|
74.7.242.31
|
ip
|
IP from blocklisted ASN AS8075 with 100% threat requests, all paths flagged by WAF, and triggered security alert '3991023', indicating persistent mali...
|
2025-12-28 00:04:41
|
1
|
US
|
AS8075
|
['www.darcherif.fr']
|
['index.php/2020/01/24/', '2020/', '2020/01/24/', '2020/01/', 'index.php/2020/', 'index.php/2020/01/']
|
{"alert": ["3991023"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
205.169.39.11
|
ip
|
IP from ASN AS3356, which has multiple IPs blocklisted for accessing suspicious/obfuscated paths. This IP exhibits similar behavior with a WAF-flagged...
|
2025-12-27 19:24:27
|
1
|
US
|
AS3356
|
['', 'www.darcherif.fr']
|
['akam/13/2f321df0']
|
{"alert": ["3900999"], "deny": []}
|
0.8999999761581421
|
severity: Severity.critical
|
|
13.211.133.155
|
ip
|
All requests (100%) from this IP were flagged as threats, all accessed paths were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. It...
|
2025-12-27 12:54:06
|
1
|
AU
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
3.26.215.6
|
ip
|
All requests (100%) from this IP were flagged as threats, all accessed paths were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. It...
|
2025-12-27 11:34:05
|
1
|
AU
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
87.251.78.138
|
ip
|
Extremely high number of detected threat events (60 over 10 requests), all accessed paths flagged by WAF, and multiple security alerts including 'BOT-...
|
2025-12-27 11:04:00
|
1
|
RU
|
AS199785
|
['akamai.darcherif.fr']
|
['', 'assets/mail/contact_me.js', 'assets/mail/jqBootstrapValidation.js', 'js/scripts.js', 'js/mpulse.js']
|
{"alert": ["3904000", "3904001", "3904004", "3904005", "3904006", "3904020", "3904038", "3904052", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
16.176.222.217
|
ip
|
All requests (100%) from this IP were flagged as threats, all accessed paths were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. It...
|
2025-12-27 07:03:48
|
1
|
AU
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
2600:3c00::2000:72ff:fe7b:3e96
|
ip
|
Accessed a highly obfuscated and suspicious path (cMzmRHv2McZmnWgO3JrScmKtz0o/1Dw3GczYaVuVQN/Qk1QICE/KR9JTB/QVeC0), strongly indicating malicious prob...
|
2025-12-27 05:33:47
|
1
|
US
|
AS63949
|
['', 'www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
16.176.215.135
|
ip
|
All requests (100%) from this IP were flagged as threats, all accessed paths were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. It...
|
2025-12-27 05:33:47
|
1
|
AU
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
66.249.66.66
|
ip
|
All requests (100%) from this IP were detected as threats, all accessed paths were flagged by WAF, and security alert '3991006' was triggered. This be...
|
2025-12-27 02:53:38
|
1
|
US
|
AS15169
|
['www.darcherif.fr']
|
['robots.txt', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-includes/css/dist/block-library/style.min.css', 'index.php/2020/01/24/industry-4-0-corrupted-smart-factories-examples/']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
45.86.202.100
|
ip
|
Aggressively probing sensitive PHP info files and configuration files (.env), with all accessed paths flagged by WAF, triggering critical IP block bur...
|
2025-12-26 21:13:20
|
1
|
DE
|
AS206092
|
['akamai.darcherif.fr']
|
['phpinfo', 'admin/phpinfo.php', 'pinfo.php', 'i.php', 'phpinfo.php', 'info.php', 'php_version.php', 'pi.php', 'php_info.php', '.env']
|
{"alert": ["3000508", "3904000", "3904001", "3904004", "3904006", "3904020", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403", "LFI-ANOMALY"]}
|
1.0
|
severity: Severity.critical
|
|
45.86.202.87
|
ip
|
Aggressively probing sensitive PHP info files and configuration files (.env.example), with almost all accessed paths flagged by WAF, triggering a crit...
|
2025-12-26 21:13:20
|
1
|
DE
|
AS206092
|
['akamai.darcherif.fr']
|
['test.php', 'php.php', '_profiler/phpinfo', 'phpinfo', '.env.example', 'i.php', 'phpinfo.php', 'info.php', 'pi.php', 'php_info.php']
|
{"alert": ["3904000", "3904001", "3904006", "3904052", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
20.37.218.115
|
ip
|
All requests (100%) from this IP were flagged by WAF, accessed suspicious PHP and admin files, and triggered a critical 'IPBLOCK' deny rule. Its assoc...
