734
95.0%
48
IP: 47 TLS: 2 ASN: 1
| Entity | Type | Hostnames | Reason | Blocked At | AI Confidence | AI Details |
|---|---|---|---|---|---|---|
| 20.151.205.221 | IP | www.darcherif.fr | The IP accessed multiple highly suspicious paths commonly associated with WordPress exploitation attempts and webshells, indicating an active attack. Despite no WAF flags, the path names are strong indicators of malicious intent. | 2026-02-28 13:01:33 | 90.0% | Critical |
| 20.220.232.240 | IP | akamai.darcherif.fr | All 141 requests were flagged as threats and denied by WAF's IPBLOCK rule, accessing multiple suspicious PHP files. Indicates highly malicious activity. | 2026-02-28 07:50:20 | 95.0% | Critical |
| 69.234.95.143 | IP | akamai.darcherif.fr | Detected threat requests account for 43% of total requests and WAF denied with an IPBLOCK-BURST rule, indicating a malicious burst or automated attack. | 2026-02-28 07:50:20 | 85.0% | Critical |
| 149.102.230.117 | IP | akamai.darcherif.fr akamai.darcherif.fr:80 | All 8 requests from this IP were flagged as detected threats, triggering WAF alert rule 3990001. This indicates highly malicious activity. | 2026-02-28 07:19:55 | 95.0% | Critical |
| 2a09:bac1:76c0:780::5e:41 | IP | akamai.darcherif.fr | 100% of requests are threats, targeting suspicious PHP files, and was already denied by a WAF IP blocking rule (IPBLOCK-BURST4-318403). | 2026-02-28 02:38:55 | 98.0% | Critical |
| 104.28.214.114 | IP | akamai.darcherif.fr | Multiple suspicious PHP file access attempts, 100% of requests flagged by WAF, indicating web shell or backdoor activity. | 2026-02-28 02:38:55 | 95.0% | Critical |
| 20.151.107.14 | IP | - | Exhibits highly suspicious behavior by attempting to access numerous sensitive paths and common exploit targets, indicative of malicious reconnaissance or attack attempts (e.g., 'cgi-bin/', 'wp-content/plugins/WordPressCore/', 'wp-trackback.php'). | 2026-02-27 22:48:10 | 95.0% | Critical |
| 176.65.132.19 | IP | www.darcherif.fr | Multiple requests to wp-login.php flagged by WAF and security rule alerts indicate potential brute-force or credential stuffing attempt. | 2026-02-27 22:07:52 | 95.0% | Critical |
| 3%7eac3fac91d0eea84d | TLS | www.darcherif.fr akamai.darcherif.fr | High percentage of detected threat requests (66%), WAF flags on security.txt paths, and detection as a 'BOT-BROWSER-IMPERSONATOR' from a suspicious geography (RU). | 2026-02-27 19:17:19 | 95.0% | Critical |
| 104.220.83.18 | IP | akamai.darcherif.fr | IP address triggered multiple WAF alerts, detected 3 threat requests out of 19, and was explicitly blocked by WAF rule 'IPBLOCK-BURST4-318403' for burst activity. Suspicious paths 'akam/13/pixel_200ee588' were flagged. | 2026-02-27 08:45:16 | 95.0% | Critical |
| 172.245.155.97 | IP | www.darcherif.fr | Observed multiple severe web attack attempts, including SQL injection and directory traversal, flagged by WAF and security rules. Identified as a bot browser impersonator and already in a penalty box status. | 2026-02-27 07:14:53 | 98.0% | Critical |
| 20.104.124.39 | IP | akamai.darcherif.fr | All 151 requests were flagged by WAF for suspicious paths indicating active compromise attempts or vulnerability scanning, and the IP was already denied by a security rule. | 2026-02-27 03:14:05 | 99.0% | Critical |
| 35.212.235.164 | IP | www.darcherif.fr | Access to highly suspicious, long, and obfuscated path ('x8U4ppL5uvXI_/sYO8bI0q/J7lP70/Nia3SmzY3i9z2S/TgxyDCYfAw/P1wCfA/MqRHQB') indicative of reconnaissance or an exploit attempt. | 2026-02-26 23:02:36 | 90.0% | Critical |
| 34.187.164.65 | IP | akamai.darcherif.fr | Confirmed malicious activity including WAF denial, multiple security rule hits (including bot detection), and scanning for WordPress vulnerabilities (wlwmanifest.xml). | 2026-02-26 22:32:20 | 95.0% | Critical |
| 158.94.208.134 | IP | www.darcherif.fr | High number of threat requests (81%) targeting wp-login.php, indicating brute-force or credential stuffing attempt. WAF triggered alerts. | 2026-02-26 22:32:20 | 90.0% | Critical |
| 143.198.86.151 | IP | akamai.darcherif.fr | High number of detected threat requests (34), multiple paths flagged by WAF, and security rule hits for bot impersonation (BOT-BROWSER-IMPERSONATOR) and various alerts (3904003, 3904013, 3904020, 3904052, 3904053) indicate active malicious activity. | 2026-02-26 18:21:13 | 100.0% | Critical |
