|
2.58.56.55
|
ip
|
IP accessed highly suspicious web shell paths ending in '.php.suspected', strongly indicating web shell upload or exploitation attempts. This is criti...
|
2026-02-10 23:58:52
|
1
|
NL
|
AS210558
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
20.19.120.248
|
ip
|
IP belongs to AS8075, which is extensively blocklisted for persistent malicious activity. The accessed paths (e.g., system.php, functions.php, info.ph...
|
2026-02-10 20:08:41
|
1
|
FR
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
74.248.130.28
|
ip
|
IP belongs to AS8075, which is extensively blocklisted for persistent malicious activity, and is actively probing highly suspicious PHP files and Word...
|
2026-02-10 19:18:37
|
1
|
PL
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
74.7.227.185
|
ip
|
Extremely high ratio of detected threat requests (75 out of 76), all accessed paths flagged by WAF, and its associated ASN AS8075 is already blocklist...
|
2026-02-10 16:18:16
|
1
|
US
|
AS8075
|
['', 'www.darcherif.fr']
|
['index.php/wp-json/wp/v2/tags/5', 'index.php/category/industry-4-0/feed/', 'index.php/wp-json/wp/v2/tags/4', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'index.php/tag/industry-4-0/feed/', 'index.php/wp-json/wp/v2/posts/40', 'index.php/category/cybersecurity/', 'wp-content/themes/mesmerize/assets/fonts/fontawesome-webfont.ttf', 'index.php/wp-json/wp/v2/pages/25', 'wp-content/themes/mesmerize/assets/fonts/fontawesome-webfont.svg']
|
{"alert": ["3991023"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
2600:4041:58f4:7200:10b:144d:3ed7:48f0
|
ip
|
Triggered critical WAF deny rule 'IPBLOCK-BURST4-318403' with multiple paths flagged by WAF and a high threat request ratio (6/19), indicating severe ...
|
2026-02-10 14:58:21
|
1
|
US
|
AS701
|
['', 'akamai.darcherif.fr']
|
['assets/mail/contact_me.js', 'assets/mail/jqBootstrapValidation.js', 'js/scripts.js', 'favicon.ico', 'assets/img/portfolio/submarine.png', 'assets/img/portfolio/safe.png']
|
{"alert": [], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
45.74.10.74
|
ip
|
Extremely high ratio of detected threat requests (19 over 10 total requests), multiple accessed paths flagged by WAF, and several critical security al...
|
2026-02-10 09:07:52
|
1
|
ZW
|
AS213441
|
['akamai.darcherif.fr']
|
['', 'stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.bundle.min.js', 'cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js']
|
{"alert": ["3904000", "3904001", "3904005", "3904006", "3904007", "3904020", "3904052", "3990007", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
2a09:bac5:cad4:1caa::2db:2a
|
ip
|
All requests (100%) from this IP were detected as threats, a critical WAF deny rule (IPBLOCK-BURST4-318403) was triggered, and its associated ASN AS13...
|
2026-02-10 06:17:38
|
1
|
US
|
AS13335
|
['akamai.darcherif.fr']
|
['chosen.php', 'dex.php', 'akcc.php', 'file2.php', 'wp-admin/css/index.php', 'zwso.php', 'ahax.php', 'bolt.php', 'wp-content/themes/style.php', 'wp-admin/txets.php']
|
{"alert": ["3990001"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
104.28.235.57
|
ip
|
All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files were flagged by WAF, and its associated ASN AS13335 is al...
|
2026-02-10 06:17:38
|
1
|
US
|
AS13335
|
['akamai.darcherif.fr']
|
['shlo.php', 'class-t.api.php', 'chosen.php', 'dex.php', 'akcc.php', 'file2.php', 'zwso.php', 'ahax.php', 'bolt.php', 'wp-content/themes/style.php']
|
{"alert": ["3990001"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
20.46.120.47
|
ip
|
IP belongs to AS8075, which is extensively blocklisted for persistent malicious activity, including probing suspicious PHP files and WordPress admin p...
|
2026-02-10 04:37:57
|
1
|
JP
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
43.157.181.189
|
ip
|
Associated ASN AS132203 is blocklisted for confirmed persistent malicious activity.
|
2026-02-09 22:27:18
|
1
|
BR
|
AS132203
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
20.43.35.7
|
ip
|
All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files including a known WordPress File Manager exploit ('wp-con...
|
2026-02-09 21:27:05
|
1
|
FR
|
AS8075
|
['akamai.darcherif.fr']
|
['ol.php', 'reze.php', 'past1.php', 'bk.php', 'wp-content/plugins/hellopress/wp_filemanager.php', 'jga.php', 'x.php', 'k.php', '166.php', '8xyz.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
172.59.76.191
|
ip
|
High percentage of detected threat requests (36.8%), multiple WAF flagged paths, and the triggering of critical WAF deny rules (IPBLOCK-BURST4-318403,...
