732
95.0%
49
IP: 49 ASN: 1
| Entity | Type | Hostnames | Reason | Blocked At | AI Confidence | AI Details |
|---|---|---|---|---|---|---|
| 20.220.232.101 | IP | akamai.darcherif.fr | All 151 requests were flagged by WAF as detected threats, accessing suspicious paths (e.g., PHP web shells, administrative probes), and explicitly triggered an IPBLOCK security rule. | 2026-03-06 01:18:10 | 100.0% | Critical |
| 159.54.153.72 | IP | www.darcherif.fr | Repeated access to 'wp-login.php', a common target for brute-force attacks, from a geographically distinct IP address. This indicates a high likelihood of malicious probing or an attempted credential stuffing attack. | 2026-03-05 22:17:38 | 85.0% | Medium |
| 216.73.216.24 | IP | www.darcherif.fr | Observed highly suspicious and obfuscated paths accessed, a high ratio of detected threat requests (4 out of 6), and triggered a security alert rule (3991023). | 2026-03-05 22:07:31 | 95.0% | Critical |
| 66.249.66.162 | IP | www.darcherif.fr | All requests (6/6) from this IP address were flagged by WAF and triggered security rule '3991006', indicating active malicious scanning or attack attempts. | 2026-03-05 17:06:38 | 100.0% | Critical |
| 192.109.200.98 | IP | www.darcherif.fr | Active enumeration and attack attempts against WordPress site, including wp-admin, user enumeration via REST API, and login attempts. WAF flagged malicious requests. | 2026-03-05 12:35:54 | 95.0% | Critical |
| 20.151.11.236 | IP | akamai.darcherif.fr | Highly malicious activity detected: 100% of requests flagged by WAF, multiple suspicious PHP files accessed indicative of web shell attempts or compromises, and hit an IPBLOCK security rule. | 2026-03-05 11:45:39 | 100.0% | Critical |
| AS212238 | ASN | akamai.darcherif.fr akamai.darcherif.fr:80 | This ASN is a source of high-volume malicious bot traffic, repeatedly attempting WordPress vulnerability scans and triggering multiple WAF denial rules, encompassing critically malicious IPs within its range. | 2026-03-05 05:04:21 | 90.0% | Critical |
| 169.150.203.249 | IP | akamai.darcherif.fr | High volume of detected threat requests, including bot impersonation and repeated WordPress vulnerability scanning attempts, triggering multiple WAF denial rules. | 2026-03-05 05:04:21 | 95.0% | Critical |
| 2a10:3c0:5:0:1:22:0:5 | IP | akamai.darcherif.fr | This IP initiated 12 requests, all of which were detected as threats and flagged by WAF across all accessed paths. Multiple security rules (3990001, 3990011) were hit, indicating highly malicious activity. | 2026-03-05 02:23:42 | 98.0% | Critical |
| 192.109.200.129 | IP | www.darcherif.fr | Attempted WordPress user enumeration and login brute-force reconnaissance via 'wp-json/wp/v2/users' and 'wp-login.php'. | 2026-03-04 18:02:21 | 90.0% | Critical |
| 34.83.184.153 | IP | akamai.darcherif.fr | High volume of suspicious WordPress vulnerability scans and bot-like activity detected, including browser impersonation and multiple WAF denials due to burst activity. | 2026-03-04 13:41:39 | 95.0% | Critical |
| 66.249.66.8 | IP | www.darcherif.fr | All 5 requests from this IP were flagged by WAF as detected threats, triggering security rule '3991006'. | 2026-03-04 08:10:05 | 100.0% | Critical |
| 34.142.251.255 | IP | www.darcherif.fr | Attempted access to sensitive configuration files (.env) and server information (phpinfo), triggering multiple WAF deny rules including LFI-ANOMALY. | 2026-03-04 03:59:01 | 95.0% | Critical |
| 36.77.30.228 | IP | akamai.darcherif.fr | Multiple attempts to access sensitive configuration files (`.aws/credentials`, `.env/.env.bak`), `phpinfo` pages, and a Local File Inclusion (LFI) anomaly detected by WAF. High percentage of detected threat requests. | 2026-03-04 00:58:15 | 95.0% | Critical |
| 137.116.32.109 | IP | akamai.darcherif.fr | Multiple attempts to access sensitive WordPress files and exploit vulnerabilities (e.g., wp_filemanager.php), confirmed bot activity, and multiple WAF security rule hits including deny policies. | 2026-03-03 23:07:34 | 95.0% | Critical |
| 20.169.219.136 | IP | www.darcherif.fr | Repeated access to sensitive or vulnerable paths like 'cgi-bin/', 'wp-content/plugins/WordPressCore/', and 'wp-trackback.php', indicative of reconnaissance or exploit attempts. This IP shares a hostname 'www.darcherif.fr' with an existing watchlist item, suggesting a coordinated or targeted attack. | 2026-03-03 19:16:37 | 95.0% | Critical |
| 20.78.169.245 | IP | www.darcherif.fr | Accessed multiple highly suspicious PHP files (e.g., moon.php, xx.php, wp_filemanager.php, wp-content/plugin.php) commonly associated with webshells, backdoor attempts, and WordPress exploitation. | 2026-03-03 17:26:03 | 95.0% | Critical |
