|
216.73.216.218
|
ip
|
High proportion of detected threat requests (4 out of 6), access to suspicious obfuscated paths, and WAF alert for security rule 3991023 indicating po...
|
2026-03-14 03:58:36
|
1
|
US
|
AS16509
|
['', 'www.darcherif.fr']
|
['', 'robots.txt', 'index.php/tag/cps/']
|
{"alert": ["3991023"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
4.205.16.4
|
ip
|
All requests detected as threats, probing for common web shell locations and WordPress vulnerabilities. IP has triggered IPBLOCK deny rules, indicatin...
|
2026-03-13 23:57:50
|
1
|
CA
|
AS8075
|
['akamai.darcherif.fr']
|
['wp-admin/a.php', 'rip.php', 'wk/index.php', '.well-known/', 'wp-content/plugins/index.php', 'wp-content/uploads/', 'kbfr.php', 'wp-admin/alfa.php', 'info.php', 'chosen.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
45.156.87.198
|
ip
|
IP engaged in suspicious activity targeting wp-login.php, flagged by WAF, with 50% of requests detected as threats.
|
2026-03-12 22:13:31
|
1
|
NL
|
AS51396
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
2.22.226.14
|
ip
|
Entity shows a 'last_seen' timestamp in the future, indicating data integrity issues or a sophisticated attempt to evade detection, combined with acce...
|
2026-03-12 20:13:10
|
1
|
FR
|
AS12222
|
['', 'www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.8999999761581421
|
severity: Severity.critical
|
|
216.73.216.133
|
ip
|
Observed highly suspicious and obfuscated path requests, 4 out of 6 requests detected as threats, and triggered security rule '3991023'. This indicate...
|
2026-03-12 20:03:03
|
1
|
US
|
AS16509
|
['', 'www.darcherif.fr']
|
['', 'robots.txt']
|
{"alert": ["3991023"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
185.193.156.155
|
ip
|
This IP address exhibits highly suspicious behavior, including numerous attempts to access WordPress enumeration paths ('wlwmanifest.xml'), a signific...
|
2026-03-12 17:32:34
|
1
|
US
|
AS62240
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "3904058", "3904065", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
47.128.16.18
|
ip
|
All requests from this IP address were flagged by WAF and triggered security alerts (rule 3991023), indicating highly malicious activity targeting Wor...
|
2026-03-12 10:31:23
|
1
|
SG
|
AS16509
|
['www.darcherif.fr']
|
['wp-content/themes/mesmerize/assets/css/theme.bundle.min.css', 'index.php/2023/04/27/ddos-what-is-it-how-does-it-work-and-how-to-be-protected/', 'wp-content/themes/highlight/assets/images/hero-inner.jpg', 'wp-content/themes/mesmerize/style.min.css', 'wp-content/themes/highlight/style.min.css', 'wp-includes/css/dist/block-library/style.min.css']
|
{"alert": ["3991023"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
124.198.132.28
|
ip
|
All 19 requests from this IP address were flagged by WAF, hitting a deny rule (REP_1654538), and involved scanning common WordPress manifest files (wl...
|
2026-03-12 09:21:05
|
1
|
US
|
AS210558
|
['www.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": [], "deny": ["REP_1654538"]}
|
1.0
|
severity: Severity.critical
|
|
20.119.217.110
|
ip
|
Multiple suspicious WordPress-related paths accessed, including potential web shell (sf.php), unauthorized admin access attempts (wp-admin.php, wp-con...
|
2026-03-12 09:10:55
|
1
|
US
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.8999999761581421
|
severity: Severity.critical
|
|
74.7.227.173
|
ip
|
This IP exhibits critical malicious activity with 30 out of 31 requests flagged as threats, multiple WAF rule hits, and access to highly suspicious, o...
