|
66.249.66.33
|
ip
|
All requests (100%) from this IP were detected as threats, flagged by WAF, and triggered security alert 3991006, consistent with the blocklisted ASN A...
|
2025-12-22 16:47:09
|
1
|
US
|
AS15169
|
['www.darcherif.fr']
|
['wp-content/themes/highlight/customizer/sections/content.css', 'robots.txt', 'wp-content/themes/mesmerize/assets/css/theme.bundle.min.css', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/themes/mesmerize/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-content/themes/highlight/assets/js/theme-child.js']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
77.90.185.12
|
ip
|
IP from blocklisted ASN AS215476, with a high percentage (85.7%) of threat requests targeting 'wp-login.php' and triggering a brute-force alert, consi...
|
2025-12-22 15:07:01
|
1
|
LT
|
AS215476
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
13.229.89.63
|
ip
|
All requests (100%) from this IP were flagged as threats and triggered a critical 'IPBLOCK' WAF deny rule. Its associated ASN (AS16509) is already blo...
|
2025-12-22 10:46:49
|
1
|
SG
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
157.230.46.137
|
ip
|
IP is performing WordPress enumeration and bot impersonation, has an extremely high number of detected threat requests, and belongs to ASN AS14061, wh...
|
2025-12-22 10:26:48
|
1
|
SG
|
AS14061
|
['akamai.darcherif.fr']
|
['', 'blog/', 'wordpress/', 'wp/', 'xmlrpc.php', 'blog/robots.txt']
|
{"alert": ["3904003", "3904013", "3904020", "3904052", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
114.119.151.146
|
ip
|
All requests (100%) from this IP were detected as threats and flagged by WAF, triggering security alert '3991006', consistent with blocklisted ASN AS1...
|
2025-12-22 09:26:42
|
1
|
SG
|
AS136907
|
['www.darcherif.fr']
|
['index.php/category/industry-4-0/', 'index.php/2023/04/27/ddos-what-is-it-how-does-it-work-and-how-to-be-protected/', 'index.php/category/education/', 'index.php/author/admin3157/', 'index.php/2023/04/27/ddos-what-is-it-how-does-it-work-and-how-to-be-protected', 'index.php/category/society/']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
213.35.96.205
|
ip
|
All requests from this IP targeted sensitive WordPress admin/login paths, were flagged by WAF, triggered multiple security alerts including 'BOT-BROWS...
|
2025-12-22 08:46:41
|
1
|
SG
|
AS31898
|
['akamai.darcherif.fr']
|
['', 'login', 'admin', 'wp-admin/', 'administrator/', 'register', 'wp-login.php', 'user/login']
|
{"alert": ["3904000", "3904001", "3904004", "3904006", "3904013", "3904020", "3904023", "3904052", "3904053", "3990001", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
3%7e2d3399e1bbf557f5
|
tls
|
All requests associated with this TLS fingerprint were flagged by WAF, triggered critical LFI-ANOMALY and reputation-based deny rules, and accessed hi...
|
2025-12-22 08:06:40
|
1
|
CA
|
N/A
|
['www.darcherif.fr']
|
['alfa-rex.php', '.tmb/class_api.php', 'wso112233.php', 'nf_tracking.php', 'doc.php', 'wp-admin/user/xmrlpc.php', 'wp-includes/images/about.php', 'blog.php', 'wp-includes/assets/wp-trackback.php', 'wp-content/ccx/index.php']
|
{"alert": ["3000126"], "deny": ["LFI-ANOMALY", "REP_1654536"]}
|
1.0
|
severity: Severity.critical
|
|
138.197.152.229
|
ip
|
All requests from this IP were flagged by WAF, triggered critical LFI-ANOMALY and reputation-based deny rules, and its associated ASN AS14061 is alrea...
|
2025-12-22 08:06:40
|
1
|
CA
|
AS14061
|
['www.darcherif.fr']
|
['alfa-rex.php', '.tmb/class_api.php', 'wso112233.php', 'nf_tracking.php', 'doc.php', 'wp-admin/user/xmrlpc.php', 'wp-includes/images/about.php', 'blog.php', 'wp-includes/assets/wp-trackback.php', 'wp-content/ccx/index.php']
|
{"alert": ["3000126"], "deny": ["LFI-ANOMALY", "REP_1654536"]}
|
1.0
|
severity: Severity.critical
|
|
74.7.243.194
|
ip
|
High percentage of detected threat requests (6/7), multiple paths flagged by WAF including a suspicious obfuscated path, and triggered WAF alert, cons...