| 152.42.227.161 | IP | akamai.darcherif.fr | Repeated WAF alerts, bot impersonation, multiple threat detections, and attempts to access WordPress enumeration paths (wlwmanifest.xml). | 2026-03-03 16:45:26 | 100.0% | Critical |
| 20.203.144.173 | IP | akamai.darcherif.fr | All requests (169 out of 169) were flagged as threats and denied by IPBLOCK rule. Attempted access to highly suspicious PHP files indicative of web shell or malicious script exploitation. | 2026-03-03 16:45:26 | 100.0% | Critical |
| 20.63.96.50 | IP | akamai.darcherif.fr | 100% of requests are detected threats, accessing known webshell/backdoor paths ('wp-admin/maint/bal.php', 'info.php', 'wp-content/cc13.php', etc.), and already hit an IPBLOCK security rule. This indicates highly malicious activity. | 2026-03-03 11:33:37 | 100.0% | Critical |
| 74.7.175.191 | IP | www.darcherif.fr | All requests were detected as threats (5/5) and a WAF flagged a probing attempt on robots.txt. A security alert was also triggered. | 2026-03-03 10:12:42 | 100.0% | Critical |
| 172.59.155.234 | IP | - | Exhibiting confirmed malicious activity including WAF flags ('akam/13/pixel_d6b97e'), detected threat requests, and security rule hits (3910006 alert). | 2026-03-03 08:02:12 | 95.0% | Critical |
| 74.7.243.214 | IP | www.darcherif.fr | Extremely high ratio of detected threat requests (13 out of 14), multiple WAF flags, and access to highly suspicious, obfuscated paths indicating potential exploitation attempts. | 2026-03-03 06:11:41 | 95.0% | Critical |
| 158.158.41.149 | IP | akamai.darcherif.fr | All 115 requests from this IP address were detected as threats, accessing suspicious PHP files commonly associated with web shell activities or malicious scripts. The WAF flagged all accessed paths, and a security rule already triggered an IPBLOCK. | 2026-03-03 03:51:07 | 95.0% | Critical |
| 13.71.189.74 | IP | akamai.darcherif.fr | Repeated attempts to access known web shell paths and vulnerable plugin files. All requests (100%) were detected as threats, flagged by WAF, and the IP was previously denied by an IPBLOCK rule. | 2026-03-02 19:19:26 | 98.0% | Critical |
| 20.220.211.108 | IP | www.darcherif.fr | Accessed multiple suspicious paths commonly associated with vulnerability scanning or exploitation attempts on a WordPress site (e.g., classwithtostring.php, wp-content/1.php, sf.php). | 2026-03-02 14:58:10 | 90.0% | Critical |
| 20.104.206.150 | IP | akamai.darcherif.fr | All 41 requests were detected as threats, all accessed paths were flagged by WAF, and the IP hit a security 'IPBLOCK' deny rule. Paths accessed are indicative of WordPress exploitation attempts. | 2026-03-02 11:47:24 | 100.0% | Critical |
| 2.58.56.62 | IP | akamai.darcherif.fr | This IP is identified as a bot impersonator actively scanning for WordPress vulnerabilities (wlwmanifest.xml). It has a high percentage of threat-detected requests (14 out of 31) and was previously denied by an IP block rule (IPBLOCK-BURST4-318403). | 2026-03-02 10:36:52 | 95.0% | Critical |
| 75.245.42.183 | IP | akamai.darcherif.fr | Multiple WAF flags on accessed paths, 6 out of 19 requests detected as threats, and triggered an IPBLOCK-BURST4 security rule indicating automated malicious activity or scanning attempts. | 2026-03-02 07:45:20 | 95.0% | Critical |
| 34.118.53.115 | IP | www.darcherif.fr | WAF flagged path 'akam/13/pixel_45aa0933' and triggered security alert 3910002. Detected 1 threat request. | 2026-03-02 05:34:51 | 95.0% | Critical |
| 45.156.87.52 | IP | www.darcherif.fr | Accessing sensitive WordPress paths like '/wp-json/wp/v2/users' and '/wp-login.php' suggests user enumeration and brute-force attempts. | 2026-03-02 05:34:51 | 85.0% | Critical |
| 20.219.132.149 | IP | www.darcherif.fr | This IP is actively accessing multiple highly suspicious PHP file names and WordPress-related paths commonly associated with web shells, backdoors, or vulnerability scanning attempts (e.g., 'ms.php', 'wp-access.php', 'yas.php', 'vx.php'). This pattern indicates potential malicious activity despite no explicit WAF flags. | 2026-03-01 21:03:04 | 85.0% | Critical |
| 104.28.246.113 | IP | akamai.darcherif.fr | This IP address is associated with highly suspicious activity, including requests to common web shell paths and 100% detected threat requests. WAF rules actively denied its traffic. | 2026-03-01 17:12:07 | 100.0% | Critical |
