383
97.0%
49
TLS: 13 IP: 31 ASN: 6
| Entity | Type | Hostnames | Reason | Blocked At | AI Confidence | AI Details |
|---|---|---|---|---|---|---|
| 3%7e44d2a8b1bd7fcedf | TLS | - | High percentage of requests (80.3%) associated with this TLS fingerprint were detected as threats and flagged by WAF. | 2025-12-16 16:38:53 | 90.0% | Critical |
| 114.119.129.175 | IP | - | All requests (100%) from this IP were detected as threats and flagged by WAF. | 2025-12-16 16:38:53 | 90.0% | Critical |
| 47.128.19.44 | IP | - | All requests (100%) from this IP were detected as threats and flagged by WAF. | 2025-12-16 16:38:53 | 85.0% | Medium |
| 3%7eeb4f52e1e9bd4579 | TLS | - | Over 90% of requests associated with this TLS fingerprint were detected as threats, indicating persistent malicious activity. | 2025-12-16 16:38:53 | 90.0% | Critical |
| 74.7.242.54 | IP | - | Extremely high percentage of detected threat requests (97.7%) and all accessed paths flagged by WAF. | 2025-12-16 16:38:53 | 95.0% | Critical |
| 114.119.136.249 | IP | - | All requests (100%) from this IP were detected as threats and flagged by WAF. | 2025-12-16 16:38:53 | 90.0% | Critical |
| 114.119.149.66 | IP | - | All requests (100%) from this IP were detected as threats and flagged by WAF. | 2025-12-16 16:38:53 | 90.0% | Critical |
| 3.112.5.185 | IP | akamai.darcherif.fr | All requests (100%) from this IP were flagged as threats and triggered a critical 'IPBLOCK' WAF deny rule. | 2025-12-16 16:38:53 | 100.0% | Critical |
| 3%7e038225e54eaf0990 | TLS | - | All requests (100%) associated with this TLS fingerprint were detected as threats and flagged by WAF. | 2025-12-16 16:38:53 | 90.0% | Critical |
| 114.119.142.93 | IP | - | All requests (100%) from this IP were detected as threats and flagged by WAF. | 2025-12-16 16:38:53 | 90.0% | Critical |
| 141.98.11.181 | IP | akamai.darcherif.fr | Detected bot-browser impersonation, extensive WordPress enumeration, and triggered a critical 'IPBLOCK-BURST4' WAF deny rule due to a high rate of malicious requests. | 2025-12-16 15:59:12 | 100.0% | Critical |
| AS16509 | ASN | akamai.darcherif.fr www.darcherif.fr | High ratio of detected threat requests and a critical 'IPBLOCK' WAF deny rule was triggered. This ASN is already in the blocklist for persistent malicious activity. | 2025-12-16 15:59:12 | 100.0% | Critical |
| AS22295 | ASN | akamai.darcherif.fr | Detected bot-browser impersonation and extensive WordPress enumeration, triggering a critical 'IPBLOCK-BURST4' WAF deny rule. This ASN is already associated with blocklisted IPs. | 2025-12-16 15:59:12 | 100.0% | Critical |
| AS140818 | ASN | www.darcherif.fr | High volume of requests targeting WordPress enumeration and login paths, triggering critical WAF deny rules including IPBLOCK-PENALTY-BOX and PLATFORM-ANOMALY. | 2025-12-16 15:59:12 | 100.0% | Critical |
| 194.180.49.169 | IP | akamai.darcherif.fr | Aggressively targeted highly sensitive configuration and information files, triggering critical WAF deny rules including IPBLOCK-BURST4, LFI-ANOMALY, and reputation-based blocking. | 2025-12-16 15:59:12 | 100.0% | Critical |
| 77.90.185.240 | IP | www.darcherif.fr | High percentage of detected threat requests (33/36) specifically targeting 'wp-login.php' and triggering an alert indicative of brute-force attempts. | 2025-12-16 15:59:12 | 90.0% | Critical |
| 104.244.74.39 | IP | akamai.darcherif.fr | All requests targeted sensitive configuration files and triggered critical LFI-ANOMALY and reputation-based WAF deny rules. | 2025-12-16 15:59:12 | 100.0% | Critical |
| 3%7e2891d83539e8d2fd | TLS | akamai.darcherif.fr | Extremely high number of detected threat requests and extensive WordPress enumeration, triggering multiple WAF alerts, bot impersonation, and a critical 'IPBLOCK-BURST4' deny rule. | 2025-12-16 15:59:12 | 100.0% | Critical |
| 3%7e305534a7233fb39f | TLS | www.darcherif.fr akamai.darcherif.fr | Aggressively targeted highly sensitive configuration files (e.g., .env, .git/config) and triggered multiple critical WAF deny rules, including IPBLOCK and LFI-ANOMALY. | 2025-12-16 15:59:12 | 100.0% | Critical |
| 3%7edf1fada1233fb39f | TLS | www.darcherif.fr | High number of detected threat requests (20/22) including access to a highly obfuscated and suspicious path, indicating malicious probing or exploit attempts. | 2025-12-16 15:59:12 | 98.0% | Critical |
