ClearSOC Dashboard - Investigation Workspace

Entity Details

Type: Ip
ASN: AS206092 - F.N.S. HOLDINGS LIMITED
Threat Intelligence: Aggressively probing sensitive PHP info files and configuration files (.env), with all accessed paths flagged by WAF, triggering critical IP block burst and LFI deny rules, and showing bot impersonation. This indicates persistent malicious reconnaissance and exploitation attempts.

Linked Entities

Hostnames Targeted

Hostname	Request Count
akamai.darcherif.fr	19

Paths Targeted (with Hostname Counts)

Path	Distinct Hostnames
test.php	1
php.php	1
phpinfo	1
.env	1
info.php	1
i.php	1
pi.php	1
php_version.php	1
phpinfo.php	1
.aws/credentials	1
pinfo.php	1
php_info.php	1
admin/phpinfo.php	1
_profiler/phpinfo	1
_sec/cp_challenge/challenge	1

🚫

Block

Aggressively probing sensitive PHP info files and configuration files (.env), with all accessed paths flagged by WAF, triggering critical IP block burst and LFI deny rules, and showing bot impersonation. This indicates persistent malicious reconnaissance and exploitation attempts.

2025-12-26 21:13:20

Investigation Workspace

Entity: 45.86.202.100 (Ip)

Entity Details

Linked Entities

Hostnames Targeted

Paths Targeted (with Hostname Counts)

Block