| 20.151.224.126 | IP | akamai.darcherif.fr | All requests (100%) from this IP were detected as threats, flagged by WAF, and explicitly denied by an IPBLOCK rule. Accessed paths indicate potential web shell activity or compromise attempts. | 2026-02-26 15:30:27 | 100.0% | Critical |
| 20.63.98.207 | IP | akamai.darcherif.fr | Attempted to access multiple suspicious .php files indicative of web shell activity, 100% of requests were flagged by WAF and explicitly denied by IPBLOCK rule. | 2026-02-26 11:09:19 | 100.0% | Critical |
| 172.56.209.134 | IP | - | Multiple security alerts detected, including WAF flags for 'akam/13/pixel_c4e2ce', two detected threat requests, and hits on security rules '3910002' and '3910006'. AI analysis indicates medium severity. | 2026-02-26 09:27:44 | 70.0% | Medium |
| 45.156.128.58 | IP | akamai.darcherif.fr | All requests flagged by WAF with a security alert, indicating malicious scanning or bot activity. | 2026-02-26 06:25:47 | 90.0% | Medium |
| 104.28.214.54 | IP | akamai.darcherif.fr | All requests detected as threats, accessing suspicious PHP files indicative of web shell activity. | 2026-02-26 06:25:46 | 95.0% | Critical |
| 104.28.246.54 | IP | akamai.darcherif.fr | All requests detected as threats, WAF rules explicitly denied activity, and attempts to access suspicious PHP files and admin paths. | 2026-02-26 06:25:46 | 98.0% | Critical |
| 2001:bc8:1f90:21:da5e:d3ff:fe6c:80eb | IP | www.darcherif.fr | Accessed a highly suspicious and obfuscated path 'x8U4ppL5uvXI_/sYO8bI0q/J7lP70/Nia3SmzY3i9z2S/TgxyDCYfAw/P1wCfA/MqRHQB' indicative of potential web shell activity or command and control communication. | 2026-02-26 04:35:18 | 90.0% | Critical |
| 195.154.173.217 | IP | www.darcherif.fr | All requests were detected as threats, targeting WordPress enumeration paths, and denied by WAF rule REP_1654536. | 2026-02-26 01:54:37 | 100.0% | Critical |
| 4.204.200.32 | IP | akamai.darcherif.fr | All requests detected as threats, all accessed paths flagged by WAF, and security rules explicitly denied with an IPBLOCK. Indicates highly malicious activity or exploitation attempts. | 2026-02-25 22:13:42 | 99.0% | Critical |
| 34.69.56.249 | IP | akamai.darcherif.fr | Highly suspicious activity including extensive 'wlwmanifest.xml' scanning, numerous WAF flags, 'BOT-BROWSER-IMPERSONATOR' alerts, and an IP burst block. Indicates active reconnaissance or automated attack. | 2026-02-25 18:42:51 | 99.0% | Critical |
| 40.80.89.74 | IP | www.darcherif.fr | Accessed highly suspicious and non-standard PHP files (e.g., 'alfa-rex1.php', 'spip.php', 'root.php', 'wp-admin.php') indicative of reconnaissance or exploitation attempts. This pattern suggests malicious probing. | 2026-02-25 13:30:55 | 95.0% | Critical |
| AS201814 | ASN | www.darcherif.fr akamai.darcherif.fr | Extremely high number of detected threat requests (68 out of 74 total) from this ASN, targeting critical paths like 'wp-login.php' and '.git/HEAD', and triggering multiple WAF alerts ('3900998', '3990001'). Indicates widespread malicious activity. | 2026-02-25 13:20:45 | 98.0% | Critical |
| 109.205.211.39 | IP | www.darcherif.fr | Highly suspicious IP with 26 out of 29 requests flagged as threats, specifically targeting 'wp-login.php' and triggering WAF rule '3900998', indicating brute-force or credential stuffing attempts. | 2026-02-25 13:20:45 | 95.0% | Critical |
| 34.182.92.11 | IP | akamai.darcherif.fr | Repeated access attempts to WordPress configuration files (wlwmanifest.xml) across multiple paths, all flagged by WAF and multiple security rules hit, including BOT-BROWSER-IMPERSONATOR. This indicates bot scanning for vulnerabilities. | 2026-02-25 12:30:00 | 95.0% | Critical |
| 2001:41d0:303:5899::1 | IP | www.darcherif.fr | All requests were flagged by WAF and detected as threats, hitting security rule 3991006, indicating malicious activity like SQL injection attempts. | 2026-02-25 08:08:08 | 95.0% | Critical |
| 85.11.167.79 | IP | www.darcherif.fr | Multiple detected threat requests, WAF flagged 'wp-login.php' access, and a security alert (3900998) was triggered. This indicates a high probability of attempted unauthorized access or brute-force attack. | 2026-02-25 04:37:18 | 95.0% | Critical |
| 35.175.103.28 | IP | akamai.darcherif.fr | All requests were flagged by WAF, detected as threats, and an IPBLOCK security rule was hit. | 2026-02-24 23:35:55 | 100.0% | Critical |
