Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
34.158.79.105 has a very high threat confidence level of 100%, originating from Groningen, The Netherlands, on the Google LLC network (396982). It has been observed across 2,748 sessions targeting HTTP, HTTPS, with detected attack patterns including https dotenv environment file exposure probe, http dotenv file exposure probe, http git repository config exposure probe, First observed on March 4, 2026, most recently active March 5, 2026.
Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.
Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.
Identifies HTTP GET requests targeting /.git/config, indicating attempts to access exposed Git repository configuration files. Successful access may enable repository reconstruction, credential harvesting, or source code disclosure.
Identifies an HTTPS request targeting the .git/config file within a web-accessible repository directory. Access attempts to /.git/config indicate automated repository exposure scanning intended to retrieve remote origin URLs, repository structure, and potentially credential-bearing configuration data. This is a common reconnaissance technique used to identify misconfigured web servers exposing version control metadata.
Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.
Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.
| Date | Category | Protocol | Comment |
|---|---|---|---|
| Mar 5, 2026 | Brute Force | HTTP | SikkerGuard: 2 blocked packets |
| Mar 4, 2026 | Brute Force | HTTP | SikkerGuard: 2 blocked packets |