Confidence Level

63%

High?

Geolocation

🇯🇵

Japan

ISPG-Core Labs S.A.

ASNAS199524

Activity Timeline

First seenMar 6, 2026, 05:01 AM

Last seen5d ago

4Sessions

4Events

Protocol Breakdown

HTTPS

4 / 4

31.223.184.93 has a high threat confidence level of 63%, originating from Japan, on the G-Core Labs S.A. network (199524). It has been observed across 4 sessions targeting HTTPS, First observed on March 6, 2026, most recently active March 6, 2026.

Behaviors

Classified behavioral patterns observed

Https Dotgit Repository Configuration Exposure Probe

medium1x

Identifies an HTTPS request targeting the .git/config file within a web-accessible repository directory. Access attempts to /.git/config indicate automated repository exposure scanning intended to retrieve remote origin URLs, repository structure, and potentially credential-bearing configuration data. This is a common reconnaissance technique used to identify misconfigured web servers exposing version control metadata.

Https Root Path Request

info2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

Primitives

Individual actions observed

Https Path Root3 Https Path Dotenv1 Https Path Dotgit Config1 Https Path Dotbash History1

Related Threats

Explore related threat intelligence

🇯🇵More threats fromJapan ASMore threats fromG-Core Labs S.A.HTTPSMore threats targetingHTTPS { }Browse allAttack Patterns

WHOIS Lookup

IP Address	Confidence	Events
92.38.169.143	88%	11
31.13.213.232	35%	157
2a03:90c0:146::a4a	12%	6
2a03:90c0:d5::c2	13%	9
2a03:90c0:146::ca2	15%	15

IP Address	Confidence	Events
8.211.172.227	97%	199
167.179.119.118	39%	78
210.149.87.235	94%	72
152.32.146.202	87%	719
202.12.247.222	27%	1