Investigation Workspace

Entity: 20.220.144.75 (Ip)

Entity Details
Type
Ip
ASN
AS8075 - Microsoft Corporation
Threat Intelligence
All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. Its associated ASN (AS8075) is already blocklisted for persistent malicious activity, with multiple other IPs from this ASN also blocklisted for identical behavior.
Linked Entities
Hostnames Targeted
Hostname Request Count
akamai.darcherif.fr 101
Paths Targeted (with Request Counts)
Path Request Count
inc.php 2
wp-content/plugins/hellopress/wp_filemanager.php 2
error_log.php 2
0byte.php 2
bootstrap.php 2
z-ehp.php 2
system123.php 2
bgymj.php 2
54.php 2
grsiuk.php 2
inege.php 2
ak.php 2
35.php 2
mini.php 2
lkj.php 2
init.php 2
a332.php 2
kjh.php 2
term.php 2
166.php 2
t.php 2
cxc.php 2
h02ugyh.php 2
xy.php 2
aa.php 2
xs.php 2
155.php 2
sc.php 2
lib.php 2
geju.php 2
96i.php 2
ccs.php 2
6.php 2
ava.php 1
wp-includes/Requests/index.php 1
black.php 1
24name.php 1
erty.php 1
num.php 1
hotel.php 1
bwiau.php 1
22name.php 1
wp-act.php 1
lbmd5v5t.php 1
ms.php 1
24.php 1
js/adminer-3.5.1.php 1
wp-admin/css/colors/blue/about.php 1
iov.php 1
auth.php 1
🚫

Block

All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. Its associated ASN (AS8075) is already blocklisted for persistent malicious activity, with multiple other IPs from this ASN also blocklisted for identical behavior.

2026-02-07 16:33:54