|
185.117.225.176
|
ip
|
The IP address triggered a WAF deny rule (IPBLOCK-BURST4-318403) and was associated with 22 detected threat requests, indicating a high likelihood of ...
|
2026-03-06 09:29:32
|
1
|
US
|
AS14618
|
['akamai.darcherif.fr']
|
['css/heading.css', 'js/mpulse.js', 'css/styles.css', 'assets/img/avataaars.svg', 'assets/img/portfolio/submarine.png', 'assets/img/portfolio/circus.png', 'assets/img/portfolio/cake.png', 'assets/img/portfolio/safe.png', 'assets/img/portfolio/cabin.png', 'assets/img/portfolio/game.png']
|
{"alert": ["3990001", "3990011"], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
20.220.232.101
|
ip
|
All 151 requests were flagged by WAF as detected threats, accessing suspicious paths (e.g., PHP web shells, administrative probes), and explicitly tri...
|
2026-03-06 01:18:10
|
1
|
CA
|
AS8075
|
['akamai.darcherif.fr']
|
['sx.php', 'ha.php', 'plugins/Cache/footer.php', 'admin/function.php', 'css/colors/blue/index.php', 'htaccess.php', 'zwso.php', 'lv.php', 'wp-admin/maint/admin.php', 'x.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
159.54.153.72
|
ip
|
Repeated access to 'wp-login.php', a common target for brute-force attacks, from a geographically distinct IP address. This indicates a high likelihoo...
|
2026-03-05 22:17:38
|
1
|
MX
|
AS31898
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.8500000238418579
|
severity: Severity.medium
|
|
216.73.216.24
|
ip
|
Observed highly suspicious and obfuscated paths accessed, a high ratio of detected threat requests (4 out of 6), and triggered a security alert rule (...
|
2026-03-05 22:07:31
|
1
|
US
|
AS16509
|
['', 'www.darcherif.fr']
|
['', 'robots.txt']
|
{"alert": ["3991023"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
66.249.66.162
|
ip
|
All requests (6/6) from this IP address were flagged by WAF and triggered security rule '3991006', indicating active malicious scanning or attack atte...
|
2026-03-05 17:06:38
|
1
|
US
|
AS15169
|
['www.darcherif.fr']
|
['', 'wp-content/themes/mesmerize/assets/css/theme.bundle.min.css', 'wp-includes/js/masonry.min.js', 'wp-content/themes/mesmerize/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-content/themes/highlight/assets/js/theme-child.js']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
192.109.200.98
|
ip
|
Active enumeration and attack attempts against WordPress site, including wp-admin, user enumeration via REST API, and login attempts. WAF flagged mali...
|
2026-03-05 12:35:54
|
1
|
NL
|
AS51396
|
['www.darcherif.fr']
|
['', 'wp-json/wp/v2/users']
|
{"alert": ["3900998"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
20.151.11.236
|
ip
|
Highly malicious activity detected: 100% of requests flagged by WAF, multiple suspicious PHP files accessed indicative of web shell attempts or compro...
|
2026-03-05 11:45:39
|
1
|
CA
|
AS8075
|
['akamai.darcherif.fr']
|
['X57.php', 'elabel.php', 'wp-content/cong.php', '2.php', 'wp-admin/js/fi.php', 'sty.php', 'gettest.php', 'miansha.php', 'wp-includes/css/dist/', 'x.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
AS212238
|
asn
|
This ASN is a source of high-volume malicious bot traffic, repeatedly attempting WordPress vulnerability scans and triggering multiple WAF denial rule...
|
2026-03-05 05:04:21
|
1
|
US
|
AS212238
|
['akamai.darcherif.fr', 'akamai.darcherif.fr:80']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "3904058", "3904065", "3990001", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.8999999761581421
|
severity: Severity.critical
|
|
169.150.203.249
|
ip
|
High volume of detected threat requests, including bot impersonation and repeated WordPress vulnerability scanning attempts, triggering multiple WAF d...
|
2026-03-05 05:04:21
|
1
|
US
|
AS212238
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "3904058", "3904065", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
2a10:3c0:5:0:1:22:0:5
|
ip
|
This IP initiated 12 requests, all of which were detected as threats and flagged by WAF across all accessed paths. Multiple security rules (3990001, 3...
|
2026-03-05 02:23:42
|
1
|
US
|
AS21859
|
['akamai.darcherif.fr']
|
['mcp', 'sse', 'favicon.ico']
|
{"alert": ["3990001", "3990011"], "deny": []}
|
0.9800000190734863
|
severity: Severity.critical
|
|
192.109.200.129
|
ip
|
Attempted WordPress user enumeration and login brute-force reconnaissance via 'wp-json/wp/v2/users' and 'wp-login.php'.
