737
95.0%
47
IP: 48 TLS: 1 ASN: 1
| Entity | Type | Hostnames | Reason | Blocked At | AI Confidence | AI Details |
|---|---|---|---|---|---|---|
| 2a09:bac5:cad2:1541::21e:163 | IP | akamai.darcherif.fr | All requests flagged by WAF as threats, indicating active malicious activity likely web shell or backdoor attempts. | 2026-02-23 08:51:55 | 95.0% | Critical |
| 104.210.140.137 | IP | www.darcherif.fr | All requests detected as threats; WAF flagged suspicious access to robots.txt; Security rule 3991023 hit. | 2026-02-23 05:40:19 | 95.0% | Critical |
| 89.187.187.74 | IP | akamai.darcherif.fr | Engaged in extensive WordPress vulnerability scanning attempts (wlwmanifest.xml), triggered multiple WAF flags, identified as a bot impersonator, and was explicitly denied by security rules (IPBLOCK-BURST4). | 2026-02-23 04:19:57 | 99.0% | Critical |
| 68.221.129.30 | IP | akamai.darcherif.fr | All 92 requests from this IP were flagged by WAF as threats and hit an IPBLOCK deny rule. The accessed paths indicate potential web shell activity or vulnerability scanning. | 2026-02-23 02:49:28 | 98.0% | Critical |
| 20.89.40.149 | IP | - | Engaging in highly suspicious reconnaissance and potential exploitation attempts, indicated by requests to non-standard PHP files (e.g., 'ioxi-o.php', 'chosen.php', 'sf.php'), probe for 'cgi-bin/', and unusual plugin directory access ('wp-content/plugins/WordPressCore/'). Matches previous medium severity AI assessment. | 2026-02-22 23:28:45 | 95.0% | Critical |
| 104.46.226.22 | IP | akamai.darcherif.fr | 100% of requests are flagged as threats and hit an IPBLOCK rule. All accessed paths are suspicious and flagged by WAF. | 2026-02-22 22:18:19 | 100.0% | Critical |
| 172.213.17.83 | IP | akamai.darcherif.fr | Extremely high number of detected threat requests (766 detected threats for 176 requests), multiple WAF alerts, IPBLOCK rule hit, and identified as a bot impersonator. All accessed paths are suspicious and flagged by WAF. | 2026-02-22 22:18:19 | 100.0% | Critical |
| 52.141.18.191 | IP | www.darcherif.fr | Attempted access to common exploit paths and directories (e.g., cgi-bin/, suspicious PHP files like ioxi-o.php, chosen.php, sf.php, and non-existent WordPress plugin paths), indicating vulnerability scanning or exploitation attempts. | 2026-02-22 08:02:19 | 95.0% | Critical |
| 47.128.35.25 | IP | www.darcherif.fr | All requests (9 out of 9) were flagged by the WAF and detected as threats (WAF rule 3991023 alerted), indicating highly suspicious or malicious automated activity. | 2026-02-22 05:11:32 | 95.0% | Critical |
| 216.73.216.154 | IP | www.darcherif.fr | Accessed highly suspicious and obfuscated paths, triggered WAF alerts, and has a high ratio of detected threat requests, indicating potential malicious probing or exploitation attempts. | 2026-02-21 22:49:54 | 95.0% | Critical |
| 2a10:3c0:101:0:1:42:0:5 | IP | akamai.darcherif.fr | All accessed paths were flagged by WAF, an extremely high number of detected threat requests (more than total requests), and multiple WAF alerts including 'BOT-BROWSER-IMPERSONATOR', strongly indicating malicious bot activity or attempted exploitation. | 2026-02-21 22:49:54 | 98.0% | Critical |
| 66.249.66.12 | IP | www.darcherif.fr | All requests (10 out of 10) were detected as threats, flagged by WAF, and triggered a security alert (3991006). This indicates active malicious activity. | 2026-02-21 17:18:25 | 100.0% | Critical |
| 34.173.96.22 | IP | akamai.darcherif.fr | Multiple WAF alerts, including 'BOT-BROWSER-IMPERSONATOR', and denial rules ('IPBLOCK-BURST4') triggered. Repeated attempts to access 'wlwmanifest.xml' paths indicate automated enumeration or scanning activity. | 2026-02-21 16:37:47 | 98.0% | Critical |
| 40.69.66.178 | IP | akamai.darcherif.fr | All requests were flagged by WAF and hit 'IPBLOCK' security rule, attempting access to known malicious paths like 'admin.php' and 'wp_filemanager.php'. | 2026-02-21 16:27:40 | 100.0% | Critical |
| 2a10:3c0:101:0:1:12:0:5 | IP | - | All requests flagged by WAF and detected as threats. High confidence in malicious activity requiring immediate blocking. | 2026-02-21 14:16:53 | 95.0% | Critical |
| 170.64.198.170 | IP | akamai.darcherif.fr | Multiple high-severity WAF rule hits including command injection, LFI, and attempts to access sensitive configuration files like .env and .git/config, indicative of active exploitation attempts. | 2026-02-21 14:06:35 | 98.0% | Critical |