|
2026-03-12 07:10:26
|
1
|
US
|
AS8075
|
['', 'www.darcherif.fr']
|
['wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/js/companion.bundle.min.js', 'index.php/category/cybercrime/', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-content/themes/highlight/assets/js/theme-child.js', 'wp-includes/js/imagesloaded.min.js', 'index.php/category/non-classe/', 'index.php/2023/04/27/ddos-what-is-it-how-does-it-work-and-how-to-be-protected/', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/uploads/2020/01/Czech-Republic-operation-Temelin-Nuclear-Power-Plant-2003-1024x669.jpg', 'wp-content/uploads/2020/01/dubai-sunrise-city-5k-pg-1920x1080.jpg']
|
{"alert": ["3991023"], "deny": []}
|
0.9800000190734863
|
severity: Severity.critical
|
|
45.156.87.11
|
ip
|
Observed high number of threat requests (34 out of 37 total) targeting 'wp-login.php' and flagged by WAF, strongly indicating brute-force or credentia...
|
2026-03-12 06:40:15
|
1
|
NL
|
AS51396
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
159.54.151.59
|
ip
|
This IP address has engaged in suspicious activity, targeting wp-login.php with multiple detected threat requests and triggering a security alert rule...
|
2026-03-11 18:07:48
|
1
|
MX
|
AS31898
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
91.132.139.11
|
ip
|
Accessed and flagged '.env' file, indicating potential sensitive information disclosure or configuration exposure attempt. WAF also denied requests du...
|
2026-03-11 13:56:58
|
1
|
AT
|
AS9009
|
['www.darcherif.fr']
|
['.env']
|
{"alert": ["3000508"], "deny": ["LFI-ANOMALY"]}
|
0.9800000190734863
|
severity: Severity.critical
|
|
2001:4878:a216:3000:7d60:d1f2:13b7:4d95
|
ip
|
Exhibited critical malicious behavior with 18 out of 19 requests detected as threats, multiple WAF flags on accessed paths, and triggered a security a...
|
2026-03-11 10:56:19
|
1
|
US
|
AS12222
|
['', 'www.darcherif.fr']
|
['wp-content/uploads/2020/05/ConferenceIndiaCropped.png', 'wp-includes/js/masonry.min.js', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/js/companion.bundle.min.js', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/themes/mesmerize/style.min.css', 'wp-content/themes/highlight/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-content/uploads/2020/01/Czech-Republic-operation-Temelin-Nuclear-Power-Plant-2003-1024x669.jpg', 'wp-includes/css/dist/block-library/style.min.css', 'wp-content/themes/highlight/assets/js/theme-child.js']
|
{"alert": ["3900999"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
76.186.108.43
|
ip
|
Multiple detected threat requests, WAF flags, and a security rule deny hit (IPBLOCK-BURST4-318403) indicating a burst attack or malicious activity.
|
2026-03-11 00:14:29
|
1
|
US
|
AS11427
|
['', 'akamai.darcherif.fr']
|
['assets/mail/contact_me.js', 'assets/mail/jqBootstrapValidation.js', 'js/scripts.js', 'favicon.ico', 'assets/img/portfolio/submarine.png', 'assets/img/portfolio/safe.png', 'akam/13/pixel_5d87006']
|
{"alert": ["3910002", "3910006"], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.9800000190734863
|
severity: Severity.critical
|
|
158.158.32.105
|
ip
|
All requests flagged by WAF, accessing highly suspicious PHP files (e.g., webshells), and already subject to an IPBLOCK security rule. This indicates ...
|
2026-03-10 18:13:03
|
1
|
ES
|
AS8075
|
['akamai.darcherif.fr']
|
['X57.php', 'elabel.php', 'wp-content/cong.php', '2.php', 'wp-admin/js/fi.php', 'sty.php', 'gettest.php', 'miansha.php', 'wp-includes/css/dist/', 'x.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
0.9900000095367432
|
severity: Severity.critical
|
|
207.46.13.9
|
ip
|
All 7 requests made by this IP were flagged by WAF with security rule '3991006', indicating malicious activity or a web attack.
|
2026-03-10 15:12:20
|
1
|
US
|
AS8075
|
['www.darcherif.fr']
|
['wp-includes/js/imagesloaded.min.js', 'wp-includes/js/masonry.min.js', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/js/companion.bundle.min.js', 'wp-content/themes/highlight/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-includes/css/dist/block-library/style.min.css', 'wp-content/themes/highlight/assets/js/theme-child.js']
|
{"alert": ["3991006"], "deny": []}
|
0.8999999761581421
|
severity: Severity.medium
|
|
2600:1f28:365:80b0:ac56:4a:ab84:dcd6
|
ip
|
All 18 requests from this IP were flagged by WAF with security rule '3991023', indicating suspicious bot activity despite accessing seemingly legitima...