|
2025-12-22 03:46:17
|
1
|
US
|
AS8075
|
['', 'www.darcherif.fr']
|
['', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/sections/images/mockup-863469.jpg', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/sections/images/apple-1838564.jpg']
|
{"alert": ["3991023"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
74.7.175.152
|
ip
|
All requests (100%) from this IP were flagged by WAF and triggered an alert, consistent with the blocklisted ASN AS8075 for persistent malicious activ...
|
2025-12-22 03:46:17
|
1
|
US
|
AS8075
|
['www.darcherif.fr']
|
['robots.txt']
|
{"alert": ["3991023"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
AS42821
|
asn
|
ASN linked to IP 213.209.159.151, which targeted highly sensitive files, was fully flagged by WAF, and triggered critical IPBLOCK-BURST4 deny rules. B...
|
2025-12-21 22:55:50
|
1
|
TR
|
AS42821
|
['akamai.darcherif.fr']
|
['.npmrc', 'id_rsa', 'discord_credentials.json', '.envrc', '.env.google', '.git/config', 'home/*/.aws/credentials', 'mailgun-credentials.json', 'secrets.yaml', '.env.brevo']
|
{"alert": ["3990001"], "deny": ["IPBLOCK-BURST4-128987", "IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
213.209.159.151
|
ip
|
All requests targeted highly sensitive configuration and credential files, were flagged by WAF, and triggered critical IPBLOCK-BURST4 deny rules.
|
2025-12-21 22:55:50
|
1
|
TR
|
AS42821
|
['akamai.darcherif.fr']
|
['.npmrc', 'id_rsa', 'discord_credentials.json', '.envrc', '.env.google', '.git/config', 'home/*/.aws/credentials', 'mailgun-credentials.json', 'secrets.yaml', '.env.brevo']
|
{"alert": ["3990001"], "deny": ["IPBLOCK-BURST4-128987", "IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
141.98.11.169
|
ip
|
High percentage of threat requests (76.9%) targeting 'wp-login.php' and triggering a brute-force alert. This IP's ASN (AS209605) is already blockliste...
|
2025-12-21 22:25:50
|
1
|
LT
|
AS209605
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
103.179.173.163
|
ip
|
High percentage of detected threat requests (84%) targeting 'wp-login.php' and triggering a brute-force alert. This behavior is consistent with other ...
|
2025-12-21 21:55:44
|
1
|
VN
|
AS135905
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
77.90.185.245
|
ip
|
High percentage of detected threat requests (87%) targeting 'wp-login.php' and triggering a brute-force alert. This IP's ASN (AS215476) and other IPs ...
|
2025-12-21 17:05:27
|
1
|
LT
|
AS215476
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
52.172.223.9
|
ip
|
All requests (100%) from this IP were flagged by WAF and targeted suspicious PHP files, triggering a critical 'IPBLOCK' deny rule. The associated ASN ...
|
2025-12-21 11:35:13
|
1
|
IN
|
AS8075
|
['akamai.darcherif.fr']
|
['astab.php', 'db.php', 'chosen.php', 'alfa-rex.php', 'geju.php', 'past.php', 'ahax.php', 'lv.php', 'lo.php', 'zwso.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
62.60.131.162
|
ip
|
All requests (100%) from this IP were flagged as threats, specifically targeting the sensitive '.git/config' path, indicating a high-confidence reconn...
|
2025-12-21 03:14:37
|
1
|
GB
|
AS208137
|
['akamai.darcherif.fr']
|
['', '.git/config']
|
{"alert": ["3990001"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
193.142.146.65
|
ip
|
High percentage of detected threat requests (66.67%) specifically targeting 'wp-login.php' and triggering a security alert indicative of brute-force a...
|
2025-12-20 19:24:13
|
1
|
NL
|
AS213438
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
13.229.199.18
|
ip
|
All requests (100%) from this IP were flagged as threats and triggered a critical 'IPBLOCK' WAF deny rule. Its associated ASN (AS16509) is already blo...
|
2025-12-20 07:23:34
|
1
|
SG
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
3%7e2c022104e7e56fbe
|
tls
|
TLS fingerprint detected probing 'wp-login.php', triggering a WAF alert (3900998) indicative of brute-force or credential stuffing attempts, consisten...
