Investigation Workspace

Entity: 45.86.202.87 (Ip)

Entity Details
Type
Ip
ASN
AS206092 - F.N.S. HOLDINGS LIMITED
Threat Intelligence
Aggressively probing sensitive PHP info files and configuration files (.env.example), with almost all accessed paths flagged by WAF, triggering a critical IP block burst deny rule, and showing bot impersonation. This indicates persistent malicious reconnaissance and exploitation attempts, consistent with other malicious IPs from the same ASN (AS206092).
Linked Entities
TLS Fingerprints (1)
Hostnames Targeted
Hostname Request Count
akamai.darcherif.fr 12
Paths Targeted (with Hostname Counts)
Path Distinct Hostnames
test.php 1
php.php 1
phpinfo 1
info.php 1
i.php 1
pi.php 1
phpinfo.php 1
.env.example 1
php_info.php 1
_profiler/phpinfo 1
_sec/cp_challenge/challenge 1
🚫

Block

Aggressively probing sensitive PHP info files and configuration files (.env.example), with almost all accessed paths flagged by WAF, triggering a critical IP block burst deny rule, and showing bot impersonation. This indicates persistent malicious reconnaissance and exploitation attempts, consistent with other malicious IPs from the same ASN (AS206092).

2025-12-26 21:13:20