|
2026-03-10 15:12:20
|
1
|
US
|
AS14618
|
['www.darcherif.fr']
|
['robots.txt', 'index.php/tag/iot/', 'index.php/category/industry-4-0/', 'index.php/category/cybercrime/', 'index.php/tag/cyber-security/', 'index.php/2020/01/24/industry-4-0-corrupted-smart-factories-examples/', 'index.php/category/non-classe/', 'index.php/tag/industry-4-0/', 'index.php/2023/04/27/ddos-what-is-it-how-does-it-work-and-how-to-be-protected/', 'index.php/category/cybersecurity/']
|
{"alert": ["3991023"], "deny": []}
|
0.8999999761581421
|
severity: Severity.medium
|
|
216.73.216.6
|
ip
|
A very high percentage (4 out of 5) of requests were detected as threats. The presence of a highly suspicious, obfuscated-looking path 'ATNFpI/99R4/So...
|
2026-03-10 15:12:20
|
1
|
US
|
AS16509
|
['', 'www.darcherif.fr']
|
['', 'robots.txt']
|
{"alert": ["3991023"], "deny": []}
|
0.9800000190734863
|
severity: Severity.critical
|
|
3%7e462712aa36a1f7a1
|
tls
|
This TLS entity is strongly associated with an IP address (2600:1f28:365:80b0:ac56:4a:ab84:dcd6) that exhibited 100% threat requests and triggered WAF...
|
2026-03-10 15:12:20
|
1
|
US
|
N/A
|
['www.darcherif.fr']
|
['robots.txt', 'index.php/tag/iot/', 'index.php/category/industry-4-0/', 'index.php/category/cybercrime/', 'index.php/tag/cyber-security/', 'index.php/2020/01/24/industry-4-0-corrupted-smart-factories-examples/', 'index.php/category/non-classe/', 'index.php/tag/industry-4-0/', 'index.php/2023/04/27/ddos-what-is-it-how-does-it-work-and-how-to-be-protected/', 'index.php/category/cybersecurity/']
|
{"alert": ["3991023"], "deny": []}
|
0.8999999761581421
|
severity: Severity.medium
|
|
52.167.144.209
|
ip
|
High percentage of threat requests (6 out of 7) and access to a highly suspicious, obfuscated-looking path 'ATNFpI/99R4/SoOp/SSYb/...' flagged by WAF ...
|
2026-03-10 15:12:20
|
1
|
US
|
AS8075
|
['', 'www.darcherif.fr']
|
['', 'wp-includes/js/wp-emoji-release.min.js', 'wp-includes/js/jquery/jquery.min.js', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/themes/mesmerize/style.min.css', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css']
|
{"alert": ["3991006"], "deny": []}
|
0.9800000190734863
|
severity: Severity.critical
|
|
165.22.210.209
|
ip
|
High number of detected threat requests (155) and all requests targeting WordPress manifest files (wlwmanifest.xml), combined with WAF alerts includin...
|
2026-03-10 15:12:20
|
1
|
IN
|
AS14061
|
['akamai.darcherif.fr']
|
['shop/wp-includes/wlwmanifest.xml', 'wp1/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', '2020/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "3904021", "3904041", "3904044", "3904052", "3904058", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
0.9800000190734863
|
severity: Severity.critical
|
|
74.125.209.129
|
ip
|
All 100% of requests triggered WAF alerts (rule 3991005), indicating malicious activity.
|
2026-03-10 10:10:37
|
1
|
US
|
AS15169
|
['www.darcherif.fr']
|
['wp-includes/js/wp-emoji-release.min.js', 'wp-includes/js/jquery/jquery.min.js', 'wp-includes/js/masonry.min.js', 'wp-content/themes/mesmerize/style.min.css', 'wp-content/themes/highlight/assets/images/hero-2.jpg', 'wp-content/themes/highlight/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js']
|
{"alert": ["3991005"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
64.233.172.197
|
ip
|
High percentage of requests (81.8%) flagged by WAF and access to a highly suspicious, obfuscated path.
