ClearSOC Dashboard - Investigation Workspace

Entity Details

Type: Tls

Linked Entities

IPs Linked to TLS Fingerprint (10)

37.77.150.124 Investigate
134.199.90.185 Investigate
45.135.232.178 Investigate
45.135.232.10 Investigate
213.159.12.122 Investigate
2a07:e05:3:1b::1 Investigate
2a07:e05:3:35::1 Investigate
37.77.150.123 Investigate
141.98.11.171 Investigate
141.98.11.107 Investigate

Hostnames Targeted

Hostname	Request Count
www.darcherif.fr	564
akamai.darcherif.fr	24

Paths Targeted (with Request Counts)

Path	Request Count
xmlrpc.php	136
wp-login.php	77
/	12
assets/mail/contact_me.js	4
js/mpulse.js	4
assets/mail/jqBootstrapValidation.js	4
js/scripts.js	4
wp-includes/	3
wp-content/uploads/2026/03/	3
wp-content/uploads/2025/07/	2
wp-content/uploads/2023/04/	2
wp-content/uploads/2025/02/	2
wp-content/uploads/2024/09/	2
wp-content/uploads/2025/08/	2
wp-content/uploads/2023/	2
wp-content/uploads/2025/	2
wp-content/uploads/2022/11/	2
wp-content/uploads/2024/08/	2
wp-content/uploads/2024/04/	2
wp-content/uploads/2024/02/	2
netstorage/ns-product-brief.pdf	2
wp-admin/includes/	2
wp-content/uploads/2022/06/	2
wp-content/uploads/2022/03/	2
wp-content/uploads/2024/	2
wp-content/uploads/2025/09/	2
wp-content/uploads/2025/04/	2
wp-content/uploads/2022/	2
wp-content/themes/highlight/images/	2
wp-content/uploads/2024/07/	2
wp-content/uploads/2022/12/	2
wp-content/uploads/2022/08/	2
wp-content/uploads/2024/12/	2
wp-content/uploads/2022/07/	2
wp-includes/block-bindings/	2
wp-content/uploads/2025/05/	2
wp-content/uploads/2022/01/	2
wp-content/uploads/2025/03/	2
wp-content/uploads/2025/11/	2
.env	2
wp-content/uploads/2024/11/	2
wp-content/uploads/2025/06/	2
wp-includes/assets/	2
wp-content/uploads/2022/04/	2
wp-content/uploads/2022/10/	2
wp-content/uploads/2023/01/	2
wp-content/uploads/2024/05/	2
wp-content/uploads/2022/02/	2
wp-content/uploads/2026/02/	2
wp-content/uploads/2026/01/	2

🚫

Block

Extremely high threat request ratio (39/15), all accessed paths flagged by WAF including WordPress sensitive paths ('xmlrpc.php', 'wp-login.php'), multiple security alerts (e.g., 'BOT-BROWSER-IMPERSONATOR'), and critical WAF deny rules ('IPBLOCK-PENALTY-BOX', 'PLATFORM-ANOMALY') were triggered. This pattern is consistent with other blocklisted malicious entities.

2026-01-05 00:05:22

Investigation Workspace

Entity: 3%7e5280136f5f66ec7b (Tls)

Entity Details

Linked Entities

Hostnames Targeted

Paths Targeted (with Request Counts)

Block