|
2026-02-09 15:56:42
|
1
|
US
|
AS21928
|
['', 'akamai.darcherif.fr']
|
['assets/mail/contact_me.js', 'assets/mail/jqBootstrapValidation.js', 'js/scripts.js', 'favicon.ico', 'assets/img/portfolio/submarine.png', 'assets/img/portfolio/safe.png']
|
{"alert": [], "deny": ["IPBLOCK-BURST4-318403", "IPBLOCK-SUMMARY8-318403"]}
|
1.0
|
severity: Severity.critical
|
|
104.208.81.121
|
ip
|
All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files including a known WordPress File Manager exploit ('wp-con...
|
2026-02-09 08:36:20
|
1
|
HK
|
AS8075
|
['akamai.darcherif.fr']
|
['1.php', 'ioxi002.PhP7', 'wp-class.php', 'plugin.php', 'wp-activate.php', 'system_log.php', 'wp-content/plugins/hellopress/wp_filemanager.php', 'up.php', 'file7.php', 'cc.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
209.97.162.190
|
ip
|
Extremely high ratio of detected threat requests (95 over 31 requests), all accessed WordPress enumeration paths ('wlwmanifest.xml') flagged by WAF, t...
|
2026-02-08 11:45:04
|
1
|
SG
|
AS14061
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
2a10:3c0:5:1:1:9:0:5
|
ip
|
Extremely high ratio of detected threat requests (90.9%), all non-trivial accessed paths (mcp, sse) flagged by WAF, and triggered security alert '3990...
|
2026-02-08 11:14:57
|
1
|
US
|
AS21859
|
['akamai.darcherif.fr']
|
['mcp', 'sse']
|
{"alert": ["3990001"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
AS21859
|
asn
|
Extremely high number of detected threat requests (100 over 54 total requests), widespread WAF flags across various paths including 'mcp' and 'sse', a...
|
2026-02-08 11:14:57
|
1
|
US
|
AS21859
|
['www.darcherif.fr', 'akamai.darcherif.fr']
|
['', 'mcp', 'sse']
|
{"alert": ["3904000", "3904004", "3904006", "3904013", "3904020", "3904036", "3904042", "3904053", "3990001", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
20.205.200.255
|
ip
|
IP belongs to AS8075, which is extensively blocklisted for persistent malicious activity. This IP is actively probing highly suspicious WordPress admi...
|
2026-02-08 08:34:53
|
1
|
SG
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
3%7eeed460c9d12572ae
|
tls
|
Extremely high number of detected threat events (121 over 20 requests), all accessed paths flagged by WAF, and multiple critical security alerts inclu...
|
2026-02-08 01:04:21
|
1
|
NL
|
N/A
|
['akamai.darcherif.fr']
|
['', 'login', 'license.txt', 'aspera/faspex/', 'console', 'cf_scripts/scripts/ajax/ckeditor/ckeditor.js', 'solr/', 'login.do', 'owa/', 'wp-json']
|
{"alert": ["3904000", "3904004", "3904005", "3904006", "3904013", "3904020", "3904036", "3904042", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
216.73.216.4
|
ip
|
High percentage of detected threat requests (66.67%), accessed WAF-flagged paths ('robots.txt'), triggered security alert '3991023', and accessed high...
|
2026-02-07 22:24:13
|
1
|
US
|
AS16509
|
['', 'www.darcherif.fr']
|
['', 'robots.txt']
|
{"alert": ["3991023"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
174.78.6.84
|
ip
|
Triggered a critical WAF deny rule 'IPBLOCK-BURST4-318403', showed a high percentage of detected threat requests (36.8%), and accessed a suspicious ob...
|
2026-02-07 17:54:06
|
1
|
US
|
AS22773
|
['', 'akamai.darcherif.fr']
|
['assets/mail/contact_me.js', 'assets/mail/jqBootstrapValidation.js', 'js/scripts.js', 'favicon.ico', 'akam/13/pixel_117686f9', 'assets/img/portfolio/submarine.png', 'assets/img/portfolio/safe.png']
|
{"alert": ["3910006"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
2a10:3c0:3:0:1:46:0:5
|
ip
|
High percentage of detected threat requests (80%), all non-trivial accessed paths (mcp, sse) flagged by WAF, and triggered security alert '3990001'. T...
|
2026-02-07 17:33:57
|
1
|
NL
|
AS21859
|
['akamai.darcherif.fr']
|
['mcp', 'sse']
|
{"alert": ["3990001"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
20.220.144.75
|
ip
|
All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files were flagged by WAF, and a critical 'IPBLOCK' deny rule w...
|
2026-02-07 16:33:54
|
1
|
CA
|
AS8075
|
['akamai.darcherif.fr']
|
['lkj.php', 'geju.php', 'ak.php', 'img.php', '54.php', 't.php', '35.php', 'system123.php', 'xs.php', '155.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
206.189.87.51
|
ip
|
IP is performing WordPress brute-force attempts, indicated by access to wp-login.php and WAF alert '3900998'. Its associated ASN AS14061 is already bl...