|
2026-03-10 10:10:37
|
1
|
US
|
AS15169
|
['', 'www.darcherif.fr']
|
['', 'wp-content/themes/mesmerize/assets/fonts/fontawesome-webfont.woff2', 'wp-includes/js/wp-emoji-release.min.js', 'wp-includes/js/masonry.min.js', 'wp-content/uploads/2020/05/ConferenceIndiaCropped.png', 'wp-content/themes/highlight/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-includes/css/dist/block-library/style.min.css']
|
{"alert": ["3991005"], "deny": []}
|
0.8999999761581421
|
severity: Severity.critical
|
|
64.233.172.196
|
ip
|
All 100% of requests triggered WAF alerts (rule 3991005), indicating malicious activity.
|
2026-03-10 10:10:37
|
1
|
US
|
AS15169
|
['www.darcherif.fr']
|
['wp-content/themes/mesmerize/assets/css/theme.bundle.min.css', 'wp-includes/js/jquery/jquery.min.js', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/js/companion.bundle.min.js', 'wp-content/themes/highlight/assets/images/hero-1.jpg', 'wp-content/themes/mesmerize/style.min.css', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css']
|
{"alert": ["3991005"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7ebf5f8b11f93240e2
|
tls
|
High percentage of requests (87.7%) flagged by WAF and access to a highly suspicious, obfuscated path.
|
2026-03-10 10:10:37
|
1
|
US
|
N/A
|
['', 'www.darcherif.fr']
|
['wp-content/themes/highlight/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-content/themes/highlight/assets/js/theme-child.js', 'wp-includes/js/imagesloaded.min.js', 'wp-content/themes/mesmerize/assets/css/theme.bundle.min.css', 'wp-content/uploads/2020/05/ConferenceIndiaCropped.png', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/themes/highlight/assets/images/hero-2.jpg', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css', 'wp-content/uploads/2020/01/Czech-Republic-operation-Temelin-Nuclear-Power-Plant-2003-1024x669.jpg']
|
{"alert": ["3991005"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
74.125.209.137
|
ip
|
High percentage of requests (80%) flagged by WAF and access to a highly suspicious, obfuscated path.
|
2026-03-10 10:10:37
|
1
|
US
|
AS15169
|
['www.darcherif.fr']
|
['', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/js/companion.bundle.min.js', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js']
|
{"alert": ["3991005"], "deny": []}
|
0.8999999761581421
|
severity: Severity.critical
|
|
89.187.187.72
|
ip
|
This IP is highly suspicious: it has a high number of detected threat requests (119), triggered multiple security alerts including 'BOT-BROWSER-IMPERS...
|
2026-03-10 07:48:06
|
1
|
US
|
AS60068
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904020", "3904041", "3904058", "3904065", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.9900000095367432
|
severity: Severity.critical
|
|
45.94.31.197
|
ip
|
This IP is actively engaging in WordPress enumeration attempts by repeatedly accessing 'wlwmanifest.xml' paths across various directories. It has trig...
|
2026-03-10 07:07:17
|
1
|
NL
|
AS210558
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904020", "3904041", "3904058", "3904065", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
138.201.83.102
|
ip
|
Access to 'wp-login.php' endpoint is highly suspicious and often indicates brute-force attempts or credential stuffing. Even with low requests, this s...
|
2026-03-10 04:26:42
|
1
|
DE
|
AS24940
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.800000011920929
|
severity: Severity.critical
|
|
20.219.138.200
|
ip
|
Accessing highly suspicious paths indicative of scanning, backdoor attempts, and vulnerability probing (e.g., info.php, db.php, upload.php, sx.php, ht...
|
2026-03-10 01:15:57
|
1
|
IN
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
205.220.242.185
|
ip
|
Multiple WAF deny hits (IPBLOCK-BURST4-318403) and a high proportion (10 out of 21) of detected threat requests.