|
2026-03-04 18:02:21
|
1
|
NL
|
AS51396
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.8999999761581421
|
severity: Severity.critical
|
|
34.83.184.153
|
ip
|
High volume of suspicious WordPress vulnerability scans and bot-like activity detected, including browser impersonation and multiple WAF denials due t...
|
2026-03-04 13:41:39
|
1
|
US
|
AS396982
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "3904058", "3904065", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
66.249.66.8
|
ip
|
All 5 requests from this IP were flagged by WAF as detected threats, triggering security rule '3991006'.
|
2026-03-04 08:10:05
|
1
|
US
|
AS15169
|
['www.darcherif.fr']
|
['wp-content/themes/highlight/customizer/sections/content.css', 'wp-includes/js/jquery/jquery.min.js', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/themes/highlight/style.min.css', 'wp-content/themes/highlight/assets/js/theme-child.js']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
34.142.251.255
|
ip
|
Attempted access to sensitive configuration files (.env) and server information (phpinfo), triggering multiple WAF deny rules including LFI-ANOMALY.
|
2026-03-04 03:59:01
|
1
|
SG
|
AS396982
|
['www.darcherif.fr']
|
['', 'phpinfo', 'phpinfo.php', 'info.php', 'api/.env', '.env', 'config/.env']
|
{"alert": ["3000508"], "deny": ["LFI-ANOMALY", "REP_1654536"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
36.77.30.228
|
ip
|
Multiple attempts to access sensitive configuration files (`.aws/credentials`, `.env/.env.bak`), `phpinfo` pages, and a Local File Inclusion (LFI) ano...
|
2026-03-04 00:58:15
|
1
|
ID
|
AS7713
|
['akamai.darcherif.fr']
|
['', 'assets/mail/contact_me.js', '.aws/credentials', 'js/scripts.js', 'index.php', 'js/mpulse.js', '.env/.env.bak']
|
{"alert": ["3000508", "3990001", "IPBLOCK-PENALTY-BOX"], "deny": ["LFI-ANOMALY"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
137.116.32.109
|
ip
|
Multiple attempts to access sensitive WordPress files and exploit vulnerabilities (e.g., wp_filemanager.php), confirmed bot activity, and multiple WAF...
|
2026-03-03 23:07:34
|
1
|
US
|
AS8075
|
['akamai.darcherif.fr']
|
['wp-configss.php', 'ba.php', '222.php', 'wp-mail.php', 't00l.php', 'config.php', 'wp-content/plugins/hellopress/wp_filemanager.php', 'wp-mails.php']
|
{"alert": ["3904001", "3904002", "3904003", "3904004", "3904006", "3904013", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
20.169.219.136
|
ip
|
Repeated access to sensitive or vulnerable paths like 'cgi-bin/', 'wp-content/plugins/WordPressCore/', and 'wp-trackback.php', indicative of reconnais...
|
2026-03-03 19:16:37
|
1
|
US
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
20.78.169.245
|
ip
|
Accessed multiple highly suspicious PHP files (e.g., moon.php, xx.php, wp_filemanager.php, wp-content/plugin.php) commonly associated with webshells, ...
|
2026-03-03 17:26:03
|
1
|
JP
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
152.42.227.161
|
ip
|
Repeated WAF alerts, bot impersonation, multiple threat detections, and attempts to access WordPress enumeration paths (wlwmanifest.xml).
|
2026-03-03 16:45:26
|
1
|
SG
|
AS14061
|
['akamai.darcherif.fr']
|
['shop/wp-includes/wlwmanifest.xml', 'wp1/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', '2020/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "3904021", "3904044", "3904052", "3904058", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
20.203.144.173
|
ip
|
All requests (169 out of 169) were flagged as threats and denied by IPBLOCK rule. Attempted access to highly suspicious PHP files indicative of web sh...
|
2026-03-03 16:45:26
|
1
|
CH
|
AS8075
|
['akamai.darcherif.fr']
|
['nhr.php', 'mcs.php', 'olfclass.php', 'gool.php', 'zxin.php', 'sty.php', 'ebahvhhh.php', 'ws60.php', 'X7x.php', 'public/hi.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
20.63.96.50
|
ip
|
100% of requests are detected threats, accessing known webshell/backdoor paths ('wp-admin/maint/bal.php', 'info.php', 'wp-content/cc13.php', etc.), an...
