93
95.0%
43
IP: 31 ASN: 6 TLS: 13
| Entity | Type | Hostnames | Reason | Blocked At | AI Confidence | AI Details |
|---|---|---|---|---|---|---|
| 216.73.216.213 | IP | www.darcherif.fr | All requests (100%) from this IP were flagged by WAF, indicating persistent malicious probing targeting WordPress endpoints and triggering security alerts. | 2025-12-05 18:50:26 | 100.0% | Critical |
| 45.148.10.246 | IP | akamai.darcherif.fr | Extensive probing of sensitive configuration files and backups (e.g., .env, config/mail), all requests (100%) flagged by WAF, and multiple critical deny rules triggered including LFI-ANOMALY and IPBLOCK. | 2025-12-04 12:34:38 | 100.0% | Critical |
| AS48090 | ASN | akamai.darcherif.fr | Associated with IP 45.148.10.246, which demonstrated extensive probing of sensitive files, had all requests flagged by WAF, and triggered critical deny rules including LFI-ANOMALY and IPBLOCK. | 2025-12-04 12:34:38 | 100.0% | Critical |
| 62.60.130.210 | IP | www.darcherif.fr | All requests (100%) were flagged by WAF and targeted 'wp-login.php', triggering security alerts indicative of a brute-force or credential stuffing attack. | 2025-12-02 14:22:25 | 100.0% | Critical |
| 3%7e67c0ea0c99e03401 | TLS | akamai.darcherif.fr | TLS fingerprint associated with an IP (4.189.168.36) that had all requests flagged by WAF, bot impersonation, and probing of sensitive paths. Associated ASN AS8075 is blocklisted. | 2025-11-30 15:39:51 | 100.0% | Critical |
| 4.189.168.36 | IP | akamai.darcherif.fr | All requests (100%) flagged by WAF with bot impersonation and probing of sensitive paths. Associated ASN AS8075 is already blocklisted for persistent malicious activity. | 2025-11-30 15:39:50 | 100.0% | Critical |
| AS152194 | ASN | www.darcherif.fr | Associated with IP 134.122.136.96, which triggered multiple critical WAF deny rules including LFI, command injection, XSS, and bot impersonation. All accessed paths from this ASN were flagged as malicious. | 2025-11-30 14:03:57 | 100.0% | Critical |
| 134.122.136.96 | IP | www.darcherif.fr | Multiple critical WAF deny rules triggered, including LFI, command injection, XSS, and bot impersonation, indicating severe malicious probing and exploit attempts. All accessed paths were flagged. | 2025-11-30 14:03:57 | 100.0% | Critical |
| 3%7ed09afd3ffe9bdf7b | TLS | www.darcherif.fr | Associated with IP 134.122.136.96, which triggered multiple critical WAF deny rules including LFI, command injection, XSS, and bot impersonation. This TLS fingerprint is used by a highly malicious client. | 2025-11-30 14:03:57 | 100.0% | Critical |
| 43.163.127.190 | IP | akamai.darcherif.fr | Repeated, targeted access attempts to sensitive Spring Boot actuator and mapping endpoints. All 13 requests flagged by WAF, with bot impersonation detected, indicating high-confidence malicious activity. | 2025-11-20 15:39:02 | 100.0% | Critical |
| 20.37.96.143 | IP | www.darcherif.fr | All requests from this IP were flagged by WAF, accessing suspicious PHP files including known exploit paths like 'wp-filemanager.php', and triggered a deny security rule (REP_1654538). | 2025-11-10 22:07:17 | 100.0% | Critical |
| AS15169 | ASN | www.darcherif.fr akamai.darcherif.fr | 48% of requests were threatening, all accessed paths flagged by WAF, and a burst-rate IP block rule (IPBLOCK-BURST4-318403) was triggered. | 2025-11-04 15:46:51 | 95.0% | Critical |
| 74.176.185.3 | IP | akamai.darcherif.fr | Extensive probing of suspicious PHP files, 100% of requests flagged by WAF with IPBLOCK deny rule, and associated ASN is already blocked for persistent malicious activity. | 2025-11-01 13:06:18 | 100.0% | Critical |
| 3%7efe38c35477967146 | TLS | - | Confirmed persistent malicious activity detected using this TLS fingerprint. | 2025-10-31 13:37:03 | 98.0% | Critical |
| 3%7ee35ec11fcbea7346 | TLS | - | Confirmed persistent malicious activity detected using this TLS fingerprint. | 2025-10-31 13:37:03 | 90.0% | Critical |
| 3%7ede8d6a84fab8672b | TLS | - | Confirmed common malicious client fingerprint associated with suspicious access patterns and reconnaissance. | 2025-10-31 13:37:03 | 95.0% | Critical |
