Investigation Workspace

Entity: 165.227.173.41 (Ip)

Entity Details
Type
Ip
ASN
AS14061 - DigitalOcean, LLC
Threat Intelligence
Actively targeting sensitive configuration files (.git/config, .env, info.php) and known exploits (Jira exploit). All requests flagged by WAF, triggered critical deny rules (LFI-ANOMALY, IPBLOCK-PENALTY-BOX). Associated ASN AS14061 is blocklisted for identical malicious activity.
Linked Entities
TLS Fingerprints (2)
Hostnames Targeted
Hostname Request Count
akamai.darcherif.fr 31
www.darcherif.fr 10
Paths Targeted (with Hostname Counts)
Path Distinct Hostnames
.env 2
info.php 2
.git/config 2
telescope/requests 2
_all_dbs 1
server 1
about 1
server-status 1
actuator/env 1
.DS_Store 1
login.action 1
v2/_catalog 1
config.json 1
@vite/env 1
debug/default/view 1
.vscode/sftp.json 1
s/531323e2732323e23323e223/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties 1
_sec/cp_challenge/challenge 1
s/4373e2430323e26313e223/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties 1
ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application 1
s/431323e2732323e23323e223/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties 1
🚫

Block

Actively targeting sensitive configuration files (.git/config, .env, info.php) and known exploits (Jira exploit). All requests flagged by WAF, triggered critical deny rules (LFI-ANOMALY, IPBLOCK-PENALTY-BOX). Associated ASN AS14061 is blocklisted for identical malicious activity.

2026-01-14 09:49:05