Check an IP Address, Domain Name, Subnet, or ASN

93.127.215.248 was found in our database!

$ whois 93.127.215.248

country·🇺🇸 United States

city·Boston

isp·Hostinger International Limited

asn·AS47583

network·Standard

$ sikker risk 93.127.215.248scoring →

confidence

87%Very High

first_seen·Feb 28, 2026

last_seen·19d ago

sessions·11

events·11

$ sikker protocols 93.127.215.248

SSH

4 / 4

HTTP

4 / 4

HTTPS

3 / 3

$ sikker summary 93.127.215.248

93.127.215.248 has a threat confidence score of 87%. This IP address from United States (AS47583, Hostinger International Limited) has been observed in 11 honeypot sessions targeting SSH, HTTP, HTTPS protocols. Detected attack patterns include https dotenv environment file exposure probe, http dotenv file exposure probe. First observed on February 28, 2026, most recently active March 6, 2026.

$ sikker behaviors 93.127.215.248catalog →

highHttps Dotenv Environment File Exposure Probe3x

Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 93.127.215.248

http_method_get4 https_path_dotenv3 http_path_dotenv_local2 http_path_dotenv1

$ sikker related 93.127.215.248

🇺🇸·More threats fromUnited States→AS·More threats fromHostinger International Limited→SSH·More threats targetingSSH→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
72.61.105.212	99%	185
148.230.72.89	56%	1
141.136.35.231	23%	1
187.124.64.137	23%	1
46.202.179.248	29%	21

IP Address	Confidence	Events
64.225.18.181	48%	230
132.145.213.106	100%	889
185.218.138.17	97%	6,397
92.118.39.62	100%	378,135
45.61.184.223	99%	12,734