|
2025-12-26 17:13:04
|
1
|
AU
|
AS8075
|
['akamai.darcherif.fr']
|
['nox.php', 'click.php', 'cka.php', 'sx.php', 'ha.php', 'plugins/Cache/footer.php', 'css/colors/blue/index.php', 'htaccess.php', 'lv.php', 'wp-admin/maint/admin.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
141.98.11.23
|
ip
|
IP is performing WordPress brute-force attempts targeting 'wp-login.php' and triggered a WAF alert (3900998). This IP's ASN (AS209605) is already bloc...
|
2025-12-26 16:02:56
|
1
|
LT
|
AS209605
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
216.73.216.215
|
ip
|
High percentage of detected threat requests (66.67%), triggered WAF alert '3991023', accessed highly obfuscated and suspicious paths, and belongs to A...
|
2025-12-26 12:22:46
|
1
|
US
|
AS16509
|
['', 'www.darcherif.fr']
|
['', 'robots.txt', 'index.php/2020/01/22/industry-4-0-concept-threat-landscape-and-security-challenges-of-smart-factories/']
|
{"alert": ["3991023"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
136.117.243.55
|
ip
|
IP performing extensive WordPress enumeration and bot impersonation, triggered a critical WAF deny rule (IPBLOCK-BURST4-318403), and belongs to ASN AS...
|
2025-12-26 10:22:40
|
1
|
US
|
AS396982
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "3904041", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
205.169.39.7
|
ip
|
Accessed a highly obfuscated and suspicious path, consistent with other blocklisted IPs (205.169.39.14, 205.169.39.58) from the same ASN (AS3356) that...
|
2025-12-26 09:12:31
|
1
|
US
|
AS3356
|
['', 'www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
99.79.31.5
|
ip
|
All requests (100%) from this IP were flagged as threats, all accessed paths were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. It...
|
2025-12-26 09:02:26
|
1
|
CA
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
152.42.219.118
|
ip
|
IP is performing extensive WordPress enumeration and bot impersonation, triggered a critical WAF deny rule (IPBLOCK-BURST4-318403), and belongs to ASN...
|
2025-12-26 03:22:08
|
1
|
SG
|
AS14061
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
45.135.232.178
|
ip
|
IP is performing WordPress enumeration and brute-force attacks, targeting 'xmlrpc.php' and 'wp-login.php'. All accessed paths were flagged by WAF, and...
|
2025-12-26 01:11:58
|
1
|
RU
|
AS198953
|
['www.darcherif.fr']
|
['xmlrpc.php', 'wp-login.php']
|
{"alert": ["961912"], "deny": ["IPBLOCK-PENALTY-BOX", "POLICY-ANOMALY"]}
|
1.0
|
severity: Severity.critical
|
|
54.245.191.67
|
ip
|
All requests from this IP were flagged as threats and by WAF, targeting WordPress enumeration paths, and triggering a reputation-based deny rule. Its ...
|
2025-12-26 00:51:56
|
1
|
US
|
AS16509
|
['www.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": [], "deny": ["REP_1654538"]}
|
1.0
|
severity: Severity.critical
|
|
45.156.129.102
|
ip
|
All accessed paths were flagged by WAF, and multiple security alerts including 'BOT-BROWSER-IMPERSONATOR' were triggered, indicating persistent automa...
|
2025-12-25 22:31:50
|
1
|
US
|
AS211680
|
['akamai.darcherif.fr']
|
['', 'favicon.ico']
|
{"alert": ["3904000", "3904004", "3904006", "3904020", "3904036", "3904042", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
0.9800000190734863
|
severity: Severity.critical
|
|
78.142.18.43
|
ip
|
High percentage of detected threat requests (66.67%) specifically targeting 'wp-login.php' and triggering a security alert (3900998) indicative of bru...
|
2025-12-25 20:51:40
|
1
|
NL
|
AS213438
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
217.113.194.247
|
ip
|
All requests from this IP were detected as threats and flagged by WAF, triggering a security alert, indicating persistent malicious probing or automat...
|
2025-12-25 12:51:13
|
1
|
FR
|
AS210743
|
['www.darcherif.fr']
|
['index.php/tag/cps/', 'index.php/tag/iot/feed/', 'index.php/tag/industry-4-0/', 'index.php/feed/', 'index.php/category/cyberattacks/feed/', 'index.php/category/cyberattacks/']
|
{"alert": ["3991020"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
161.97.92.68
|
ip
|
This IP targeted sensitive configuration files (.env), triggered critical WAF deny rules including LFI-ANOMALY and a reputation-based block (REP_16545...