|
2026-03-03 11:33:37
|
1
|
CA
|
AS8075
|
['akamai.darcherif.fr']
|
['wp-admin/maint/bal.php', 'info.php', 'wp-content/cc13.php', 'X57.php', 'chosen.php', 't00l.php', 'gettest.php', 'mjq.php', 'wp-setting.php', 'wp-admin/maint/admin.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
74.7.175.191
|
ip
|
All requests were detected as threats (5/5) and a WAF flagged a probing attempt on robots.txt. A security alert was also triggered.
|
2026-03-03 10:12:42
|
1
|
US
|
AS8075
|
['www.darcherif.fr']
|
['robots.txt']
|
{"alert": ["3991023"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
172.59.155.234
|
ip
|
Exhibiting confirmed malicious activity including WAF flags ('akam/13/pixel_d6b97e'), detected threat requests, and security rule hits (3910006 alert)...
|
2026-03-03 08:02:12
|
1
|
N/A
|
N/A
|
[]
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
74.7.243.214
|
ip
|
Extremely high ratio of detected threat requests (13 out of 14), multiple WAF flags, and access to highly suspicious, obfuscated paths indicating pote...
|
2026-03-03 06:11:41
|
1
|
US
|
AS8075
|
['', 'www.darcherif.fr']
|
['', 'index.php/category/cloud-security/', 'index.php/category/non-classe/', 'index.php/category/cybercrime/', 'index.php/author/admin3157/', 'index.php/2020/01/22/industry-4-0-concept-threat-landscape-and-security-challenges-of-smart-factories/', 'index.php/category/cyberattacks/', 'index.php/2020/01/24/industry-4-0-threat-landscape/']
|
{"alert": ["3991023"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
158.158.41.149
|
ip
|
All 115 requests from this IP address were detected as threats, accessing suspicious PHP files commonly associated with web shell activities or malici...
|
2026-03-03 03:51:07
|
1
|
ES
|
AS8075
|
['akamai.darcherif.fr']
|
['lib.php', 'kj.php', 'sc.php', 'X57.php', 'fot.php', 'logs.php', 'wp-blogs.php', 'gettest.php', 'ws60.php', 'work.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
13.71.189.74
|
ip
|
Repeated attempts to access known web shell paths and vulnerable plugin files. All requests (100%) were detected as threats, flagged by WAF, and the I...
|
2026-03-02 19:19:26
|
1
|
CA
|
AS8075
|
['akamai.darcherif.fr']
|
['wp-content/plugins/pwnd/acp.php', 'muzu.php', 'asf.php', 'acp.php', 'Okxob.php', 'wp-includes/SimplePie/cah.php', 'wp-content/plugins/hellopress/wp_filemanager.php', '011i.php', 'as1337.php', 'trx24.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
0.9800000190734863
|
severity: Severity.critical
|
|
20.220.211.108
|
ip
|
Accessed multiple suspicious paths commonly associated with vulnerability scanning or exploitation attempts on a WordPress site (e.g., classwithtostri...
|
2026-03-02 14:58:10
|
1
|
CA
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.8999999761581421
|
severity: Severity.critical
|
|
20.104.206.150
|
ip
|
All 41 requests were detected as threats, all accessed paths were flagged by WAF, and the IP hit a security 'IPBLOCK' deny rule. Paths accessed are in...
|
2026-03-02 11:47:24
|
1
|
CA
|
AS8075
|
['akamai.darcherif.fr']
|
['defaults.php', 'wp-load.php', 'aj.php', 't00l.php', 'license.php', 'browse.php', 'tiny.php', 'wp-xmlmp.php', 'function.php', 'blog.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
2.58.56.62
|
ip
|
This IP is identified as a bot impersonator actively scanning for WordPress vulnerabilities (wlwmanifest.xml). It has a high percentage of threat-dete...
|
2026-03-02 10:36:52
|
1
|
NL
|
AS210558
|
['akamai.darcherif.fr']
|
['site/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'wp2/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'shop/wp-includes/wlwmanifest.xml', 'wp1/wp-includes/wlwmanifest.xml', '2019/wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904020", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
75.245.42.183
|
ip
|
Multiple WAF flags on accessed paths, 6 out of 19 requests detected as threats, and triggered an IPBLOCK-BURST4 security rule indicating automated mal...