| 3%7e7d37a809e7e56fbe | TLS | akamai.darcherif.fr | Aggressively targeted highly sensitive configuration and information files, triggering critical WAF deny rules including IPBLOCK-BURST4, LFI-ANOMALY, and reputation-based blocking. | 2025-12-16 15:59:12 | 100.0% | Critical |
| 3%7e407f950e81268bfe | TLS | www.darcherif.fr | High percentage of detected threat requests (57/72) specifically targeting 'wp-login.php' and triggering an alert indicative of brute-force attempts. | 2025-12-16 15:59:12 | 95.0% | Critical |
| 107.172.195.91 | IP | akamai.darcherif.fr | High number of detected threat requests and multiple WAF alerts, including bot impersonation, indicating automated malicious probing. | 2025-12-16 15:59:12 | 95.0% | Critical |
| 3%7e01ca4d1c280cf0ab | TLS | akamai.darcherif.fr www.darcherif.fr | Very high percentage of detected threat requests (52/54) with multiple WAF alerts and a critical 'IPBLOCK' deny rule triggered, indicating malicious activity. | 2025-12-16 15:59:12 | 100.0% | Critical |
| 3%7e24e11312e419fb9c | TLS | akamai.darcherif.fr | Extremely high number of detected threat requests and multiple WAF alerts, including bot impersonation, indicating severe automated malicious activity. | 2025-12-16 15:59:12 | 98.0% | Critical |
| 62.60.130.228 | IP | www.darcherif.fr | High percentage of detected threat requests (13/16) specifically targeting 'wp-login.php' and triggering an alert indicative of brute-force attempts. | 2025-12-16 15:59:12 | 90.0% | Critical |
| 193.142.147.57 | IP | www.darcherif.fr | All requests (100%) from this IP were detected as threats, specifically targeting 'wp-login.php' and triggering a security alert indicative of a brute-force or credential stuffing attack. | 2025-12-16 06:13:43 | 100.0% | Critical |
| 208.84.101.251 | IP | akamai.darcherif.fr | 50% of requests were detected as threats, targeting sensitive WordPress enumeration paths and triggering a critical IP block deny rule due to a burst of malicious activity. | 2025-12-15 22:03:11 | 100.0% | Critical |
| 103.4.251.152 | IP | akamai.darcherif.fr | All requests (100%) from this IP were flagged by WAF, with a high number of detected threat requests, and triggered multiple security alerts including 'BOT-BROWSER-IMPERSONATOR', indicating automated malicious probing and exploit attempts. | 2025-12-12 06:58:39 | 100.0% | Critical |
| 65.87.7.112 | IP | akamai.darcherif.fr | All requests (100%) from this IP were flagged by WAF, triggering security alert "3990011", and all accessed paths were marked as threats, indicating malicious activity. | 2025-12-12 00:48:21 | 95.0% | Critical |
| 3%7ebb4be091c5dc4153 | TLS | akamai.darcherif.fr | All requests associated with this TLS fingerprint were flagged by WAF, targeting sensitive files (.DS_Store, .env, .git/config) and common admin/info paths, and triggered a critical 'LFI-ANOMALY' deny rule. This fingerprint is indicative of a highly malicious client. | 2025-12-12 00:08:31 | 100.0% | Critical |
| AS14061 | ASN | akamai.darcherif.fr | All requests from IPs associated with this ASN were flagged by WAF, extensively probing sensitive configurations and known exploit paths (including LFI and Jira exploits), and consistently triggered critical 'LFI-ANOMALY' deny rules. This ASN is confirmed to be highly malicious and is already in the blocklist. | 2025-12-12 00:08:31 | 100.0% | Critical |
| 167.71.81.114 | IP | akamai.darcherif.fr | All requests were flagged by WAF, targeting sensitive endpoints (actuator/env, api/swagger.json, .env, .vscode/sftp.json) and triggered a critical 'LFI-ANOMALY' deny rule. Its associated ASN (AS14061) is already blocklisted for persistent malicious activity. | 2025-12-12 00:08:31 | 100.0% | Critical |
| 147.182.149.75 | IP | akamai.darcherif.fr | All requests were flagged by WAF, targeting sensitive files (.git/config, .env, config.json) and known exploit paths (LFI, Jira exploit), and triggered a critical 'LFI-ANOMALY' deny rule. Its associated ASN (AS14061) is already blocklisted for persistent malicious activity. | 2025-12-12 00:08:31 | 100.0% | Critical |
| 159.89.12.166 | IP | akamai.darcherif.fr | All requests were flagged by WAF, targeting sensitive files (.git/config, .env, .vscode/sftp.json) and known exploit paths (LFI, Jira exploit), and triggered a critical 'LFI-ANOMALY' deny rule. Its associated ASN (AS14061) is already blocklisted for persistent malicious activity. | 2025-12-12 00:08:31 | 100.0% | Critical |