| 194.26.192.238 | IP | www.darcherif.fr | Highly suspicious access patterns to common WordPress directories with unusual PHP filenames (e.g., 'txets.php', 'schallfuns.php'), indicating potential backdoor attempts or vulnerability exploitation. | 2026-02-24 18:34:35 | 95.0% | Critical |
| 104.28.246.116 | IP | akamai.darcherif.fr | All requests to suspicious paths flagged by WAF, indicating potential web shell or backdoor activity. | 2026-02-24 16:53:03 | 95.0% | Critical |
| 2a09:bac5:952b:3af::5e:3b | IP | akamai.darcherif.fr | All requests to highly suspicious paths flagged by WAF and triggered deny rules, indicating active malicious exploit attempts. | 2026-02-24 16:53:03 | 98.0% | Critical |
| 205.169.39.24 | IP | akamai.darcherif.fr | This IP address exhibited highly suspicious behavior, including 5 detected threat requests out of 19 total requests, multiple paths flagged by WAF, and being explicitly denied by the 'IPBLOCK-BURST4-318403' security rule. These indicators suggest active malicious activity or a concerted attack. | 2026-02-24 10:20:58 | 100.0% | Critical |
| 34.138.168.131 | IP | akamai.darcherif.fr | Repeated scanning attempts for WordPress vulnerabilities across multiple paths, detected bot browser impersonation, and multiple WAF rules triggered including a burst-based IP block. High ratio of detected threat requests (104) compared to total requests (32). | 2026-02-24 10:00:45 | 95.0% | Critical |
| 18.237.91.58 | IP | - | Detected highly suspicious and obfuscated paths consistent with attempted exploits or reconnaissance. AI also flagged as medium severity, but the path patterns warrant immediate blocking. | 2026-02-24 08:20:04 | 95.0% | Critical |
| 195.178.110.242 | IP | akamai.darcherif.fr | High number of detected threat requests, all accessed paths flagged by WAF, and hits on security rules including bot impersonation. | 2026-02-24 08:09:50 | 95.0% | Critical |
| 45.141.233.196 | IP | www.darcherif.fr | High number of detected threat requests (41/44) targeting wp-login.php, flagged by WAF with an alert, indicating a likely brute-force or credential stuffing attack. | 2026-02-24 03:38:44 | 95.0% | Critical |
| 51.107.182.56 | IP | akamai.darcherif.fr | All requests (81/81) were detected as threats, all paths were flagged by WAF, and an 'IPBLOCK' deny rule was triggered, indicating active malicious exploitation attempts. | 2026-02-24 03:38:44 | 99.0% | Critical |
| 20.78.146.86 | IP | www.darcherif.fr | Accessed suspicious PHP files and WordPress plugin directories commonly used in exploit attempts and reconnaissance, indicating malicious intent despite no direct WAF hits. | 2026-02-23 21:37:08 | 80.0% | Critical |
| 20.89.58.48 | IP | akamai.darcherif.fr | Engaged in highly malicious activity, with all accessed paths flagged by WAF, numerous detected threat requests, and triggered WAF deny rules including IP blocking and bot impersonation. | 2026-02-23 21:37:08 | 100.0% | Critical |
| 20.100.195.34 | IP | akamai.darcherif.fr | Engaged in highly suspicious activity, attempting to access multiple potentially vulnerable PHP files. All requests were flagged as threats by the WAF and subsequently denied by an IP block rule. | 2026-02-23 13:55:06 | 100.0% | Critical |
| 3%7eeebdc6ca9733c8c8 | TLS | www.darcherif.fr akamai.darcherif.fr | TLS certificate associated with numerous WAF-flagged paths, including '.git/', indicating potential source code exposure attempts. High number of detected threat requests (43 vs 19 total requests) and hits on critical security rules such as 'SQL-INJECTION-ANOMALY' and 'IPBLOCK-PENALTY-BOX'. | 2026-02-23 09:32:31 | 95.0% | Critical |
| 199.127.56.236 | IP | - | WAF flagged suspicious 'akam' path, security rule 3910001 triggered, and accessed a highly obfuscated/suspicious path. Clear indicators of malicious activity. | 2026-02-23 09:02:14 | 95.0% | Critical |
| 2a09:bac5:cad2:1541::21e:163 | IP | akamai.darcherif.fr | All requests flagged by WAF as threats, indicating active malicious activity likely web shell or backdoor attempts. | 2026-02-23 08:51:55 | 95.0% | Critical |
| 104.210.140.137 | IP | www.darcherif.fr | All requests detected as threats; WAF flagged suspicious access to robots.txt; Security rule 3991023 hit. | 2026-02-23 05:40:19 | 95.0% | Critical |
| 89.187.187.74 | IP | akamai.darcherif.fr | Engaged in extensive WordPress vulnerability scanning attempts (wlwmanifest.xml), triggered multiple WAF flags, identified as a bot impersonator, and was explicitly denied by security rules (IPBLOCK-BURST4). | 2026-02-23 04:19:57 | 99.0% | Critical |