Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
104.22.20.87 has a threat confidence score of 23%. This IP address from United States (AS13335, Cloudflare, Inc.) has been observed in 44 honeypot sessions targeting HTTPS, HTTP protocols. Detected attack patterns include https dotenv environment file exposure probe. First observed on February 19, 2026, most recently active March 22, 2026.
Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.
Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration
Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.