739
99.0%
50
IP: 47 ASN: 2 TLS: 1
| Entity | Type | Hostnames | Reason | Blocked At | AI Confidence | AI Details |
|---|---|---|---|---|---|---|
| 185.117.225.97 | IP | akamai.darcherif.fr | Extremely high percentage of detected threat requests (96%), numerous WAF flagged paths, and multiple security alerts (3990001, 3990004, 3990011) indicative of severe malicious probing. Its associated ASN (AS14618) has other IPs blocklisted for identical critical malicious activity. | 2026-02-11 05:39:10 | 100.0% | Critical |
| 2.58.56.55 | IP | www.darcherif.fr | IP accessed highly suspicious web shell paths ending in '.php.suspected', strongly indicating web shell upload or exploitation attempts. This is critical malicious probing. | 2026-02-10 23:58:52 | 95.0% | Critical |
| 20.19.120.248 | IP | www.darcherif.fr | IP belongs to AS8075, which is extensively blocklisted for persistent malicious activity. The accessed paths (e.g., system.php, functions.php, info.php, wp-admin/includes/) are suspicious and consistent with reconnaissance and exploitation attempts observed from other blocklisted IPs from this ASN, warranting immediate blocking. | 2026-02-10 20:08:41 | 100.0% | Critical |
| 74.248.130.28 | IP | www.darcherif.fr | IP belongs to AS8075, which is extensively blocklisted for persistent malicious activity, and is actively probing highly suspicious PHP files and WordPress admin paths, consistent with reconnaissance and exploitation attempts observed from other blocklisted IPs from this ASN. | 2026-02-10 19:18:37 | 100.0% | Critical |
| 74.7.227.185 | IP | www.darcherif.fr | Extremely high ratio of detected threat requests (75 out of 76), all accessed paths flagged by WAF, and its associated ASN AS8075 is already blocklisted for persistent malicious activity and identical attack patterns. | 2026-02-10 16:18:16 | 100.0% | Critical |
| 2600:4041:58f4:7200:10b:144d:3ed7:48f0 | IP | akamai.darcherif.fr | Triggered critical WAF deny rule 'IPBLOCK-BURST4-318403' with multiple paths flagged by WAF and a high threat request ratio (6/19), indicating severe malicious probing and automated attacks, consistent with other blocklisted IPs. | 2026-02-10 14:58:21 | 100.0% | Critical |
| 45.74.10.74 | IP | akamai.darcherif.fr | Extremely high ratio of detected threat requests (19 over 10 total requests), multiple accessed paths flagged by WAF, and several critical security alerts including 'BOT-BROWSER-IMPERSONATOR', indicating severe automated malicious probing and exploit attempts. This behavior is consistent with other blocklisted IPs. | 2026-02-10 09:07:52 | 100.0% | Critical |
| 2a09:bac5:cad4:1caa::2db:2a | IP | akamai.darcherif.fr | All requests (100%) from this IP were detected as threats, a critical WAF deny rule (IPBLOCK-BURST4-318403) was triggered, and its associated ASN AS13335 is already blocklisted for identical widespread malicious activity. | 2026-02-10 06:17:38 | 100.0% | Critical |
| 104.28.235.57 | IP | akamai.darcherif.fr | All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files were flagged by WAF, and its associated ASN AS13335 is already blocklisted for widespread malicious activity. | 2026-02-10 06:17:38 | 100.0% | Critical |
| 20.46.120.47 | IP | www.darcherif.fr | IP belongs to AS8075, which is extensively blocklisted for persistent malicious activity, including probing suspicious PHP files and WordPress admin paths. Its accessed paths (e.g., system.php, info.php, wp-admin/) are consistent with reconnaissance and exploitation attempts observed from other blocklisted IPs from this ASN, warranting immediate blocking. | 2026-02-10 04:37:57 | 100.0% | Critical |
| 43.157.181.189 | IP | www.darcherif.fr | Associated ASN AS132203 is blocklisted for confirmed persistent malicious activity. | 2026-02-09 22:27:18 | 95.0% | Critical |
