Check an IP Address, Domain Name, Subnet, or ASN

45.134.79.102 was found in our database!

$ whois 45.134.79.102

country·🇫🇷 France

city·Bordeaux

isp·HostRoyale Technologies Pvt Ltd

asn·AS39486

network·Standard

$ sikker risk 45.134.79.102scoring →

confidence

98%Very High

first_seen·Mar 9, 2026

last_seen·4d ago

sessions·440

events·440

$ sikker protocols 45.134.79.102

HTTPS

231 / 231

HTTP

206 / 206

FTP

1 / 1

SSH

1 / 1

MYSQL

1 / 1

$ sikker summary 45.134.79.102

45.134.79.102 has a threat confidence score of 98%. This IP address from France (AS39486, HostRoyale Technologies Pvt Ltd) has been observed in 440 honeypot sessions targeting HTTPS, HTTP, FTP, SSH, MYSQL protocols. Detected attack patterns include https dotenv environment file exposure probe. First observed on March 9, 2026, most recently active March 14, 2026.

$ sikker behaviors 45.134.79.102catalog →

highHttps Dotenv Environment File Exposure Probe7x

Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.

infoHttp Root Path Request140x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request27x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 45.134.79.102

http_method_get200 https_path_root40 http_path_dotenv10 http_path_dotgit_config9 http_path_doc_page_login_asp_access9 http_phpunit_eval_stdin_php_path_access9 https_path_dotenv7 http_path_config_json7 https_path_dotgit_config7 https_phpunit_eval_stdin_rce_probe7 https_path_config_json6 mysql_show_table_status4 ssh_uname_all1 ftp_user_probe1 ftp_password_attempt1 mysql_show_databases1 ssh_id_identity_query1 mysql_set_names_utf8mb41 mysql_disable_autocommit1 ssh_whoami_user_identity1

$ sikker related 45.134.79.102

🇫🇷·More threats fromFrance→AS·More threats fromHostRoyale Technologies Pvt Ltd→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→FTP·More threats targetingFTP→SSH·More threats targetingSSH→MYSQ·More threats targetingMYSQL→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
45.134.79.101	23%	1
45.134.79.88	23%	1

IP Address	Confidence	Events
51.83.143.139	90%	67,445
54.38.41.116	87%	18,902
51.91.168.102	99%	616,529
54.38.94.109	98%	34,833
185.177.72.61	100%	1,107