Investigation Workspace

Entity: 20.110.170.61 (Ip)

Entity Details
Type
Ip
ASN
AS8075 - Microsoft Corporation
Threat Intelligence
All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files including a known WordPress File Manager exploit ('wp-content/plugins/hellopress/wp_filemanager.php') were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. Its associated ASN (AS8075) is already blocklisted for persistent and identical malicious activity from multiple other IPs.
Linked Entities
Hostnames Targeted
Hostname Request Count
akamai.darcherif.fr 12
Paths Targeted (with Request Counts)
Path Request Count
app.php 1
wwx.php 1
lib.php 1
reze.php 1
ws38.php 1
bnn_.php 1
166.php 1
bgymj.php 1
rzzaq.php 1
uploaxa1.php 1
classwithtostring.php 1
wp-content/plugins/hellopress/wp_filemanager.php 1
🚫

Block

All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files including a known WordPress File Manager exploit ('wp-content/plugins/hellopress/wp_filemanager.php') were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. Its associated ASN (AS8075) is already blocklisted for persistent and identical malicious activity from multiple other IPs.

2026-02-06 08:32:03