|
2025-12-25 09:31:03
|
1
|
DE
|
AS51167
|
['www.darcherif.fr']
|
['', '.env']
|
{"alert": ["3000508"], "deny": ["LFI-ANOMALY", "REP_1654536"]}
|
1.0
|
severity: Severity.critical
|
|
13.229.87.61
|
ip
|
All requests (100%) from this IP were flagged as threats, all accessed paths were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. It...
|
2025-12-25 09:11:00
|
1
|
SG
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
195.178.110.156
|
ip
|
All requests from this IP targeted sensitive configuration files and triggered multiple critical WAF deny rules, including LFI-ANOMALY, IPBLOCK, and r...
|
2025-12-24 21:00:20
|
1
|
AD
|
AS48090
|
['akamai.darcherif.fr']
|
['app/config.php', 'src/.env', 'public/.env', 'production/.env', 'admin/config.php', 'config/sendgrid.json', '.env', 'frontend/.env', 'config/config.json', 'client/.env']
|
{"alert": ["3000126", "3000508"], "deny": ["IPBLOCK", "IPBLOCK-BURST4-318403", "LFI-ANOMALY", "REP_1654542"]}
|
1.0
|
severity: Severity.critical
|
|
AS51396
|
asn
|
All requests from this ASN targeted highly sensitive files and known exploit paths (.env, .git/config, server.js), triggered multiple critical WAF den...
|
2025-12-24 18:20:08
|
1
|
NL
|
AS51396
|
['akamai.darcherif.fr']
|
['server.js', 'app.js', 'composer.json', 'info.php', 'db.php', 'database.php', '.gitconfig', '_sec/cp_challenge/challenge', '.git/config', '.env']
|
{"alert": ["3000126", "3000508", "3904003", "3904004", "3904005", "3904006", "3904053", "BOT-BROWSER-IMPERSONATOR", "IPBLOCK-PENALTY-BOX"], "deny": ["IPBLOCK-BURST4-318403", "LFI-ANOMALY"]}
|
1.0
|
severity: Severity.critical
|
|
45.153.34.212
|
ip
|
All requests from this IP were flagged by WAF, targeting sensitive configuration files and known exploit paths (.git/config, .env, wp-config.php), and...
|
2025-12-24 18:00:07
|
1
|
NL
|
AS51396
|
['akamai.darcherif.fr']
|
['appsettings.json', 'wp-config.php', 'config.php', '_sec/cp_challenge/challenge', '.git/config', 'phpinfo.php', 'info.php', 'server.js', '.env', 'app.js']
|
{"alert": ["3000126", "3000508", "3904003", "3904004", "3904005", "3904006", "3904053", "BOT-BROWSER-IMPERSONATOR", "IPBLOCK-PENALTY-BOX"], "deny": ["IPBLOCK-BURST4-318403", "LFI-ANOMALY"]}
|
1.0
|
severity: Severity.critical
|
|
136.107.98.35
|
ip
|
Extensive WordPress enumeration and bot impersonation attempts detected, triggering a critical 'IPBLOCK-BURST4' deny rule. Associated ASN AS396982 is ...
|
2025-12-24 15:09:55
|
1
|
US
|
AS396982
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
13.212.151.30
|
ip
|
All requests (100%) from this IP were flagged as threats and triggered a critical 'IPBLOCK' WAF deny rule. Its associated ASN (AS16509) is already blo...
|
2025-12-24 10:49:34
|
1
|
SG
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
13.218.151.84
|
ip
|
All requests (100%) from this IP were flagged as threats, all accessed paths were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered, in...
|
2025-12-24 04:59:12
|
1
|
US
|
AS14618
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
202.8.42.45
|
ip
|
Extremely high percentage of detected threat requests (82.35%) and all accessed paths were flagged by WAF, triggering security alert '3991008', indica...
|
2025-12-24 02:59:05
|
1
|
US
|
AS140577
|
['', 'www.darcherif.fr']
|
['wp-includes/js/jquery/jquery.min.js', 'wp-includes/js/masonry.min.js', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/js/companion.bundle.min.js', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/themes/mesmerize/style.min.css', 'wp-content/themes/highlight/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css', 'wp-includes/css/dist/block-library/style.min.css', 'wp-content/themes/highlight/assets/js/theme-child.js']
|
{"alert": ["3991008"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7eb88045f633bfc7f7
|
tls
|
Very high percentage (94.4%) of requests associated with this TLS fingerprint were detected as threats and flagged by WAF, triggering alert '3991006'....
