Check an IP Address, Domain Name, Subnet, or ASN

146.70.138.229 was found in our database!

$ whois 146.70.138.229

country·🇯🇵 Japan

city·Tokyo

isp·M247 Europe SRL

asn·AS9009

network·Standard

$ sikker risk 146.70.138.229scoring →

confidence

72%High

first_seen·Mar 24, 2026

last_seen·1h ago

sessions·5

events·5

$ sikker protocols 146.70.138.229

HTTP

3 / 3

SSH

1 / 1

HTTPS

1 / 1

$ sikker summary 146.70.138.229

146.70.138.229 has a threat confidence score of 72%. This IP address from Japan (AS9009, M247 Europe SRL) has been observed in 5 honeypot sessions targeting HTTP, SSH, HTTPS protocols. Detected attack patterns include http dotenv file exposure probe. First observed on March 24, 2026, most recently active March 24, 2026.

$ sikker behaviors 146.70.138.229catalog →

highHttp Dotenv File Exposure Probe1x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 146.70.138.229

http_method_get2 https_path_root1 http_path_dotenv1 ssh_echo_semicolon_uname_a_sequence1 http_phpunit_eval_stdin_php_path_access1

$ sikker related 146.70.138.229

🇯🇵·More threats fromJapan→AS·More threats fromM247 Europe SRL→HTTP·More threats targetingHTTP→SSH·More threats targetingSSH→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
81.92.203.134	93%	17
198.190.1.150	39%	7
198.190.3.203	30%	4
157.254.75.37	29%	3
157.254.65.202	34%	5

IP Address	Confidence	Events
43.128.229.196	96%	2,414
43.133.9.170	96%	2,614
210.149.87.235	92%	149
43.153.155.109	61%	3
43.167.237.29	94%	87