path_dotgit_config4 http_git_head_file_access4 http_robots_txt_path_probe4 http_path_dotenv_development4 http_path_config_json3 http_path_dotenv_local3 http_path_dotenv_staging3 http_path_dotenv_production3 http_path_dotaws_credentials3 http_request_path_aws_config_file3 http_path_bad_request2

$ sikker related 43.112.73.7

🇺🇸·More threats fromUnited States→AS·More threats fromAlibaba US Technology Co., Ltd.→HTTP·More threats targetingHTTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
47.76.105.46	82%	5,222
47.83.143.175	78%	2,847
47.86.44.180	79%	942
47.239.226.124	71%	649
47.83.15.218	83%	8,586

IP Address	Confidence	Events
64.62.197.2	100%	1,769
45.131.194.160	85%	1,951
92.118.39.76	100%	112,365
3.131.220.121	100%	21,693
67.205.182.17	64%	10