| 20.187.125.76 | IP | akamai.darcherif.fr | All requests (100%) were detected as threats, flagged by WAF, and denied by an IPBLOCK rule. Accessed suspicious PHP paths indicative of web shell or vulnerability scanning attempts. | 2026-02-21 12:55:37 | 100.0% | Critical |
| 172.232.36.208 | IP | akamai.darcherif.fr www.darcherif.fr | Multiple severe security rule violations including SQL Injection attempts, accessing sensitive .git directory, and triggering IPBLOCK-PENALTY-BOX rule. | 2026-02-21 12:35:31 | 95.0% | Critical |
| 20.53.240.38 | IP | www.darcherif.fr | Suspicious file access patterns indicative of web shell activity or server compromise. Observed access to generic .php files like 'file.php', 'file2.php', 'doc.php', 'k.php', and 'admin.php' within wp-content and uploads directories, which are common indicators of malicious activity. | 2026-02-21 12:15:24 | 90.0% | Critical |
| 70.123.97.128 | IP | akamai.darcherif.fr | IP triggered WAF deny rule 'IPBLOCK-BURST4-318403' and made 6 threat-detected requests out of 19 total, indicating automated or malicious activity. | 2026-02-21 06:24:10 | 95.0% | Critical |
| 20.214.159.60 | IP | www.darcherif.fr | Multiple suspicious paths accessed consistent with web application scanning and exploitation attempts (e.g., ioxi-o.php, wp-content/plugins/WordPressCore/, sf.php, wp-trackback.php, cgi-bin/). | 2026-02-21 01:33:21 | 90.0% | Critical |
| 207.46.13.18 | IP | www.darcherif.fr | All requests flagged as threats by WAF (Rule 3991006). High likelihood of reconnaissance or automated attack due to 100% threat rate. | 2026-02-20 20:52:23 | 90.0% | Medium |
| 207.46.13.168 | IP | www.darcherif.fr | Multiple WAF alerts (Rule 3991006) and access to a highly suspicious, obfuscated path. High ratio of detected threat requests (7 out of 8). | 2026-02-20 20:52:23 | 95.0% | Critical |
| 35.245.125.98 | IP | akamai.darcherif.fr | Engaging in widespread WordPress vulnerability scanning attempts (wlwmanifest.xml), flagged by WAF on multiple paths, detected as a bot browser impersonator, and has already triggered an IPBLOCK deny rule. A disproportionately high number of threat requests were detected. | 2026-02-20 17:01:21 | 95.0% | Critical |
| 3%7ef4680262e7deb748 | TLS | akamai.darcherif.fr www.darcherif.fr | Multiple WAF rule hits indicating SQL injection attempts, access to sensitive paths (.git/), and triggering of IP blocking penalties. | 2026-02-20 11:50:14 | 100.0% | Critical |
| 2001:861:5860:e460:3c39:ee45:8634:30ee | IP | akamai.darcherif.fr | The IP attempted SQL injection, accessed sensitive .git paths, triggered multiple security alerts, and is in an IP block penalty box. A high ratio of threat requests to total requests indicates malicious activity. | 2026-02-20 11:40:08 | 100.0% | Critical |
| 170.64.40.138 | IP | akamai.darcherif.fr | IP triggered a deny rule (IPBLOCK-BURST4-318403) and had multiple detected threat requests flagged by WAF, indicating malicious activity. | 2026-02-20 06:59:16 | 95.0% | Critical |
| AS23470 | ASN | akamai.darcherif.fr | High volume of detected threat requests (456), multiple WAF rule hits including bot impersonation and suspicious path access patterns, indicating automated malicious activity. | 2026-02-20 06:39:10 | 90.0% | Critical |
| 103.195.100.207 | IP | akamai.darcherif.fr | This IP exhibits highly malicious behavior with a high number of detected threat requests (61 out of 8 total), numerous WAF rule hits including 'BOT-BROWSER-IMPERSONATOR', and repeated attempts to access common WordPress exploitation paths. | 2026-02-20 05:59:01 | 95.0% | Critical |
| 146.70.59.42 | IP | akamai.darcherif.fr | IP blocked by WAF rule 'IPBLOCK-BURST4-318403' due to burst activity, with 35% of total requests detected as threats and multiple paths flagged. | 2026-02-20 04:48:46 | 95.0% | Critical |
| 179.43.159.170 | IP | www.darcherif.fr | Repeated access to wp-login.php, indicative of a brute-force or credential stuffing attempt. | 2026-02-20 03:58:35 | 80.0% | Medium |
| 2409:8a34:4071:5b10:a00:27ff:fea2:560b | IP | www.darcherif.fr | Detected multiple threat requests and accessed highly suspicious, obfuscated paths indicating potential exploitation or attack attempts from a Chinese IP address. Security rules were triggered. | 2026-02-19 20:17:11 | 95.0% | Critical |
| 20.205.120.43 | IP | www.darcherif.fr | Multiple highly suspicious path accesses, including `wp-content/cong.php` (likely a typo for config.php probe) and an unusual `.well-known/classwithtostring.php`, indicative of WordPress vulnerability scanning and exploitation attempts. | 2026-02-19 19:16:55 | 90.0% | Critical |