|
2025-12-23 14:48:23
|
1
|
US
|
N/A
|
['', 'www.darcherif.fr']
|
['wp-includes/css/dist/block-library/style.min.css', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/js/companion.bundle.min.js', 'wp-content/themes/mesmerize/style.min.css', 'wp-content/themes/highlight/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-content/themes/highlight/assets/js/theme-child.js', 'wp-includes/js/imagesloaded.min.js', 'wp-content/themes/mesmerize/assets/css/theme.bundle.min.css', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
40.77.167.27
|
ip
|
All requests (100%) from this IP were flagged by WAF and triggered security alert '3991006'. The associated ASN (AS8075) is already blocklisted for pe...
|
2025-12-23 14:48:22
|
1
|
US
|
AS8075
|
['www.darcherif.fr']
|
['', 'wp-includes/js/jquery/jquery.min.js', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/themes/mesmerize/style.min.css', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
52.167.144.218
|
ip
|
High percentage (88.8%) of requests from this IP were flagged by WAF and triggered security alert '3991006'. It also accessed a highly obfuscated path...
|
2025-12-23 14:48:22
|
1
|
US
|
AS8075
|
['', 'www.darcherif.fr']
|
['wp-includes/js/imagesloaded.min.js', 'wp-content/uploads/2020/01/Czech-Republic-operation-Temelin-Nuclear-Power-Plant-2003.jpg', 'wp-includes/js/masonry.min.js', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/js/companion.bundle.min.js', 'wp-content/themes/highlight/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-includes/css/dist/block-library/style.min.css', 'wp-content/themes/highlight/assets/js/theme-child.js']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
130.33.54.201
|
ip
|
All requests (100%) from this IP were flagged by WAF, accessed suspicious PHP files and admin paths, and triggered a critical 'IPBLOCK' deny rule. Its...
|
2025-12-23 13:18:15
|
1
|
JP
|
AS8075
|
['akamai.darcherif.fr']
|
['sx.php', 'ha.php', 'plugins/Cache/footer.php', 'admin/function.php', 'css/colors/blue/index.php', 'htaccess.php', 'zwso.php', 'lv.php', 'wp-admin/maint/admin.php', 'x.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
34.58.41.77
|
ip
|
IP is performing extensive WordPress enumeration, bot impersonation, and triggered a critical WAF deny rule (IPBLOCK-BURST4-318403) due to a burst of ...
|
2025-12-23 08:28:02
|
1
|
US
|
AS396982
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
205.169.39.58
|
ip
|
Accessed a highly obfuscated and suspicious path (-mN-Pzl2I/...), strongly indicating malicious probing or attempted exploitation, despite no direct W...
|
2025-12-23 06:57:58
|
1
|
US
|
AS3356
|
['', 'www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
205.169.39.14
|
ip
|
Accessed a highly obfuscated and suspicious path (-mN-Pzl2I/...), strongly indicating malicious probing or attempted exploitation, despite no direct W...
|
2025-12-23 06:57:58
|
1
|
US
|
AS3356
|
['', 'www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
2a07:e05:3:35::1
|
ip
|
All requests (100%) from this IP were flagged by WAF, triggering multiple security alerts including 'BOT-BROWSER-IMPERSONATOR', and demonstrating mali...
|
2025-12-22 21:57:26
|
1
|
US
|
AS400587
|
['akamai.darcherif.fr']
|
['', 'assets/mail/contact_me.js', 'assets/mail/jqBootstrapValidation.js', 'js/scripts.js', 'js/mpulse.js']
|
{"alert": ["3904003", "3904004", "3904005", "3904006", "3904023", "3904037", "3904042", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
3.9.114.107
|
ip
|
All requests (100%) from this IP were flagged as threats and triggered a critical 'IPBLOCK' WAF deny rule. Its associated ASN (AS16509) is already blo...
|
2025-12-22 19:07:15
|
1
|
GB
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
66.249.66.201
|
ip
|
All requests (100%) from this IP were detected as threats, flagged by WAF, and triggered security alert 3991006, consistent with the blocklisted ASN A...
