ClearSOC Dashboard - Investigation Workspace

Entity Details

Type: Ip
ASN: AS201814 - MEVSPACE sp. z o.o.
Threat Intelligence: Aggressively targeted highly sensitive configuration and information files, triggering critical WAF deny rules including IPBLOCK-BURST4, LFI-ANOMALY, and reputation-based blocking.

Linked Entities

TLS Fingerprints (1)

3%7e7d37a809e7e56fbe Investigate

Hostnames Targeted

Hostname	Request Count
akamai.darcherif.fr	45

Paths Targeted (with Hostname Counts)

Path	Distinct Hostnames
test.php	1
staging/phpinfo.php	1
tmp/.env	1
.env.txt	1
.env.log	1
phpinfo	1
.env	1
info.php	1
php_info.php	1
terraform.tfvars	1
.env.test	1
.env.bak	1
public/.env	1
.env.production	1
server.php	1
infophp.php	1
admin/info.php	1
test/info.php	1
.env.dev.local	1
.env.local	1
deploy.sh	1
README.md	1
config/.env	1
.env.staging	1
logs/phpinfo.php	1
.env.development	1
storage/.env	1
phpinfo.php	1
.env.example	1
.aws/credentials	1
.env.backup	1
debug.php	1
dev/phpinfo.php	1
config/parameters.yml	1
admin/phpinfo.php	1
wp-content/debug.log	1
docker-compose.yml	1
_profiler/phpinfo	1
config/settings.js	1
.vscode/settings.json	1
backup/phpinfo.php	1
dashboard/info.php	1
.git/config	1

🚫

Block

Aggressively targeted highly sensitive configuration and information files, triggering critical WAF deny rules including IPBLOCK-BURST4, LFI-ANOMALY, and reputation-based blocking.

2025-12-17 08:29:42

Investigation Workspace

Entity: 194.180.49.171 (Ip)

Entity Details

Linked Entities

Hostnames Targeted

Paths Targeted (with Hostname Counts)

Block