ClearSOC Dashboard - Traffic Overview

96.41.38.202 (IP)

Detected access to suspicious obfuscated path 'akam/13/6d6bbf9e' flagged by WAF and triggered security alert '3900999', indicating potential malicious probing. While total threat requests are low (11.1%), the nature of the activity warrants monitoring. Confidence: 85% · 2026-01-24 14:27

45.148.10.159 (IP)

All requests (100%) from this IP were detected as threats, targeted sensitive version control system files ('.git/config', '.svn/entries'), and triggered a critical reputation-based WAF deny rule. Its associated ASN (AS48090) is already blocklisted for identical malicious activity. Confidence: 100% · 2026-01-24 12:06

205.169.39.3 (IP)

IP belongs to blocklisted ASN AS3356, which has multiple IPs blocklisted for similar malicious activity including accessing highly obfuscated paths. This IP also accessed a highly obfuscated path, indicating malicious probing. Confidence: 95% · 2026-01-23 15:25

192.109.200.72 (IP)

Detected WordPress brute-force attempts targeting 'wp-login.php', with the path flagged by WAF and security alert '3900998' triggered. This behavior is consistent with other blocklisted IPs. Confidence: 95% · 2026-01-23 12:45

66.249.66.41 (IP)

All requests (100%) from this IP were detected as threats, all accessed paths were flagged by WAF, and security alert '3991006' was triggered. Its associated ASN (AS15169) is already blocklisted for similar malicious activity. Confidence: 100% · 2026-01-22 17:03

66.249.66.1 (IP)

All requests (100%) from this IP were detected as threats, all accessed paths were flagged by WAF, and security alert '3991006' was triggered. Its associated ASN (AS15169) is already blocklisted for similar malicious activity. Confidence: 100% · 2026-01-22 17:03

103.169.53.127 (IP)

IP accessed a hostname ('www.darcherif.fr') frequently targeted by numerous blocklisted entities for WordPress enumeration and brute-force attempts. Although no direct malicious activity (0 threat requests, 0 WAF flags) was detected from this IP, its association with a highly targeted domain warrants continued monitoring. Confidence: 70% · 2026-01-22 16:34

105.111.199.40 (IP)

Entity previously flagged with medium severity and high confidence, but has shown no further activity. Requires continued monitoring. Confidence: 85% · 2026-01-22 16:24

67.227.1.140 (IP)

Accessed a highly obfuscated and suspicious path ('TXopfWNANuR3i/si/1SETC7qsZnKc/3cp5fp1mD3Lif4OJ/PD1OGXQoKgE/dTch/U2dsdHkB'), indicating malicious probing and attempted exploitation, consistent with blocklisted entities exhibiting similar behavior. Confidence: 95% · 2026-01-22 16:24

4.217.180.34 (IP)

All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. Its associated ASN (AS8075) is already blocklisted for persistent malicious activity with other IPs showing identical behavior. Confidence: 100% · 2026-01-22 13:53

Security Dashboard

Unique IPs

Bot Requests

WAF Rule Hits

Requests by Country (Map)

Recent AI Decisions Feed

Requests per Day

Threat Actions (Alert vs Deny)

Top Attacking IPs

Top Requested Paths