| 159.89.174.87 | IP | akamai.darcherif.fr | All requests were flagged by WAF, targeting sensitive files (.env, api-docs/swagger.json, .vscode/sftp.json) and common admin/info paths, and triggered a critical 'LFI-ANOMALY' deny rule. Its associated ASN (AS14061) is already blocklisted for persistent malicious activity. | 2025-12-12 00:08:31 | 100.0% | Critical |
| 40.83.76.149 | IP | akamai.darcherif.fr | All requests (100%) from this IP were flagged by WAF, accessing suspicious PHP files, and triggered an 'IPBLOCK' deny rule. Its associated ASN (AS8075) is already blocklisted for persistent malicious activity. | 2025-12-10 00:46:02 | 100.0% | Critical |
| 37.228.254.154 | IP | www.darcherif.fr | High ratio of detected threat requests (60%), including access to an extremely suspicious and obfuscated path 'NqKXrfXQ/UVmgosN/YjdiKN1/-J/EYm94maubaDicN/RiQhYUIC/fGlT/I3ESewcB', indicating malicious probing and potential exploit attempts. A WAF alert rule '3900999' was also triggered. | 2025-12-09 12:55:20 | 95.0% | Critical |
| 2a07:e05:3:1b::1 | IP | akamai.darcherif.fr | All requests (100%) from this IP were flagged by WAF, triggering multiple security alerts including 'BOT-BROWSER-IMPERSONATOR', and demonstrating a high ratio of detected threat requests to total requests, indicating automated malicious probing. | 2025-12-08 08:23:25 | 100.0% | Critical |
| 213.35.103.66 | IP | akamai.darcherif.fr | All requests from this IP targeted sensitive WordPress admin/login paths, were flagged by WAF, and triggered multiple security alerts including 'BOT-BROWSER-IMPERSONATOR', indicating automated malicious probing. | 2025-12-06 13:41:21 | 100.0% | Critical |
| 216.73.216.213 | IP | www.darcherif.fr | All requests (100%) from this IP were flagged by WAF, indicating persistent malicious probing targeting WordPress endpoints and triggering security alerts. | 2025-12-05 18:50:26 | 100.0% | Critical |
| 45.148.10.246 | IP | akamai.darcherif.fr | Extensive probing of sensitive configuration files and backups (e.g., .env, config/mail), all requests (100%) flagged by WAF, and multiple critical deny rules triggered including LFI-ANOMALY and IPBLOCK. | 2025-12-04 12:34:38 | 100.0% | Critical |
| AS48090 | ASN | akamai.darcherif.fr | Associated with IP 45.148.10.246, which demonstrated extensive probing of sensitive files, had all requests flagged by WAF, and triggered critical deny rules including LFI-ANOMALY and IPBLOCK. | 2025-12-04 12:34:38 | 100.0% | Critical |
| 62.60.130.210 | IP | www.darcherif.fr | All requests (100%) were flagged by WAF and targeted 'wp-login.php', triggering security alerts indicative of a brute-force or credential stuffing attack. | 2025-12-02 14:22:25 | 100.0% | Critical |
| 3%7e67c0ea0c99e03401 | TLS | akamai.darcherif.fr | TLS fingerprint associated with an IP (4.189.168.36) that had all requests flagged by WAF, bot impersonation, and probing of sensitive paths. Associated ASN AS8075 is blocklisted. | 2025-11-30 15:39:51 | 100.0% | Critical |
| 4.189.168.36 | IP | akamai.darcherif.fr | All requests (100%) flagged by WAF with bot impersonation and probing of sensitive paths. Associated ASN AS8075 is already blocklisted for persistent malicious activity. | 2025-11-30 15:39:50 | 100.0% | Critical |
| 134.122.136.96 | IP | www.darcherif.fr | Multiple critical WAF deny rules triggered, including LFI, command injection, XSS, and bot impersonation, indicating severe malicious probing and exploit attempts. All accessed paths were flagged. | 2025-11-30 14:03:57 | 100.0% | Critical |
| AS152194 | ASN | www.darcherif.fr | Associated with IP 134.122.136.96, which triggered multiple critical WAF deny rules including LFI, command injection, XSS, and bot impersonation. All accessed paths from this ASN were flagged as malicious. | 2025-11-30 14:03:57 | 100.0% | Critical |
| 3%7ed09afd3ffe9bdf7b | TLS | www.darcherif.fr | Associated with IP 134.122.136.96, which triggered multiple critical WAF deny rules including LFI, command injection, XSS, and bot impersonation. This TLS fingerprint is used by a highly malicious client. | 2025-11-30 14:03:57 | 100.0% | Critical |
| 43.163.127.190 | IP | akamai.darcherif.fr | Repeated, targeted access attempts to sensitive Spring Boot actuator and mapping endpoints. All 13 requests flagged by WAF, with bot impersonation detected, indicating high-confidence malicious activity. | 2025-11-20 15:39:02 | 100.0% | Critical |