| 20.43.35.7 | IP | akamai.darcherif.fr | All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files including a known WordPress File Manager exploit ('wp-content/plugins/hellopress/wp_filemanager.php') were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. Its associated ASN (AS8075) is already blocklisted for persistent and identical malicious activity from multiple other IPs. | 2026-02-09 21:27:05 | 100.0% | Critical |
| 172.59.76.191 | IP | akamai.darcherif.fr | High percentage of detected threat requests (36.8%), multiple WAF flagged paths, and the triggering of critical WAF deny rules (IPBLOCK-BURST4-318403, IPBLOCK-SUMMARY8-318403) indicate active malicious probing and a burst attack. | 2026-02-09 15:56:42 | 100.0% | Critical |
| 104.208.81.121 | IP | akamai.darcherif.fr | All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files including a known WordPress File Manager exploit ('wp-content/plugins/hellopress/wp_filemanager.php') were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. Its associated ASN (AS8075) is already blocklisted for persistent and identical malicious activity from multiple other IPs. | 2026-02-09 08:36:20 | 100.0% | Critical |
| 209.97.162.190 | IP | akamai.darcherif.fr | Extremely high ratio of detected threat requests (95 over 31 requests), all accessed WordPress enumeration paths ('wlwmanifest.xml') flagged by WAF, triggered critical security alerts including 'BOT-BROWSER-IMPERSONATOR', and hit a critical WAF deny rule ('IPBLOCK-BURST4-318403'). Its associated ASN AS14061 is already blocklisted for identical, severe malicious activity from numerous other IPs, confirming a coordinated and persistent threat. | 2026-02-08 11:45:04 | 100.0% | Critical |
| 2a10:3c0:5:1:1:9:0:5 | IP | akamai.darcherif.fr | Extremely high ratio of detected threat requests (90.9%), all non-trivial accessed paths (mcp, sse) flagged by WAF, and triggered security alert '3990001'. This behavior is identical to multiple other blocklisted IPs from the same malicious ASN AS21859, indicating severe automated malicious probing and exploit attempts. | 2026-02-08 11:14:57 | 100.0% | Critical |
| AS21859 | ASN | www.darcherif.fr akamai.darcherif.fr | Extremely high number of detected threat requests (100 over 54 total requests), widespread WAF flags across various paths including 'mcp' and 'sse', and multiple critical security alerts including 'BOT-BROWSER-IMPERSONATOR'. This confirms persistent and severe automated malicious probing and exploit attempts across the ASN. | 2026-02-08 11:14:57 | 100.0% | Critical |
| 20.205.200.255 | IP | www.darcherif.fr | IP belongs to AS8075, which is extensively blocklisted for persistent malicious activity. This IP is actively probing highly suspicious WordPress administration and core file paths, consistent with reconnaissance and exploitation attempts observed from other blocklisted IPs from this ASN, despite no immediate WAF flags. | 2026-02-08 08:34:53 | 100.0% | Critical |
| 3%7eeed460c9d12572ae | TLS | akamai.darcherif.fr | Extremely high number of detected threat events (121 over 20 requests), all accessed paths flagged by WAF, and multiple critical security alerts including 'BOT-BROWSER-IMPERSONATOR', indicating severe automated malicious probing and exploit attempts. | 2026-02-08 01:04:21 | 100.0% | Critical |
| 216.73.216.4 | IP | www.darcherif.fr | High percentage of detected threat requests (66.67%), accessed WAF-flagged paths ('robots.txt'), triggered security alert '3991023', and accessed highly obfuscated suspicious paths. Its associated ASN (AS16509) is already blocklisted for persistent malicious activity, with multiple other IPs from this ASN also blocklisted for identical behavior. | 2026-02-07 22:24:13 | 100.0% | Critical |
