ClearSOC Dashboard - Investigation Workspace

Entity Details

Type: Ip
ASN: AS198953 - Proton66 OOO
Threat Intelligence: All requests (100%) from this IP targeted known WordPress exploit paths ('xmlrpc.php', 'wp-login.php') and triggered multiple critical WAF deny rules (IPBLOCK-PENALTY-BOX, PLATFORM-ANOMALY, POLICY-ANOMALY), indicating an active and severe brute-force or enumeration attack. Its ASN (AS198953) has other IPs blocklisted for identical malicious activity.

Linked Entities

TLS Fingerprints (1)

3%7e5280136f5f66ec7b Investigate

Hostnames Targeted

Hostname	Request Count
www.darcherif.fr	363

Paths Targeted (with Request Counts)

Path	Request Count
xmlrpc.php	12
wp-login.php	11
wp-content/uploads/2026/03/	3
wp-includes/	3
/	3
wp-content/uploads/2022/02/	2
wp-content/uploads/2022/07/	2
wp-content/uploads/2024/09/	2
wp-content/uploads/2025/09/	2
wp-content/uploads/2022/11/	2
wp-content/uploads/2024/04/	2
wp-content/uploads/2025/04/	2
wp-content/themes/highlight/images/	2
wp-content/uploads/2024/05/	2
wp-content/uploads/2022/10/	2
wp-content/uploads/2023/01/	2
wp-content/uploads/2022/01/	2
wp-content/uploads/2025/05/	2
wp-content/uploads/2024/08/	2
wp-content/uploads/2025/08/	2
wp-content/uploads/2022/03/	2
wp-content/uploads/2025/07/	2
wp-content/uploads/2024/07/	2
wp-content/uploads/2022/12/	2
wp-content/uploads/2025/06/	2
wp-content/uploads/2026/02/	2
wp-content/uploads/2023/02/	2
wp-content/uploads/2024/06/	2
wp-content/uploads/2025/	2
wp-content/uploads/2024/02/	2
wp-content/uploads/2022/04/	2
wp-content/uploads/2023/04/	2
wp-content/uploads/2024/11/	2
wp-content/uploads/2025/10/	2
wp-content/uploads/2024/01/	2
wp-content/uploads/2025/01/	2
wp-content/uploads/2024/10/	2
wp-content/uploads/2025/11/	2
wp-content/uploads/2022/05/	2
wp-content/uploads/2022/09/	2
wp-includes/block-bindings/	2
wp-content/uploads/2026/01/	2
wp-content/uploads/2025/02/	2
wp-content/uploads/2022/06/	2
wp-content/uploads/2024/03/	2
wp-content/uploads/2025/12/	2
wp-content/uploads/2022/08/	2
wp-content/uploads/2024/12/	2
wp-content/uploads/2025/03/	2
wp-content/uploads/2023/	2

🚫

Block

All requests (100%) from this IP targeted known WordPress exploit paths ('xmlrpc.php', 'wp-login.php') and triggered multiple critical WAF deny rules (IPBLOCK-PENALTY-BOX, PLATFORM-ANOMALY, POLICY-ANOMALY), indicating an active and severe brute-force or enumeration attack. Its ASN (AS198953) has other IPs blocklisted for identical malicious activity.

2026-01-27 11:52:32

Investigation Workspace

Entity: 37.77.150.124 (Ip)

Entity Details

Linked Entities

Hostnames Targeted

Paths Targeted (with Request Counts)

Block