| 3%7ede29393936a8dc4153 | TLS | - | Confirmed persistent malicious activity detected using this TLS fingerprint. | 2025-10-31 13:37:03 | 95.0% | Critical |
| 3%7ede293936a8dc4153 | TLS | - | Confirmed persistent malicious activity detected using this TLS fingerprint. | 2025-10-31 13:37:03 | 95.0% | Critical |
| UNKNOWN | TLS | - | Confirmed persistent malicious activity detected using an unknown TLS fingerprint. | 2025-10-31 13:37:03 | 100.0% | Critical |
| 66.249.70.200 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 100.0% | Critical |
| 185.177.72.204 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 100.0% | Critical |
| AS132203 | ASN | - | Confirmed persistent malicious activity detected from this ASN. | 2025-10-31 13:37:02 | 90.0% | Critical |
| 85.204.70.106 | IP | - | Confirmed extensive scanning and attack attempts against sensitive WordPress paths. | 2025-10-31 13:37:02 | 100.0% | Critical |
| 81.17.20.98 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 95.0% | Critical |
| AS211590 | ASN | - | Confirmed persistent malicious activity detected from this ASN. | 2025-10-31 13:37:02 | 100.0% | Critical |
| 66.249.77.104 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 95.0% | Critical |
| AS8075 | ASN | - | Confirmed persistent malicious activity detected from this ASN. | 2025-10-31 13:37:02 | 100.0% | Critical |
| 66.249.69.35 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 95.0% | Critical |
| 66.249.68.133 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 90.0% | Medium |
| 66.249.66.40 | IP | - | Confirmed consistent malicious probing observed, triggering WAF alerts. | 2025-10-31 13:37:02 | 80.0% | Medium |
| 62.60.130.211 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 98.0% | Critical |
| 3%7e2faa3a9db1c111de | TLS | - | Confirmed persistent malicious activity detected using this TLS fingerprint. | 2025-10-31 13:37:02 | 100.0% | Critical |
| 3%7e788289bd73e01aa4 | TLS | - | Confirmed persistent malicious activity detected using this TLS fingerprint. | 2025-10-31 13:37:02 | 100.0% | Critical |
| 51.38.105.105 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 90.0% | Critical |
| 48.210.236.214 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 100.0% | Critical |
| 45.153.163.23 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 90.0% | Critical |
| 3%7e7bcf51bfc0d0b65f | TLS | - | Confirmed persistent malicious activity detected using this TLS fingerprint. | 2025-10-31 13:37:02 | 100.0% | Critical |
| 3%7ea97fdb0b70d4a7b7 | TLS | - | Confirmed persistent malicious activity detected using this TLS fingerprint. | 2025-10-31 13:37:02 | 98.0% | Critical |
| 3%7ebaae1457ad64ff16 | TLS | - | Confirmed persistent malicious activity detected using this TLS fingerprint. | 2025-10-31 13:37:02 | 90.0% | Critical |
| 34.116.246.85 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 85.0% | Medium |
| 34.116.172.61 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 85.0% | Medium |
| 34.1.27.103 | IP | - | Confirmed associated with a known malicious TLS fingerprint, indicating coordinated malicious activity. | 2025-10-31 13:37:02 | 90.0% | Critical |
| 34.1.26.204 | IP | - | Confirmed active malicious scanning detected, triggering multiple WAF alerts. | 2025-10-31 13:37:02 | 90.0% | Medium |
| 34.1.23.207 | IP | - | Confirmed burst of activity detected by WAF, suggesting automated malicious behavior. | 2025-10-31 13:37:02 | 90.0% | Critical |
| 34.1.21.203 | IP | - | Confirmed burst of activity detected by WAF, suggesting automated malicious behavior. | 2025-10-31 13:37:02 | 90.0% | Critical |
| 34.1.16.79 | IP | - | Confirmed active malicious scanning detected, triggering multiple WAF alerts. | 2025-10-31 13:37:02 | 85.0% | Medium |
| 3.92.177.104 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 100.0% | Critical |
| 2604:a880:400:d1:0:1:4cea:4001 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 85.0% | Medium |
| 34.1.17.182 | IP | - | Confirmed burst of activity detected by WAF, suggesting automated malicious behavior. | 2025-10-31 13:37:02 | 90.0% | Critical |
| 185.177.72.16 | IP | - | Confirmed persistent malicious IP activity. | 2025-10-31 13:37:02 | 100.0% | Critical |