Check an IP Address, Domain Name, Subnet, or ASN

45.148.10.249 was found in our database!

$ whois 45.148.10.249

country·🇳🇱 The Netherlands

city·Amsterdam

isp·Techoff Srv Limited

asn·AS48090

network·Standard

$ sikker risk 45.148.10.249scoring →

confidence

100%Very High

first_seen·Apr 2, 2026

last_seen·9m ago

sessions·1,739

events·1,746

$ sikker protocols 45.148.10.249

HTTPS

1,166 / 1,168

HTTP

573 / 578

$ sikker summary 45.148.10.249

45.148.10.249 has a threat confidence score of 100%. This IP address from The Netherlands (AS48090, Techoff Srv Limited) has been observed in 1,739 honeypot sessions targeting HTTPS, HTTP protocols. Detected attack patterns include https dotenv environment file exposure probe, http dotenv file exposure probe, http git repository config exposure probe. First observed on April 2, 2026, most recently active April 14, 2026.

$ sikker behaviors 45.148.10.249catalog →

highHttps Dotenv Environment File Exposure Probe174x

Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.

highHttp Dotenv File Exposure Probe41x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

highHttp Git Repository Config Exposure Probe10x

Identifies HTTP GET requests targeting /.git/config, indicating attempts to access exposed Git repository configuration files. Successful access may enable repository reconstruction, credential harvesting, or source code disclosure.

mediumHttps Dotgit Repository Configuration Exposure Probe76x

Identifies an HTTPS request targeting the .git/config file within a web-accessible repository directory. Access attempts to /.git/config indicate automated repository exposure scanning intended to retrieve remote origin URLs, repository structure, and potentially credential-bearing configuration data. This is a common reconnaissance technique used to identify misconfigured web servers exposing version control metadata.

infoHttp Http Method Get217x

HTTP request using GET method.

infoHttp Root Path Request217x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request61x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 45.148.10.249

http_method_get1379 https_path_dotenv187 https_path_dotgit_config84 https_path_root61 http_phpunit_eval_stdin_php_path_access43 http_path_dotenv42 http_path_dotgit_config14 http_path_xmlrpc_php13 http_path_dotenv_production9 http_path_dotenv_staging6 http_path_dotenv_development6 http_request_path_aws_config_file3 http_path_app_dotenv2 http_path_config_json1 http_path_dotenv_local1 http_robots_txt_path_probe1 http_request_path_aws_keys_conf1 http_request_path_wp_config_hidden1 http_request_path_dot_aws_directory1 http_request_path_aws_credentials_js1

$ sikker related 45.148.10.249

🇳🇱·More threats fromThe Netherlands→AS·More threats fromTechoff Srv Limited→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
195.178.110.26	100%	13,669
45.148.10.240	100%	543,790
45.148.10.192	100%	34,578
45.148.10.183	100%	10,897
195.178.110.30	100%	422,292

IP Address	Confidence	Events
46.151.178.13	94%	7,847
62.164.177.27	97%	19,151
45.148.10.240	100%	543,784
93.174.95.106	100%	4,193
204.76.203.30	96%	13,497