|
2025-12-19 11:42:24
|
1
|
LT
|
N/A
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
45.149.173.217
|
ip
|
Extensive WordPress enumeration and bot impersonation detected, triggering multiple WAF alerts and a critical 'IPBLOCK-BURST4' deny rule due to a very...
|
2025-12-19 11:22:19
|
1
|
US
|
AS62240
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
AS209605
|
asn
|
Multiple IPs from this ASN, including '91.224.92.93' and '91.224.92.99', are consistently performing brute-force and enumeration attacks on 'wp-login....
|
2025-12-19 09:42:14
|
1
|
N/A
|
N/A
|
[]
|
[]
|
{"alert": [], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
91.224.92.93
|
ip
|
Multiple requests targeting 'wp-login.php', flagged by WAF, triggered brute-force alert '3900998', and associated ASN AS209605 has other IPs blocklist...
|
2025-12-19 09:42:14
|
1
|
LT
|
AS209605
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
0.9800000190734863
|
severity: Severity.critical
|
|
209.38.29.70
|
ip
|
IP from blocklisted ASN AS14061 aggressively attempting Laravel and PHPUnit exploits, command injection, and local file inclusion by targeting sensiti...
|
2025-12-19 08:52:12
|
1
|
AU
|
AS14061
|
['akamai.darcherif.fr']
|
['', 'public/_ignition/execute-solution', 'vendor/laravel-filemanager/js/script.js', '.git/config', 'vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php', '_ignition/execute-solution', 'public/vendor/laravel-filemanager/js/script.js', '.env']
|
{"alert": ["3000171", "3000508", "3904000", "3904004", "3904005", "3904006", "3904010", "3904013", "3904020", "3904042", "3904052", "3904053", "BOT-BROWSER-IMPERSONATOR", "IPBLOCK-PENALTY-BOX"], "deny": ["CMD-INJECTION-ANOMALY", "LFI-ANOMALY"]}
|
1.0
|
severity: Severity.critical
|
|
209.38.88.38
|
ip
|
IP from blocklisted ASN AS14061 aggressively attempting Laravel and PHPUnit exploits by targeting sensitive files, triggered a critical WAF deny rule,...
|
2025-12-19 07:02:04
|
1
|
AU
|
AS14061
|
['www.darcherif.fr']
|
['', 'vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php', '_ignition/execute-solution', 'public/_ignition/execute-solution']
|
{"alert": [], "deny": ["REP_1654536"]}
|
1.0
|
severity: Severity.critical
|
|
170.64.219.248
|
ip
|
IP is aggressively attempting critical exploits (Laravel RCE, PHPUnit RCE, LFI, sensitive file disclosure) and triggered multiple critical WAF deny ru...
|
2025-12-19 04:01:53
|
1
|
AU
|
AS14061
|
['www.darcherif.fr']
|
['', 'public/_ignition/execute-solution', 'vendor/laravel-filemanager/js/script.js', '.git/config', 'vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php', '_ignition/execute-solution', 'public/vendor/laravel-filemanager/js/script.js', '.env']
|
{"alert": ["3000508"], "deny": ["LFI-ANOMALY", "REP_1654536"]}
|
1.0
|
severity: Severity.critical
|
|
45.135.232.10
|
ip
|
All requests (100%) from this IP targeted known WordPress exploit paths ('xmlrpc.php', 'wp-login.php') and triggered multiple critical WAF deny rules ...
|
2025-12-19 02:11:46
|
1
|
RU
|
AS198953
|
['www.darcherif.fr']
|
['xmlrpc.php', 'wp-login.php']
|
{"alert": ["3000136", "961912"], "deny": ["IPBLOCK-PENALTY-BOX", "PLATFORM-ANOMALY", "POLICY-ANOMALY"]}
|
1.0
|
severity: Severity.critical
|
|
34.136.173.106
|
ip
|
IP belongs to AS396982, which is blocklisted for extensive WordPress enumeration, bot impersonation, and critical WAF deny rules, indicating a high ri...
|
2025-12-18 20:11:21
|
1
|
US
|
AS396982
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
AS215476
|
asn
|
High percentage (88.5%) of detected threat requests originating from this ASN, consistently targeting 'wp-login.php' and triggering security alerts fo...
|
2025-12-18 20:01:26
|
1
|
LT
|
AS215476
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
0.9800000190734863
|
severity: Severity.critical
|
|
77.90.185.10
|
ip
|
High percentage (90%) of detected threat requests targeting 'wp-login.php', triggering security alerts indicative of brute-force attempts. Associated ...
