Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
45.153.34.154 has a very high threat confidence level of 100%, originating from Eygelshoven, The Netherlands, on the Pfcloud UG (haftungsbeschrankt) network (51396). It has been observed across 148 sessions targeting HTTP, HTTPS, with detected attack patterns including http git repository config exposure probe, http dotenv file exposure probe, androxgh0st payload probe, First observed on February 23, 2026, most recently active March 10, 2026.
Identifies HTTP GET requests targeting /.git/config, indicating attempts to access exposed Git repository configuration files. Successful access may enable repository reconstruction, credential harvesting, or source code disclosure.
Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.
Identifies HTTP requests containing the androxgh0st payload marker in the request body, indicative of automated exploitation or scanning activity associated with Androxgh0st campaigns targeting exposed web applications and misconfigured services.
Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.