|
2026-03-02 07:45:20
|
1
|
US
|
AS6167
|
['', 'akamai.darcherif.fr']
|
['assets/mail/contact_me.js', 'assets/mail/jqBootstrapValidation.js', 'js/scripts.js', 'favicon.ico', 'assets/img/portfolio/submarine.png', 'assets/img/portfolio/safe.png']
|
{"alert": [], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
34.118.53.115
|
ip
|
WAF flagged path 'akam/13/pixel_45aa0933' and triggered security alert 3910002. Detected 1 threat request.
|
2026-03-02 05:34:51
|
1
|
PL
|
AS396982
|
['', 'www.darcherif.fr']
|
['akam/13/pixel_45aa0933']
|
{"alert": ["3910002"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
45.156.87.52
|
ip
|
Accessing sensitive WordPress paths like '/wp-json/wp/v2/users' and '/wp-login.php' suggests user enumeration and brute-force attempts.
|
2026-03-02 05:34:51
|
1
|
NL
|
AS51396
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.8500000238418579
|
severity: Severity.critical
|
|
20.219.132.149
|
ip
|
This IP is actively accessing multiple highly suspicious PHP file names and WordPress-related paths commonly associated with web shells, backdoors, or...
|
2026-03-01 21:03:04
|
1
|
IN
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.8500000238418579
|
severity: Severity.critical
|
|
104.28.246.113
|
ip
|
This IP address is associated with highly suspicious activity, including requests to common web shell paths and 100% detected threat requests. WAF rul...
|
2026-03-01 17:12:07
|
1
|
US
|
AS13335
|
['akamai.darcherif.fr']
|
['akcc.php', 'abcd.php', 'blurbs.php', 'class-t.api.php', 'shelp.php', 'file.php', 'gifclass.php', 'wp-includes/style.php', 'wp-content/themes/style.php', 'chosen.php']
|
{"alert": ["3990001"], "deny": ["IPBLOCK-SUMMARY8-318403"]}
|
1.0
|
severity: Severity.critical
|
|
2a09:bac5:952b:1cd2::2df:73
|
ip
|
This IPv6 address exhibits highly malicious behavior, accessing numerous suspicious PHP paths indicative of web shell activity or exploitation attempt...
|
2026-03-01 17:12:07
|
1
|
US
|
AS13335
|
['akamai.darcherif.fr']
|
['chosen.php', 'dex.php', 'akcc.php', 'file2.php', 'wp-admin/css/index.php', 'ahax.php', 'zwso.php', 'bolt.php', 'wp-content/themes/style.php', 'wp-admin/txets.php']
|
{"alert": ["3990001"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
141.98.11.209
|
ip
|
High volume of detected threat requests targeting wp-login.php, flagged by WAF and triggered security alerts, indicative of a brute-force or credentia...
|
2026-03-01 15:41:18
|
1
|
LT
|
AS209605
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
40.85.219.62
|
ip
|
Accessed multiple suspicious web application paths (e.g., PHP backdoors, WordPress exploit attempts) on www.darcherif.fr, indicating potential reconna...
|
2026-03-01 11:00:29
|
1
|
CA
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.8999999761581421
|
severity: Severity.critical
|
|
45.141.233.210
|
ip
|
Suspicious activity detected: attempted access to 'wp-login.php' which was flagged by WAF, a high proportion of threat requests (4 out of 7 total), an...
|
2026-03-01 08:07:54
|
1
|
NL
|
AS201814
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
169.150.203.202
|
ip
|
Highly malicious activity detected: numerous WAF flags for WordPress enumeration attempts ('wlwmanifest.xml'), a very high number of detected threat r...
|
2026-03-01 08:07:54
|
1
|
US
|
AS212238
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "3904058", "3904065", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
0.9800000190734863
|
severity: Severity.critical
|
|
20.151.2.242
|
ip
|
All 143 requests detected as threats, accessing highly suspicious PHP files indicative of webshells or malicious scripts, and previously denied by an ...
|
2026-03-01 05:47:09
|
1
|
CA
|
AS8075
|
['akamai.darcherif.fr']
|
['opotv.php', 'wp-includes/IXR/pu9.php', 'info.php', 'wp-content/cc13.php', 'X57.php', 'gems.php', 'chosen.php', 'gettest.php', 'wp-admin/maint/admin.php', 'wp-setting.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
0.9800000190734863
|
severity: Severity.critical
|
|
144.217.135.195
|
ip
|
A high percentage of requests (24/27) were flagged by WAF and detected as threats (rule 3991017), including access to suspicious obfuscated paths.