| 174.78.6.84 | IP | akamai.darcherif.fr | Triggered a critical WAF deny rule 'IPBLOCK-BURST4-318403', showed a high percentage of detected threat requests (36.8%), and accessed a suspicious obfuscated path ('akam/13/pixel_117686f9'), indicating a burst of malicious probing consistent with other blocklisted entities. | 2026-02-07 17:54:06 | 100.0% | Critical |
| 2a10:3c0:3:0:1:46:0:5 | IP | akamai.darcherif.fr | High percentage of detected threat requests (80%), all non-trivial accessed paths (mcp, sse) flagged by WAF, and triggered security alert '3990001'. This behavior is identical to multiple other blocklisted IPs from the same malicious ASN AS21859, indicating severe automated malicious probing and exploit attempts. | 2026-02-07 17:33:57 | 100.0% | Critical |
| 20.220.144.75 | IP | akamai.darcherif.fr | All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. Its associated ASN (AS8075) is already blocklisted for persistent malicious activity, with multiple other IPs from this ASN also blocklisted for identical behavior. | 2026-02-07 16:33:54 | 100.0% | Critical |
| 206.189.87.51 | IP | www.darcherif.fr | IP is performing WordPress brute-force attempts, indicated by access to wp-login.php and WAF alert '3900998'. Its associated ASN AS14061 is already blocklisted for extensive and highly malicious activity including WordPress enumeration and bot impersonation, consistent with this behavior. | 2026-02-07 15:13:48 | 100.0% | Critical |
| 45.149.173.211 | IP | akamai.darcherif.fr | Extremely high number of detected threat requests (89 over 25 requests), all accessed WordPress enumeration paths flagged by WAF, and multiple critical security alerts including 'BOT-BROWSER-IMPERSONATOR'. This IP also triggered a critical WAF deny rule ('IPBLOCK-BURST4-318403'), and its associated ASN AS62240 is already blocklisted for identical, severe malicious activity from other IPs. | 2026-02-07 11:23:36 | 100.0% | Critical |
| 45.156.128.178 | IP | akamai.darcherif.fr | Extremely high ratio of detected threat requests (47 over 7 total requests), all accessed paths flagged by WAF, and multiple critical security alerts including 'BOT-BROWSER-IMPERSONATOR'. Its associated ASN AS211680 is already blocklisted for identical severe malicious activity, indicating a persistent and coordinated threat. | 2026-02-07 09:33:28 | 100.0% | Critical |
| 20.110.243.199 | IP | akamai.darcherif.fr | All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files including a known WordPress File Manager exploit ('wp-content/plugins/hellopress/wp_filemanager.php') were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. Its associated ASN (AS8075) is already blocklisted for persistent and identical malicious activity from multiple other IPs. | 2026-02-07 09:13:31 | 100.0% | Critical |
| 20.187.78.62 | IP | www.darcherif.fr | IP belongs to AS8075, which is extensively blocklisted for persistent malicious activity, including probing suspicious PHP files and WordPress admin paths. While this specific IP has no immediate WAF flags or detected threat requests, its accessed paths (e.g., class-t.api.php, info.php, sf.php) are consistent with the malicious reconnaissance observed from other blocklisted IPs from this ASN. | 2026-02-07 07:53:35 | 95.0% | Critical |
| 24.126.4.95 | IP | akamai.darcherif.fr | IP 24.126.4.95 triggered a critical WAF deny rule ('IPBLOCK-BURST4-318403') and generated multiple WAF alerts, with a high percentage of detected threat requests (~36.8%), indicating a burst of malicious activity consistent with botnet behavior. | 2026-02-06 18:32:38 | 100.0% | Critical |