| 20.24.197.43 | IP | www.darcherif.fr | Detected access to known malicious web shell pattern 'ioxi-o.php' and suspicious 'wp-content/plugins/WordPressCore/' path, indicating potential exploitation attempts or reconnaissance. | 2026-02-19 17:16:27 | 90.0% | Critical |
| 74.7.241.43 | IP | www.darcherif.fr | Almost all requests (45 out of 46) from this IP were flagged as threats by the WAF, indicating highly malicious activity. | 2026-02-19 13:05:31 | 98.0% | Critical |
| 45.149.173.195 | IP | akamai.darcherif.fr | IP engaged in extensive WordPress vulnerability scanning targeting 'wlwmanifest.xml', flagged by WAF as a 'BOT-BROWSER-IMPERSONATOR', and previously denied by burst IP blocking rules. High number of detected threat requests. | 2026-02-19 08:14:39 | 95.0% | Critical |
| 130.12.180.90 | IP | www.darcherif.fr | Repeated suspicious access to wp-login.php flagged by WAF and triggered security alerts, indicating potential brute-force or credential stuffing attack. | 2026-02-19 07:34:29 | 90.0% | Critical |
| 99.24.217.1 | IP | akamai.darcherif.fr | The WAF already denied requests from this IP due to a 'burst' rule (IPBLOCK-BURST4-318403), indicating automated, excessive activity. This behavior is consistent with bots or scrapers and warrants continued blocking. | 2026-02-19 07:24:23 | 80.0% | Medium |
| 66.249.66.45 | IP | www.darcherif.fr | All requests from this IP address triggered WAF alerts (rule 3991006) on WordPress core and plugin files, similar to 66.249.66.161. This indicates a high probability of malicious scanning or attempted exploitation. | 2026-02-19 07:24:23 | 95.0% | Critical |
| 66.249.66.161 | IP | www.darcherif.fr | All requests from this IP address triggered WAF alerts (rule 3991006) on WordPress core and theme files. This indicates a high probability of malicious scanning or attempted exploitation. | 2026-02-19 07:24:23 | 95.0% | Critical |
| 158.158.51.6 | IP | akamai.darcherif.fr | All 20 requests from this IP address were flagged by the WAF as threats, including attempts to access sensitive WordPress configuration files and known vulnerable plugin paths, indicating a clear malicious intent and active attack. | 2026-02-19 03:33:25 | 99.0% | Critical |
| 192.161.169.184 | IP | akamai.darcherif.fr | IP was blocked by WAF rule 'IPBLOCK-BURST4-318403' indicating burst activity and a detected threat request. | 2026-02-19 00:22:54 | 90.0% | Critical |
| 40.115.138.121 | IP | www.darcherif.fr | Accessed multiple highly suspicious PHP paths commonly associated with web shell uploads or compromise attempts (e.g., hehe.php, wp-content/cong.php, alfa-rex.php, admin/function.php). | 2026-02-18 12:20:45 | 90.0% | Critical |
| 72.226.126.223 | IP | akamai.darcherif.fr | IP address triggered WAF deny rule 'IPBLOCK-BURST4-318403' and registered a detected threat request. | 2026-02-18 08:20:01 | 95.0% | Critical |
| 93.123.109.214 | IP | akamai.darcherif.fr | Multiple attempts to access sensitive configuration files (.aws/credentials, .env, .git/config), detected Local File Inclusion (LFI) anomaly, and numerous WAF alerts for web attacks and bot impersonation. | 2026-02-18 02:29:04 | 95.0% | Critical |
| 36.81.233.175 | IP | akamai.darcherif.fr | Repeated attempts to access sensitive system files (.aws/credentials, .env/.env.bak, phpinfo) and exploitation attempts via Local File Inclusion (LFI) anomaly. All requests were flagged by WAF and multiple critical security rules were triggered, indicating malicious reconnaissance and attack. | 2026-02-18 01:28:49 | 100.0% | Critical |
| 74.248.34.156 | IP | akamai.darcherif.fr | All requests (43/43) from this IP were flagged by WAF and triggered security rules (IPBLOCK), indicating highly malicious activity such as web shell or exploit attempts targeting various PHP files. | 2026-02-17 21:17:59 | 98.0% | Critical |
| 20.219.8.79 | IP | www.darcherif.fr | Repeated access to highly suspicious PHP file names and paths (e.g., wxo.php, hehe.php, alfa-rex.php, wp-includes/*.php) commonly associated with web shell uploads, exploitation attempts, or compromised systems. | 2026-02-17 13:16:33 | 90.0% | Critical |
| 104.28.246.114 | IP | akamai.darcherif.fr | All requests detected as threats and flagged by WAF, indicating a high-confidence attack attempting to exploit common web vulnerabilities. | 2026-02-17 13:06:28 | 95.0% | Critical |
| 2a09:bac5:9529:3af::5e:28 | IP | akamai.darcherif.fr | All requests detected as threats and flagged by WAF, indicating a high-confidence attack attempting to exploit common web vulnerabilities. | 2026-02-17 13:06:28 | 95.0% | Critical |