|
2025-12-18 20:01:26
|
1
|
LT
|
AS215476
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
170.64.167.148
|
ip
|
IP from blocklisted ASN AS14061 aggressively attempting Laravel and PHPUnit exploits, command injection, and local file inclusion by targeting sensiti...
|
2025-12-18 13:31:04
|
1
|
AU
|
AS14061
|
['akamai.darcherif.fr']
|
['', 'public/_ignition/execute-solution', 'vendor/laravel-filemanager/js/script.js', '.git/config', 'vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php', '_ignition/execute-solution', 'public/vendor/laravel-filemanager/js/script.js', '.env']
|
{"alert": ["3000171", "3000508", "3904000", "3904004", "3904005", "3904006", "3904010", "3904013", "3904020", "3904042", "3904052", "3904053", "BOT-BROWSER-IMPERSONATOR", "IPBLOCK-PENALTY-BOX"], "deny": ["CMD-INJECTION-ANOMALY", "LFI-ANOMALY"]}
|
1.0
|
severity: Severity.critical
|
|
114.119.146.15
|
ip
|
All requests (100%) were detected as threats, including probing 'wp-login.php', and the associated ASN (AS136907) is already blocklisted for similar m...
|
2025-12-18 03:30:22
|
1
|
SG
|
AS136907
|
['www.darcherif.fr']
|
['index.php/2020/05/13/industrial-cyber-security-evf-2019-alexandre-darcherif/', 'index.php/category/education/', 'index.php/2020/01/22/industry-4-0-concept-threat-landscape-and-security-challenges-of-smart-factories/', 'index.php/2020/01/24/industry-4-0-threat-landscape/', 'index.php/category/education', 'wp-login.php']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
185.177.72.8
|
ip
|
IP from blocklisted ASN AS211590, demonstrating bot-browser impersonation, multiple WAF alerts, and an exceptionally high number of detected threat re...
|
2025-12-17 23:50:15
|
1
|
FR
|
AS211590
|
['akamai.darcherif.fr']
|
['stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.bundle.min.js', 'cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js', 'mail/jqBootstrapValidation.js', 'scripts.js', 'mpulse.js', 'cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js', 'cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/js/all.min.js']
|
{"alert": ["3904000", "3904001", "3904005", "3904007", "3904020", "3904021", "3904036", "3990004", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
34.187.144.195
|
ip
|
Extensive WordPress enumeration, bot impersonation, and high detected threat requests (127/27). Triggered critical WAF deny rule 'IPBLOCK-BURST4-31840...
|
2025-12-17 17:09:52
|
1
|
US
|
AS396982
|
['akamai.darcherif.fr']
|
['shop/wp-includes/wlwmanifest.xml', 'wp1/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', '2020/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "3904021", "3904052", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
34.105.63.134
|
ip
|
IP performing extensive WordPress enumeration and bot impersonation, triggering critical WAF deny rules (IPBLOCK-BURST4-318403) and multiple bot alert...
|
2025-12-17 14:19:47
|
1
|
US
|
AS396982
|
['akamai.darcherif.fr']
|
['shop/wp-includes/wlwmanifest.xml', 'wp1/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', '2020/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "3904021", "3904052", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
AS396982
|
asn
|
Associated IPs within this ASN are performing extensive WordPress enumeration and bot impersonation, triggering critical WAF deny rules like 'IPBLOCK-...
|
2025-12-17 11:39:36
|
1
|
US
|
AS396982
|
['www.darcherif.fr', 'akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "3904041", "3990003", "3990011", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
74.7.243.201
|
ip
|
High percentage of detected threat requests (75%) including suspicious and obfuscated paths, triggered WAF alert '3991023', and associated ASN AS8075 ...
|
2025-12-17 10:39:34
|
1
|
US
|
AS8075
|
['', 'www.darcherif.fr']
|
['', 'index.php/category/cloud-security/', 'index.php/wp-json/wp/v2/categories/486', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'index.php/category/cloud-security/feed/']
|
{"alert": ["3991023"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
91.224.92.99
|
ip
|
Detected brute-force or credential stuffing attempts targeting 'wp-login.php', with WAF flagging the path and triggering security alert '3900998'. Ass...
|
2025-12-17 10:09:33
|
1
|
LT
|
AS209605
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7e643dc557cbaefec4
|
tls
|
All requests (100%) from this TLS fingerprint were detected as threats and flagged by WAF, triggering security alert 3990011, indicating highly malici...