|
2025-12-22 16:47:09
|
1
|
US
|
AS15169
|
['www.darcherif.fr']
|
['', 'wp-includes/js/imagesloaded.min.js', 'wp-includes/js/jquery/jquery.min.js', 'wp-includes/js/masonry.min.js', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/js/companion.bundle.min.js']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
66.249.66.33
|
ip
|
All requests (100%) from this IP were detected as threats, flagged by WAF, and triggered security alert 3991006, consistent with the blocklisted ASN A...
|
2025-12-22 16:47:09
|
1
|
US
|
AS15169
|
['www.darcherif.fr']
|
['wp-content/themes/highlight/customizer/sections/content.css', 'robots.txt', 'wp-content/themes/mesmerize/assets/css/theme.bundle.min.css', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/themes/mesmerize/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-content/themes/highlight/assets/js/theme-child.js']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
77.90.185.12
|
ip
|
IP from blocklisted ASN AS215476, with a high percentage (85.7%) of threat requests targeting 'wp-login.php' and triggering a brute-force alert, consi...
|
2025-12-22 15:07:01
|
1
|
LT
|
AS215476
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
13.229.89.63
|
ip
|
All requests (100%) from this IP were flagged as threats and triggered a critical 'IPBLOCK' WAF deny rule. Its associated ASN (AS16509) is already blo...
|
2025-12-22 10:46:49
|
1
|
SG
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
157.230.46.137
|
ip
|
IP is performing WordPress enumeration and bot impersonation, has an extremely high number of detected threat requests, and belongs to ASN AS14061, wh...
|
2025-12-22 10:26:48
|
1
|
SG
|
AS14061
|
['akamai.darcherif.fr']
|
['', 'blog/', 'wordpress/', 'wp/', 'xmlrpc.php', 'blog/robots.txt']
|
{"alert": ["3904003", "3904013", "3904020", "3904052", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
114.119.151.146
|
ip
|
All requests (100%) from this IP were detected as threats and flagged by WAF, triggering security alert '3991006', consistent with blocklisted ASN AS1...
|
2025-12-22 09:26:42
|
1
|
SG
|
AS136907
|
['www.darcherif.fr']
|
['index.php/category/industry-4-0/', 'index.php/2023/04/27/ddos-what-is-it-how-does-it-work-and-how-to-be-protected/', 'index.php/category/education/', 'index.php/author/admin3157/', 'index.php/2023/04/27/ddos-what-is-it-how-does-it-work-and-how-to-be-protected', 'index.php/category/society/']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
213.35.96.205
|
ip
|
All requests from this IP targeted sensitive WordPress admin/login paths, were flagged by WAF, triggered multiple security alerts including 'BOT-BROWS...
|
2025-12-22 08:46:41
|
1
|
SG
|
AS31898
|
['akamai.darcherif.fr']
|
['', 'login', 'admin', 'wp-admin/', 'administrator/', 'register', 'wp-login.php', 'user/login']
|
{"alert": ["3904000", "3904001", "3904004", "3904006", "3904013", "3904020", "3904023", "3904052", "3904053", "3990001", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
138.197.152.229
|
ip
|
All requests from this IP were flagged by WAF, triggered critical LFI-ANOMALY and reputation-based deny rules, and its associated ASN AS14061 is alrea...
|
2025-12-22 08:06:40
|
1
|
CA
|
AS14061
|
['www.darcherif.fr']
|
['alfa-rex.php', '.tmb/class_api.php', 'wso112233.php', 'nf_tracking.php', 'doc.php', 'wp-admin/user/xmrlpc.php', 'wp-includes/images/about.php', 'blog.php', 'wp-includes/assets/wp-trackback.php', 'wp-content/ccx/index.php']
|
{"alert": ["3000126"], "deny": ["LFI-ANOMALY", "REP_1654536"]}
|
1.0
|
severity: Severity.critical
|
|
3%7e2d3399e1bbf557f5
|
tls
|
All requests associated with this TLS fingerprint were flagged by WAF, triggered critical LFI-ANOMALY and reputation-based deny rules, and accessed hi...
|
2025-12-22 08:06:40
|
1
|
CA
|
N/A
|
['www.darcherif.fr']
|
['alfa-rex.php', '.tmb/class_api.php', 'wso112233.php', 'nf_tracking.php', 'doc.php', 'wp-admin/user/xmrlpc.php', 'wp-includes/images/about.php', 'blog.php', 'wp-includes/assets/wp-trackback.php', 'wp-content/ccx/index.php']
|
{"alert": ["3000126"], "deny": ["LFI-ANOMALY", "REP_1654536"]}
|
1.0
|
severity: Severity.critical
|