| Hostname | Request Count |
|---|---|
| akamai.darcherif.fr | 107 |
| www.darcherif.fr | 102 |
| Path | Request Count |
|---|---|
| wp-login.php | 100 |
| _sec/cp_challenge/challenge | 27 |
| / | 6 |
| feed/ | 5 |
| xmlrpc.php | 5 |
| wp/wp-includes/wlwmanifest.xml | 5 |
| site/wp-includes/wlwmanifest.xml | 5 |
| shop/wp-includes/wlwmanifest.xml | 5 |
| 2020/wp-includes/wlwmanifest.xml | 5 |
| cms/wp-includes/wlwmanifest.xml | 5 |
| 2021/wp-includes/wlwmanifest.xml | 5 |
| blog/wp-includes/wlwmanifest.xml | 5 |
| 2019/wp-includes/wlwmanifest.xml | 5 |
| wp-includes/ID3/license.txt | 5 |
| wp1/wp-includes/wlwmanifest.xml | 5 |
| wordpress/wp-includes/wlwmanifest.xml | 5 |
| web/wp-includes/wlwmanifest.xml | 5 |
| test/wp-includes/wlwmanifest.xml | 5 |
| index.php/author/admin3157/ | 1 |
Accessed 'wp-login.php' and triggered a WAF alert indicative of brute-force attempts. Not enough deny rules or total threat requests to block immediately, but requires monitoring.
Entity continues to target wp-login.php with a low rate of threat requests (25%) and triggered a relevant alert (3900998), requiring further monitoring but not immediate blocking.
No new activity or detected threat requests since being added to the watchlist, suggesting it's no longer a threat or was a false positive.
Detected brute-force or credential stuffing attempts targeting 'wp-login.php', with WAF flagging the path and triggering security alert '3900998'. Associated ASN (AS209605) has other IPs blocklisted for similar WordPress enumeration and bot activity.