|
2026-03-10 01:15:57
|
1
|
US
|
AS46592
|
['', 'akamai.darcherif.fr']
|
['assets/mail/contact_me.js', 'assets/mail/jqBootstrapValidation.js', 'js/scripts.js', 'akam/13/pixel_1bcc89aa', 'favicon.ico', 'assets/img/portfolio/submarine.png', 'assets/img/portfolio/safe.png']
|
{"alert": ["3910002", "3910006"], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.9900000095367432
|
severity: Severity.critical
|
|
47.128.121.167
|
ip
|
All requests (9/9) were flagged by WAF, detected as threats, and triggered a security rule (3991023).
|
2026-03-09 17:54:23
|
1
|
SG
|
AS16509
|
['www.darcherif.fr']
|
['', 'wp-content/themes/highlight/customizer/sections/content.css', 'wp-content/themes/mesmerize/assets/css/theme.bundle.min.css', 'wp-content/uploads/2020/05/ConferenceIndiaCropped.png', 'wp-content/themes/mesmerize/style.min.css', 'wp-content/themes/highlight/style.min.css', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css', 'wp-includes/css/dist/block-library/style.min.css', 'wp-content/uploads/2020/01/Czech-Republic-operation-Temelin-Nuclear-Power-Plant-2003-768x502.jpg']
|
{"alert": ["3991023"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
35.227.64.178
|
ip
|
Extensive scanning for wlwmanifest.xml across multiple directories, high number of detected threat requests (135), multiple WAF alerts including 'BOT-...
|
2026-03-09 16:44:03
|
1
|
US
|
AS396982
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "3904041", "3904058", "3904065", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
216.73.216.158
|
ip
|
High number of detected threat requests (4 out of 5), WAF alert for security rule 3991023, and access to highly suspicious, non-standard paths.
|
2026-03-09 16:44:03
|
1
|
US
|
AS16509
|
['', 'www.darcherif.fr']
|
['', 'robots.txt']
|
{"alert": ["3991023"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
205.169.39.104
|
ip
|
Multiple detected threat requests and security rule alerts, alongside WAF flagged paths, indicate active malicious activity.
|
2026-03-09 07:19:20
|
1
|
N/A
|
N/A
|
[]
|
[]
|
{"alert": [], "deny": []}
|
0.8999999761581421
|
severity: Severity.critical
|
|
20.211.123.94
|
ip
|
Accessed highly suspicious paths indicative of web shell uploads, backdoors, or crypto mining attempts (xmr.php, upload.php, cgi-bin/).
|
2026-03-09 07:09:11
|
1
|
AU
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.8999999761581421
|
severity: Severity.critical
|
|
169.150.203.237
|
ip
|
High volume of detected threat requests, repeated attempts to access WordPress manifest files, WAF denial rules hit, and bot impersonation detected.
|
2026-03-09 07:09:11
|
1
|
US
|
AS212238
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "3904041", "3904058", "3904065", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
73.128.201.25
|
ip
|
Detected 7 threat requests out of 19 total, triggered multiple WAF flags, and was denied by an 'IPBLOCK-BURST4' security rule indicating suspicious ac...
|
2026-03-09 04:18:34
|
1
|
US
|
AS33657
|
['', 'akamai.darcherif.fr']
|
['assets/mail/contact_me.js', 'assets/mail/jqBootstrapValidation.js', 'js/scripts.js', 'favicon.ico', 'assets/img/portfolio/submarine.png', 'assets/img/portfolio/safe.png', 'akam/13/pixel_7cfbec83']
|
{"alert": ["3910009"], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
74.7.227.25
|
ip
|
High number of WAF alerts (19 out of 20 requests) with rule '3991023' hit, indicating potential malicious scanning or attempted exploitation.
|
2026-03-09 00:37:47
|
1
|
US
|
AS8075
|
['', 'www.darcherif.fr']
|
['wp-includes/js/wp-emoji-release.min.js', 'index.php/2020/05/13/industrial-cyber-security-evf-2019-alexandre-darcherif/', 'wp-includes/js/masonry.min.js', 'wp-includes/js/jquery/jquery.min.js', 'index.php/wp-json/oembed/1.0/embed', 'wp-content/themes/mesmerize/style.min.css', 'wp-content/themes/highlight/style.min.css', 'index.php/category/cybersecurity/', 'index.php/wp-json/wp/v2/pages/25', 'index.php/2020/01/24/industry-4-0-corrupted-smart-factories-examples/']
|
{"alert": ["3991023"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
153.33.99.33
|
ip
|
WAF flagged a path ('akam/13/5602dcb8') and security rule '3900999' was alerted, indicating potential malicious activity.