| 193.143.1.12 | IP | akamai.darcherif.fr | The IP 193.143.1.12 from Russia (RU) shows an extremely high rate of detected threat requests (84 over 21 total), engaged in aggressive WordPress enumeration (targeting 'wlwmanifest.xml', 'xmlrpc.php', 'feed/'), triggered a critical 'BOT-BROWSER-IMPERSONATOR' alert, and hit a critical WAF deny rule ('IPBLOCK-BURST4-318403'). Its associated ASN AS198953 is already blocklisted for identical and persistent malicious activity from multiple other IPs, confirming a severe and coordinated threat. | 2026-02-06 15:12:28 | 100.0% | Critical |
| 52.167.144.171 | IP | www.darcherif.fr | High percentage of detected threat requests (~85.7%), numerous WAF flags including an obfuscated and suspicious path, and its associated ASN (AS8075) is already blocklisted for persistent malicious activity with identical attack patterns. | 2026-02-06 12:42:09 | 100.0% | Critical |
| 52.167.144.187 | IP | www.darcherif.fr | All requests (100%) from this IP were detected as threats and flagged by WAF, triggering security alert '3991006'. Its associated ASN (AS8075) is already blocklisted for persistent malicious activity with identical attack patterns. | 2026-02-06 12:42:09 | 100.0% | Critical |
| 20.110.170.61 | IP | akamai.darcherif.fr | All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files including a known WordPress File Manager exploit ('wp-content/plugins/hellopress/wp_filemanager.php') were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. Its associated ASN (AS8075) is already blocklisted for persistent and identical malicious activity from multiple other IPs. | 2026-02-06 08:32:03 | 100.0% | Critical |
| 73.98.29.196 | IP | akamai.darcherif.fr | Triggered a critical WAF deny rule 'IPBLOCK-BURST4-318403' indicating a burst of malicious activity, and detected security alert '3910006' for an obfuscated path ('akam/13/pixel_6600b21e'), consistent with other blocklisted entities showing severe malicious probing. | 2026-02-05 19:21:17 | 100.0% | Critical |
| 167.172.232.142 | IP | akamai.darcherif.fr | Aggressive reconnaissance for sensitive files and API documentation, all requests flagged by WAF, extremely high threat request ratio (63 over 35 requests), and triggered critical deny rules (LFI-ANOMALY, IPBLOCK-PENALTY-BOX). Associated ASN AS14061 is blocklisted for identical malicious activity. | 2026-02-05 12:40:35 | 100.0% | Critical |
| 142.93.0.66 | IP | akamai.darcherif.fr | Aggressive reconnaissance for sensitive files and API documentation, all requests flagged by WAF, extremely high threat request ratio (62 over 35 requests), and triggered critical deny rules (LFI-ANOMALY, IPBLOCK-PENALTY-BOX). Associated ASN AS14061 is blocklisted for identical malicious activity. | 2026-02-05 12:40:35 | 100.0% | Critical |
| 45.148.10.154 | IP | akamai.darcherif.fr | Extremely high ratio of detected threat requests (111 over 14 requests), all accessed sensitive version control system files (.svn, .git) were flagged by WAF, and multiple critical security alerts including 'BOT-BROWSER-IMPERSONATOR' were triggered. Its associated ASN AS48090 is already blocklisted for persistent and identical severe malicious activity from numerous other IPs. | 2026-02-05 01:59:54 | 100.0% | Critical |
| 66.249.66.202 | IP | www.darcherif.fr | High percentage of detected threat requests (60%), all accessed suspicious paths flagged by WAF, and triggered security alert '3991006'. Its associated ASN (AS15169) is already blocklisted for persistent malicious activity with numerous other IPs from this ASN also blocklisted for identical behavior. | 2026-02-05 01:29:53 | 100.0% | Critical |
| 52.184.97.233 | IP | akamai.darcherif.fr | All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. Its associated ASN (AS8075) is already blocklisted for persistent malicious activity, with numerous other IPs from this ASN also blocklisted for identical behavior. | 2026-02-04 23:19:39 | 100.0% | Critical |
