Investigation Workspace

Entity: 4.189.168.36 (Ip)

Entity Details
Type
Ip
ASN
AS8075 - Microsoft Corporation
Threat Intelligence
All requests (100%) flagged by WAF with bot impersonation and probing of sensitive paths. Associated ASN AS8075 is already blocklisted for persistent malicious activity.
Linked Entities
TLS Fingerprints (1)
Hostnames Targeted
Hostname Request Count
akamai.darcherif.fr 182
Paths Targeted (with Hostname Counts)
Path Distinct Hostnames
wp-includes/js/tinymce/plugins/compat3x/css/ 1
wp-includes/images/smilies/about.php 1
templates/beez3/error.php 1
wp-includes/images/smilies/index.php 1
wp-includes/js/swfupload/ 1
wp-includes/pomo/about.php 1
wp-includes/ID3/index.php 1
wp-admin/js/autoload_classmap.php 1
wp-content/plugins/pwnd/as.php 1
wp-includes/sitemaps/providers/ 1
wp-includes/customize/chosen.php 1
wp-admin/css/colors/coffee/ 1
wp-admin/js/widgets/index.php 1
wp-includes/Text/wp-login.php 1
wp-admin/css/colors/blue/about.php 1
wp-admin/images/index.php 1
wp-admin/js/widgets/cloud.php 1
wp-admin/css/colors/sunrise/ 1
wp-admin/includes/index.php 1
wp-content/themes/wp-pridmag/init.php 1
wp-includes/Requests/Text/ 1
_sec/cp_challenge/challenge 1
admin/controller/extension/extension/ultra.php 1
wp-admin/css/colors/midnight/ 1
wp-content/languages/chosen.php 1
wp-content/plugins/hellopress/wp_filemanager.php 1
wp-includes/certificates/ 1
wp-includes/images/media/ 1
wp-content/upgrade-temp-backup/about.php 1
wp-includes/assets/index.php 1
wp-admin/includes/cloud.php 1
wp-includes/autoload_classmap.php 1
wp-admin/css/colors/modern/ 1
wp-includes/IXR/index.php 1
wp-content/uploads/2024/index.php 1
wp-admin/autoload_classmap.php 1
wp-includes/ID3/autoload_classmap.php 1
wp-includes/js/tinymce/langs/ 1
templates/cassiopeia/index.php 1
.well-known/gecko-litespeed.php 1
wp-admin/css/colors/blue/atomlib.php 1
wp-includes/customize/ 1
aa.php 1
index/function.php 1
ALFA_DATA/alfacgiapi/ 1
wp-content/index.php 1
wp-content/uploads/ 1
flower.php 1
file5.php 1
.well-known/ 1
🚫

Block

All requests (100%) flagged by WAF with bot impersonation and probing of sensitive paths. Associated ASN AS8075 is already blocklisted for persistent malicious activity.

2025-11-30 15:39:50