| 2a09:bac5:952b:1cd2::2df:73 | IP | akamai.darcherif.fr | This IPv6 address exhibits highly malicious behavior, accessing numerous suspicious PHP paths indicative of web shell activity or exploitation attempts. All requests were flagged as threats and actively denied by WAF rules, suggesting an ongoing attack, likely from the same source as 104.28.246.113. | 2026-03-01 17:12:07 | 100.0% | Critical |
| 141.98.11.209 | IP | www.darcherif.fr | High volume of detected threat requests targeting wp-login.php, flagged by WAF and triggered security alerts, indicative of a brute-force or credential stuffing attack. | 2026-03-01 15:41:18 | 100.0% | Critical |
| 40.85.219.62 | IP | www.darcherif.fr | Accessed multiple suspicious web application paths (e.g., PHP backdoors, WordPress exploit attempts) on www.darcherif.fr, indicating potential reconnaissance or compromise attempts. | 2026-03-01 11:00:29 | 90.0% | Critical |
| 45.141.233.210 | IP | www.darcherif.fr | Suspicious activity detected: attempted access to 'wp-login.php' which was flagged by WAF, a high proportion of threat requests (4 out of 7 total), and a security alert hit. This pattern suggests an attempted brute-force or credential stuffing attack. | 2026-03-01 08:07:54 | 95.0% | Critical |
| 169.150.203.202 | IP | akamai.darcherif.fr | Highly malicious activity detected: numerous WAF flags for WordPress enumeration attempts ('wlwmanifest.xml'), a very high number of detected threat requests (102 vs 31 total requests), multiple security alerts including 'BOT-BROWSER-IMPERSONATOR', and a 'deny' rule hit ('IPBLOCK-BURST4-318403'). This indicates a sophisticated automated attack or bot activity. | 2026-03-01 08:07:54 | 98.0% | Critical |
| 20.151.2.242 | IP | akamai.darcherif.fr | All 143 requests detected as threats, accessing highly suspicious PHP files indicative of webshells or malicious scripts, and previously denied by an IPBLOCK security rule. This indicates active, severe malicious intent. | 2026-03-01 05:47:09 | 98.0% | Critical |
| 144.217.135.195 | IP | www.darcherif.fr | A high percentage of requests (24/27) were flagged by WAF and detected as threats (rule 3991017), including access to suspicious obfuscated paths. | 2026-03-01 01:16:18 | 95.0% | Critical |
| 74.7.244.27 | IP | www.darcherif.fr | All requests (5/5) were flagged by WAF and detected as threats (rule 3991023), indicating highly malicious activity. | 2026-03-01 01:16:18 | 95.0% | Critical |
| 216.73.216.189 | IP | www.darcherif.fr | A significant portion of requests (4/6) were detected as threats by WAF (rule 3991023) and involved access to highly suspicious obfuscated paths. | 2026-03-01 01:16:18 | 90.0% | Critical |
| 144.217.135.151 | IP | www.darcherif.fr | All requests (19/19) were flagged by WAF and detected as threats (rule 3991017), indicating highly malicious activity. | 2026-03-01 01:16:18 | 95.0% | Critical |
| 45.156.129.177 | IP | akamai.darcherif.fr | All 7 requests triggered WAF alerts, targeting common exploitation paths like wp-json, solr, and cgi-bin. This suggests aggressive scanning or attack attempts. | 2026-02-28 20:55:12 | 95.0% | Critical |
| 45.156.129.176 | IP | akamai.darcherif.fr | All 8 requests triggered WAF alerts, targeting sensitive paths like cgi-bin, console, and solr. This indicates malicious scanning or exploitation attempts. | 2026-02-28 20:55:12 | 95.0% | Critical |
| 45.156.129.178 | IP | akamai.darcherif.fr | All 9 requests triggered WAF alerts, indicating malicious activity targeting system files and login interfaces. This points to reconnaissance and potential brute-force attempts. | 2026-02-28 20:55:12 | 95.0% | Critical |
| 64.89.163.10 | IP | www.darcherif.fr | Repeated attempts to access non-standard PHP files (e.g., 'txets.php', 'schallfuns.php') in WordPress core directories, indicative of web shell access attempts or vulnerability scanning. | 2026-02-28 18:43:59 | 95.0% | Critical |
| 51.158.204.94 | IP | www.darcherif.fr | All 18 requests from this IP were detected as threats and denied by WAF (REP_1654536), targeting common WordPress enumeration paths (wlwmanifest.xml). This indicates an active malicious scanning or attack attempt. | 2026-02-28 16:52:27 | 95.0% | Critical |
| 20.151.205.221 | IP | www.darcherif.fr | The IP accessed multiple highly suspicious paths commonly associated with WordPress exploitation attempts and webshells, indicating an active attack. Despite no WAF flags, the path names are strong indicators of malicious intent. | 2026-02-28 13:01:33 | 90.0% | Critical |
| 20.220.232.240 | IP | akamai.darcherif.fr | All 141 requests were flagged as threats and denied by WAF's IPBLOCK rule, accessing multiple suspicious PHP files. Indicates highly malicious activity. | 2026-02-28 07:50:20 | 95.0% | Critical |