| 51.195.103.76 | IP | www.darcherif.fr | All requests (100%) from this IP were detected as threats and flagged by WAF, triggering security alert '3991006'. Its associated ASN (AS16276) is already blocklisted for persistent malicious activity, with other IPs from this ASN also blocklisted for similar malicious campaigns. | 2026-02-04 18:29:24 | 100.0% | Critical |
| 43.164.195.17 | IP | www.darcherif.fr | High percentage of detected threat requests (40%), all accessed non-empty paths flagged by WAF, and triggered security alert '3900999', consistent with blocklisted ASN AS132203 and other blocklisted IPs exhibiting similar critical malicious activity. | 2026-02-04 16:29:19 | 100.0% | Critical |
| 167.71.198.160 | IP | akamai.darcherif.fr | IP is actively performing WordPress enumeration and bot impersonation, with an extremely high number of detected threat requests (34 over 6 requests) and all accessed paths flagged by WAF. Its associated ASN (AS14061) is already blocklisted for identical highly malicious activity, confirming a coordinated and severe threat. | 2026-02-04 11:58:50 | 100.0% | Critical |
| 20.211.1.249 | IP | www.darcherif.fr | IP belongs to AS8075, which is blocklisted for persistent malicious activity. This IP is actively probing highly suspicious WordPress administration and core file paths (e.g., wp-admin/images/file.php, wp-load.php, chosen.php), consistent with reconnaissance and exploitation attempts, despite no explicit WAF flags for these specific requests. | 2026-02-04 11:48:48 | 98.0% | Critical |
| AS64286 | ASN | www.darcherif.fr | Multiple associated IPs are performing malicious probing by accessing WAF-flagged obfuscated paths and triggering security alert '3910006', indicating widespread malicious activity from this ASN, consistent with other blocklisted ASNs. | 2026-02-04 10:28:43 | 98.0% | Critical |
| 149.57.176.44 | IP | www.darcherif.fr | Accessed a WAF-flagged obfuscated path ("akam/13/pixel_2eb3b2db") and triggered security alert '3910006', a pattern consistent with malicious probing observed from blocklisted IPs from the same ASN (`149.57.191.20`). | 2026-02-04 10:28:43 | 95.0% | Critical |
| 149.57.191.228 | IP | www.darcherif.fr | Accessed a WAF-flagged obfuscated path ("akam/13/pixel_69827dcf") and triggered security alert '3910006', a pattern consistent with malicious probing observed from blocklisted IPs from the same ASN (`149.57.191.20`). | 2026-02-04 10:28:43 | 95.0% | Critical |
| 149.57.191.20 | IP | - | Accessed a WAF-flagged obfuscated path ("akam/13/pixel_2eb3b1d8") and triggered security alert '3910006', a pattern consistent with malicious probing observed from other blocklisted IPs. | 2026-02-04 09:28:40 | 85.0% | Critical |
| 205.169.39.29 | IP | www.darcherif.fr | Accessed a WAF-flagged obfuscated path ("akam/13/2f321e7e") and triggered security alert '3900999', consistent with other blocklisted IPs from its associated ASN (AS3356) exhibiting similar malicious probing. | 2026-02-04 09:28:40 | 95.0% | Critical |
| 74.7.230.8 | IP | www.darcherif.fr | This IP shows 100% detected threat requests, accessed a WAF-flagged path 'robots.txt', and its associated ASN (AS8075) is already blocklisted for persistent malicious activity with other IPs showing identical behavior. | 2026-02-04 06:48:32 | 100.0% | Critical |
| 74.7.228.59 | IP | akamai.darcherif.fr | All requests (100%) from this IP were detected as threats, the accessed path 'robots.txt' was flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. Its associated ASN (AS8075) is already blocklisted for persistent malicious activity, with multiple other IPs from this ASN also blocklisted for identical behavior. | 2026-02-04 06:38:31 | 100.0% | Critical |