|
2025-12-17 08:49:40
|
1
|
N/A
|
N/A
|
[]
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
66.249.66.200
|
ip
|
All requests (100%) from this IP were detected as threats and flagged by WAF, triggering security alert 3991006. The associated ASN (AS15169) is alrea...
|
2025-12-17 08:49:40
|
1
|
N/A
|
N/A
|
[]
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
66.249.66.32
|
ip
|
All requests (100%) from this IP were detected as threats and flagged by WAF, triggering security alert 3991006. The associated ASN (AS15169) is alrea...
|
2025-12-17 08:49:40
|
1
|
N/A
|
N/A
|
[]
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
103.4.251.192
|
ip
|
High number of detected threat requests and multiple WAF alerts, including 'BOT-BROWSER-IMPERSONATOR', indicating automated malicious probing and expl...
|
2025-12-17 08:29:42
|
1
|
US
|
AS9009
|
['akamai.darcherif.fr']
|
['assets/mail/contact_me.js', 'assets/mail/jqBootstrapValidation.js', 'js/scripts.js', 'https%3A/www.linkedin.com/in/startbootstrap', 'https%3A/www.facebook.com/StartBootstrap', '%23portfolio', '%23page-top', 'https%3A/www.dribble.com/startbootstrap', 'js/mpulse.js', 'https%3A/www.twitter.com/sbootstrap']
|
{"alert": ["3904005", "3904006", "3904013", "3904020", "3904042", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
3.139.75.95
|
ip
|
All requests (100%) were flagged as threats and triggered a critical 'IPBLOCK' WAF deny rule.
|
2025-12-17 08:29:42
|
1
|
US
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
3%7e0e32d71b0a15c3f7
|
tls
|
All requests (100%) associated with this TLS fingerprint were detected as threats and triggered a critical 'IPBLOCK' WAF deny rule.
|
2025-12-17 08:29:42
|
1
|
JP
|
N/A
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
194.180.49.171
|
ip
|
Aggressively targeted highly sensitive configuration and information files, triggering critical WAF deny rules including IPBLOCK-BURST4, LFI-ANOMALY, ...
|
2025-12-17 08:29:42
|
1
|
PL
|
AS201814
|
['akamai.darcherif.fr']
|
['_profiler/phpinfo', 'phpinfo', '.env.example', '.env.dev.local', 'test/info.php', '.git/config', 'public/.env', 'storage/.env', '.env', 'admin/info.php']
|
{"alert": ["3000126", "3000508"], "deny": ["IPBLOCK-BURST4-318403", "LFI-ANOMALY", "REP_1654542"]}
|
1.0
|
severity: Severity.critical
|
|
13.54.76.125
|
ip
|
All requests (100%) were flagged as threats and triggered a critical 'IPBLOCK' WAF deny rule.
|
2025-12-17 08:29:42
|
1
|
AU
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
34.75.103.206
|
ip
|
Extensive WordPress enumeration and bot impersonation attempts detected, triggering multiple WAF alerts and a critical 'IPBLOCK-BURST4' deny rule.
|
2025-12-17 08:29:42
|
1
|
US
|
AS396982
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "3904041", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
54.206.119.170
|
ip
|
All requests (100%) were flagged as threats and triggered a critical 'IPBLOCK' WAF deny rule.
|
2025-12-17 08:29:42
|
1
|
AU
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
104.252.191.81
|
ip
|
High number of detected threat requests and multiple WAF alerts, including 'BOT-BROWSER-IMPERSONATOR', indicating automated malicious probing and expl...
|
2025-12-17 08:29:42
|
1
|
US
|
AS9009
|
['akamai.darcherif.fr']
|
['assets/mail/contact_me.js', 'js/scripts.js', 'assets/mail/jqBootstrapValidation.js', 'https%3A/www.linkedin.com/in/startbootstrap', 'https%3A/www.facebook.com/StartBootstrap', '%23portfolio', '%23page-top', 'https%3A/www.dribble.com/startbootstrap', 'js/mpulse.js', 'https%3A/www.twitter.com/sbootstrap']
|
{"alert": ["3904005", "3904006", "3904013", "3904020", "3904042", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
16.16.253.36
|
ip
|
All requests (100%) were flagged as threats and triggered a critical 'IPBLOCK' WAF deny rule.
|
2025-12-17 08:29:42
|
1
|
SE
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|