|
2026-03-01 01:16:18
|
1
|
NL
|
AS16276
|
['', 'www.darcherif.fr']
|
['wp-content/themes/highlight/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-content/themes/highlight/assets/js/theme-child.js', 'wp-includes/js/imagesloaded.min.js', 'wp-content/themes/mesmerize/assets/css/theme.bundle.min.css', 'wp-content/uploads/2020/05/ConferenceIndiaCropped.png', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/themes/highlight/assets/images/hero-2.jpg', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css', 'wp-content/uploads/2020/01/Czech-Republic-operation-Temelin-Nuclear-Power-Plant-2003-1024x669.jpg']
|
{"alert": ["3991017"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
74.7.244.27
|
ip
|
All requests (5/5) were flagged by WAF and detected as threats (rule 3991023), indicating highly malicious activity.
|
2026-03-01 01:16:18
|
1
|
US
|
AS8075
|
['www.darcherif.fr']
|
['robots.txt']
|
{"alert": ["3991023"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
216.73.216.189
|
ip
|
A significant portion of requests (4/6) were detected as threats by WAF (rule 3991023) and involved access to highly suspicious obfuscated paths.
|
2026-03-01 01:16:18
|
1
|
US
|
AS16509
|
['', 'www.darcherif.fr']
|
['', 'robots.txt']
|
{"alert": ["3991023"], "deny": []}
|
0.8999999761581421
|
severity: Severity.critical
|
|
144.217.135.151
|
ip
|
All requests (19/19) were flagged by WAF and detected as threats (rule 3991017), indicating highly malicious activity.
|
2026-03-01 01:16:18
|
1
|
NL
|
AS16276
|
['www.darcherif.fr']
|
['ads.txt', 'index.php/2023/04/27/ddos-what-is-it-how-does-it-work-and-how-to-be-protected/', '.well-known/security.txt', 'index.php/author/admin3157/', 'security.txt', 'llms.txt', 'index.php/category/cybersecurity/', 'index.php/2020/01/24/industry-4-0-threat-landscape/', 'sitemap.xml', 'index.php/2020/01/24/industry-4-0-corrupted-smart-factories-examples/']
|
{"alert": ["3991017"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
45.156.129.177
|
ip
|
All 7 requests triggered WAF alerts, targeting common exploitation paths like wp-json, solr, and cgi-bin. This suggests aggressive scanning or attack ...
|
2026-02-28 20:55:12
|
1
|
US
|
AS211680
|
['akamai.darcherif.fr']
|
['', 'wp-json', 'solr/', 'cgi-bin/authLogin.cgi']
|
{"alert": ["3990011"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
45.156.129.176
|
ip
|
All 8 requests triggered WAF alerts, targeting sensitive paths like cgi-bin, console, and solr. This indicates malicious scanning or exploitation atte...
|
2026-02-28 20:55:12
|
1
|
US
|
AS211680
|
['akamai.darcherif.fr']
|
['', 'cgi-bin/authLogin.cgi', 'aspera/faspex/', 'favicon.ico', 'console', 'solr/']
|
{"alert": ["3990011"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
45.156.129.178
|
ip
|
All 9 requests triggered WAF alerts, indicating malicious activity targeting system files and login interfaces. This points to reconnaissance and pote...
|
2026-02-28 20:55:12
|
1
|
US
|
AS211680
|
['akamai.darcherif.fr']
|
['', 'license.txt', 'static/historypage.js', 'favicon.ico', 'WebInterface/', 'login.do']
|
{"alert": ["3990011"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
64.89.163.10
|
ip
|
Repeated attempts to access non-standard PHP files (e.g., 'txets.php', 'schallfuns.php') in WordPress core directories, indicative of web shell access...
|
2026-02-28 18:43:59
|
1
|
DE
|
AS401626
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
51.158.204.94
|
ip
|
All 18 requests from this IP were detected as threats and denied by WAF (REP_1654536), targeting common WordPress enumeration paths (wlwmanifest.xml)....
|
2026-02-28 16:52:27
|
1
|
NL
|
AS12876
|
['www.darcherif.fr']
|
['shop/wp-includes/wlwmanifest.xml', 'wp1/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', '2020/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": [], "deny": ["REP_1654536"]}
|
0.949999988079071
|
severity: Severity.critical
|
|
20.151.205.221
|
ip
|
The IP accessed multiple highly suspicious paths commonly associated with WordPress exploitation attempts and webshells, indicating an active attack. ...
|
2026-02-28 13:01:33
|
1
|
CA
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.8999999761581421
|
severity: Severity.critical
|