|
2026-03-08 21:37:04
|
1
|
US
|
AS23473
|
['', 'www.darcherif.fr']
|
['akam/13/5602dcb8']
|
{"alert": ["3900999"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
91.92.242.199
|
ip
|
Repeated attempts to access 'wp-login.php', high number of detected threat requests (9/13), and WAF flagging with a security alert, strongly indicatin...
|
2026-03-08 19:26:00
|
1
|
DE
|
AS202412
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
2604:a880:0:202a::ee37:a000
|
ip
|
Multiple WAF alerts including 'BOT-BROWSER-IMPERSONATOR' rule hit, 25% detected threat requests, and all accessed paths flagged by WAF. Strong indicat...
|
2026-03-08 11:33:41
|
1
|
US
|
AS14061
|
['akamai.darcherif.fr', 'akamai.darcherif.fr:80', 'akamai.darcherif.fr:443']
|
['', 'robots.txt', 'favicon.ico']
|
{"alert": ["3904003", "3904006", "3904007", "3904013", "3904020", "3904043", "3904045", "3904047", "3904049", "3904052", "3904053", "3904058", "3990001", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
0.9800000190734863
|
severity: Severity.critical
|
|
20.214.142.73
|
ip
|
Attempted access to multiple highly suspicious paths indicative of webshells, cryptocurrency miners (xmr.php), and unauthorized file uploads like bolt...
|
2026-03-08 05:29:44
|
1
|
KR
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
54.145.16.22
|
ip
|
All 5 requests from this IP were detected as threats and explicitly denied by an IPBLOCK security rule.
|
2026-03-07 21:55:50
|
1
|
US
|
AS14618
|
['akamai.darcherif.fr']
|
['', 'favicon.png', 'favicon.ico']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
192.109.200.92
|
ip
|
Multiple detected threat requests targeting wp-login.php and flagged by WAF with a security rule hit (3900998), indicating a brute-force or credential...
|
2026-03-07 09:33:44
|
1
|
NL
|
AS51396
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
13.75.194.66
|
ip
|
Actively probing for web shells, admin interfaces, and potentially crypto miners with multiple suspicious path accesses (e.g., xmr.php, upload.php, bo...
|
2026-03-07 09:33:44
|
1
|
AU
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.8999999761581421
|
severity: Severity.critical
|
|
AS198953
|
asn
|
Suspicious activity detected from AS198953 including WAF flags on xmlrpc.php, multiple detected threat requests, and a 'PLATFORM-ANOMALY' security rul...
|
2026-03-07 08:23:27
|
1
|
RU
|
AS198953
|
['www.darcherif.fr']
|
['xmlrpc.php']
|
{"alert": ["3000136"], "deny": ["PLATFORM-ANOMALY"]}
|
0.8999999761581421
|
severity: Severity.critical
|
|
45.153.34.154
|
ip
|
Multiple severe security rule hits including a 'CMD-INJECTION-ANOMALY' deny action, 'BOT-BROWSER-IMPERSONATOR' alert, and access to sensitive '.git/co...
|
2026-03-07 01:52:23
|
1
|
NL
|
AS51396
|
['akamai.darcherif.fr', 'www.darcherif.fr']
|
['']
|
{"alert": ["3000041", "3904000", "3904001", "3904005", "3904006", "3904036", "3990001", "BOT-BROWSER-IMPERSONATOR"], "deny": ["CMD-INJECTION-ANOMALY"]}
|
0.9800000190734863
|
severity: Severity.critical
|
|
104.28.246.115
|
ip
|
Repeated access attempts to suspicious 'style.php' paths within WordPress directories, with all requests flagged as threats by WAF rule '3990001', ind...
|
2026-03-06 19:01:07
|
1
|
US
|
AS13335
|
['akamai.darcherif.fr']
|
['wp-content/style.php', 'wp-admin/style.php', 'style.php', 'wp-includes/style.php', 'wp-content/themes/style.php']
|
{"alert": ["3990001"], "deny": []}
|
0.9800000190734863
|
severity: Severity.critical
|