Investigation Workspace

Entity: 45.148.10.158 (Ip)

Entity Details
Type
Ip
ASN
AS48090 - TECHOFF SRV LIMITED
Threat Intelligence
Aggressively probed sensitive configuration and credential files, with all requests flagged by WAF, triggered critical LFI-ANOMALY and reputation-based deny rules, and belongs to blocklisted ASN AS48090 which has other IPs exhibiting identical severe malicious behavior.
Linked Entities
TLS Fingerprints (2)
Hostnames Targeted
Hostname Request Count
www.darcherif.fr 42
akamai.darcherif.fr 22
Paths Targeted (with Hostname Counts)
Path Distinct Hostnames
phpinfo 2
phpinfo.php 2
.env.prod 2
info 2
.env.save 2
.env 2
.gitignore 1
config/env/production/database.js 1
dev/.env 1
info.php 1
i.php 1
.git/config 1
config.js 1
application.yml 1
bootstrap/.env 1
credentials.json 1
.env.production 1
swagger.json 1
api/.env 1
secrets.json 1
application/.env 1
server.js 1
.env.deploy 1
config.php.bak 1
wp/.env 1
.env.staging 1
php.php 1
appsettings.json 1
.git/HEAD 1
.git-credentials 1
admin/.env 1
config.json 1
test.php 1
.env.example 1
.aws/credentials 1
api/swagger.json 1
sendgrid.env 1
.env.backup 1
.gitconfig 1
backend/.env 1
php_info.php 1
configuration.php.bak 1
config/secrets.env 1
wp-config.php.txt 1
_profiler/phpinfo 1
wp-config.php.bak 1
wp-admin/phpinfo.php 1
.env.old 1
🚫

Block

Aggressively probed sensitive configuration and credential files, with all requests flagged by WAF, triggered critical LFI-ANOMALY and reputation-based deny rules, and belongs to blocklisted ASN AS48090 which has other IPs exhibiting identical severe malicious behavior.

2026-01-10 06:33:02