Investigation Workspace

Entity: 45.148.10.246 (Ip)

Entity Details
Type
Ip
ASN
AS48090 - TECHOFF SRV LIMITED
Threat Intelligence
Extensive probing of sensitive configuration files and backups (e.g., .env, config/mail), all requests (100%) flagged by WAF, and multiple critical deny rules triggered including LFI-ANOMALY and IPBLOCK.
Linked Entities
TLS Fingerprints (1)
Hostnames Targeted
Hostname Request Count
akamai.darcherif.fr 5438
www.darcherif.fr 1
Paths Targeted (with Hostname Counts)
Path Distinct Hostnames
.git/config 2
__tests__/config/stripe.js 1
./config/stripe-settings.php 1
config/postmark.staging.php 1
./administrator/components/com_stripe/config.php 1
./configurations/smtp.php 1
./.elasticbeanstalk/config.yml 1
config/microsoft_mail.php/ 1
clients/config/stripe.php/ 1
./wp-content/plugins/postman-smtp/postman-smtp.php 1
sites/all/modules/phpmailer/phpmailer.module 1
archives/config/stripe.php/ 1
./wp-content/themes/twentyeighteen/functions.php 1
wp-content/plugins/arweave-mail/arweave-mail.php/ 1
./config/packages/stage/mailer.yaml 1
app/config/stripe_backup.php/ 1
wp-content/themes/oceanwp/functions.php/ 1
.ebextensions/01-stripe.config/ 1
config/local/payment.php/ 1
./wp-content/plugins/fluent-smtp/fluent-smtp.php 1
./wp-content/plugins/smtp-mail/smtp-mail.php 1
wp-content/themes/twentysixteen/functions.php/ 1
src/main/resources/application.yml 1
app/config/parameters.yml 1
wp-content/plugins/wpsimplepay/wpsimplepay.php 1
config/autoload/global.php 1
wp-content/plugins/yith-woocommerce-email-templates/yith-woocommerce-email-templates.php/ 1
migrations/stripe_config.sql 1
./config/phpmailer_config.php 1
wp-content/plugins/wp-mandrill/wpmandrill.class.php/ 1
./application/config/sendgrid.php 1
./wp-content/plugins/wp-mail-smtp/wp-mail-smtp.php 1
./config/mail.production.php 1
./tests/fixtures/mail.php 1
./sites/default/settings.php 1
application/config/smtp.php/ 1
config/sendgrid_settings.php 1
plugins/system/sendgrid/sendgrid.php 1
./config/mail.staging.php 1
app/config/stripe_keys.php/ 1
config/packages/mailer.yaml/ 1
includes/config/email.php 1
config/stripe.production.php/ 1
appsettings.Development.json 1
config/smtp.production.php/ 1
private/config/stripe.php/ 1
wp-content/plugins/fluent-smtp/fluent-smtp.php 1
./wp-content/plugins/woocommerce/includes/emails/class-wc-email.php 1
app/config/parameters.yaml 1
wp-content/plugins/wpforms/wpforms.php/ 1
🚫

Block

Extensive probing of sensitive configuration files and backups (e.g., .env, config/mail), all requests (100%) flagged by WAF, and multiple critical deny rules triggered including LFI-ANOMALY and IPBLOCK.

2025-12-04 12:34:38