Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
170.205.31.109 has a threat confidence score of 100%. This IP address from United States (AS206216, Advin Services LLC) has been observed in 125 honeypot sessions targeting HTTP, HTTPS protocols. Detected attack patterns include https dotenv environment file exposure probe, http dotenv file exposure probe. First observed on February 19, 2026, most recently active February 24, 2026.
Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.
Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.
Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration