Check an IP Address, Domain Name, Subnet, or ASN

129.232.176.178 was found in our database!

$ whois 129.232.176.178

country·🇿🇦 South Africa

isp·xneelo

asn·AS37153

network·Standard

$ sikker risk 129.232.176.178scoring →

confidence

62%High

first_seen·Mar 29, 2026

last_seen·Mar 29, 2026

sessions·3

events·3

$ sikker protocols 129.232.176.178

HTTPS

3 / 3

$ sikker summary 129.232.176.178

129.232.176.178 has a threat confidence score of 62%. This IP address from South Africa (AS37153, xneelo) has been observed in 3 honeypot sessions targeting HTTPS protocols. Detected attack patterns include https dotenv environment file exposure probe. First observed on March 29, 2026, most recently active March 29, 2026.

$ sikker behaviors 129.232.176.178catalog →

highHttps Dotenv Environment File Exposure Probe1x

Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.

$ sikker primitives 129.232.176.178

https_path_dotenv1 https_path_dotenv_local1

$ sikker related 129.232.176.178

🇿🇦·More threats fromSouth Africa→AS·More threats fromxneelo→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
129.232.207.37	28%	1
129.232.169.253	99%	44
197.189.246.57	81%	5
129.232.230.250	35%	3
129.232.183.237	23%	1

IP Address	Confidence	Events
102.37.129.174	72%	3
154.0.163.160	94%	14
197.242.158.177	98%	31
102.210.146.49	98%	32
197.242.145.144	82%	10