|
2026-02-07 15:13:48
|
1
|
SG
|
AS14061
|
['www.darcherif.fr']
|
['', 'wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
45.149.173.211
|
ip
|
Extremely high number of detected threat requests (89 over 25 requests), all accessed WordPress enumeration paths flagged by WAF, and multiple critica...
|
2026-02-07 11:23:36
|
1
|
US
|
AS62240
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
45.156.128.178
|
ip
|
Extremely high ratio of detected threat requests (47 over 7 total requests), all accessed paths flagged by WAF, and multiple critical security alerts ...
|
2026-02-07 09:33:28
|
1
|
NL
|
AS211680
|
['akamai.darcherif.fr']
|
['', 'license.txt', 'aspera/faspex/', 'console', 'solr/', 'wp-json']
|
{"alert": ["3904000", "3904004", "3904006", "3904020", "3904036", "3904042", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
20.110.243.199
|
ip
|
All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files including a known WordPress File Manager exploit ('wp-con...
|
2026-02-07 09:13:31
|
1
|
US
|
AS8075
|
['akamai.darcherif.fr']
|
['classwithtostring.php', 'app.php', 'reze.php', 'bgymj.php', 'wwx.php', 'bnn_.php', 'wp-content/plugins/hellopress/wp_filemanager.php', 'ws38.php', '166.php', 'uploaxa1.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
20.187.78.62
|
ip
|
IP belongs to AS8075, which is extensively blocklisted for persistent malicious activity, including probing suspicious PHP files and WordPress admin p...
|
2026-02-07 07:53:35
|
1
|
HK
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
24.126.4.95
|
ip
|
IP 24.126.4.95 triggered a critical WAF deny rule ('IPBLOCK-BURST4-318403') and generated multiple WAF alerts, with a high percentage of detected thre...
|
2026-02-06 18:32:38
|
1
|
US
|
AS33657
|
['', 'akamai.darcherif.fr']
|
['assets/mail/contact_me.js', 'assets/mail/jqBootstrapValidation.js', 'js/scripts.js', 'favicon.ico', 'assets/img/portfolio/submarine.png', 'assets/img/portfolio/safe.png', 'akam/13/pixel_1190a7fc']
|
{"alert": ["3910002"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
193.143.1.12
|
ip
|
The IP 193.143.1.12 from Russia (RU) shows an extremely high rate of detected threat requests (84 over 21 total), engaged in aggressive WordPress enum...
|
2026-02-06 15:12:28
|
1
|
RU
|
AS198953
|
['akamai.darcherif.fr']
|
['cms/wp-includes/wlwmanifest.xml', 'shop/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp1/wp-includes/wlwmanifest.xml', 'feed/', '2019/wp-includes/wlwmanifest.xml', 'xmlrpc.php', '2020/wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml', '2021/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904020", "3904052", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
52.167.144.171
|
ip
|
High percentage of detected threat requests (~85.7%), numerous WAF flags including an obfuscated and suspicious path, and its associated ASN (AS8075) ...
|
2026-02-06 12:42:09
|
1
|
US
|
AS8075
|
['', 'www.darcherif.fr']
|
['wp-includes/js/imagesloaded.min.js', 'wp-includes/js/masonry.min.js', 'wp-content/themes/highlight/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-includes/css/dist/block-library/style.min.css', 'wp-content/themes/highlight/assets/js/theme-child.js']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
52.167.144.187
|
ip
|
All requests (100%) from this IP were detected as threats and flagged by WAF, triggering security alert '3991006'. Its associated ASN (AS8075) is alre...
|
2026-02-06 12:42:09
|
1
|
US
|
AS8075
|
['www.darcherif.fr']
|
['wp-includes/js/wp-emoji-release.min.js', 'wp-includes/js/jquery/jquery.min.js', 'index.php/feed/', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/themes/mesmerize/style.min.css', 'wp-content/uploads/2020/01/Czech-Republic-operation-Temelin-Nuclear-Power-Plant-2003-768x502.jpg']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
20.110.170.61
|
ip
|
All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files including a known WordPress File Manager exploit ('wp-con...
|
2026-02-06 08:32:03
|
1
|
US
|
AS8075
|
['akamai.darcherif.fr']
|
['classwithtostring.php', 'app.php', 'reze.php', 'bgymj.php', 'wwx.php', 'bnn_.php', 'wp-content/plugins/hellopress/wp_filemanager.php', 'ws38.php', '166.php', 'uploaxa1.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
73.98.29.196
|
ip
|
Triggered a critical WAF deny rule 'IPBLOCK-BURST4-318403' indicating a burst of malicious activity, and detected security alert '3910006' for an obfu...
|
2026-02-05 19:21:17
|
1
|
US
|
AS33654
|
['', 'akamai.darcherif.fr']
|
['akam/13/pixel_6600b21e', 'assets/mail/contact_me.js', 'js/scripts.js', 'assets/mail/jqBootstrapValidation.js', 'favicon.ico']
|
{"alert": ["3910006"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
167.172.232.142
|
ip
|
Aggressive reconnaissance for sensitive files and API documentation, all requests flagged by WAF, extremely high threat request ratio (63 over 35 requ...
|
2026-02-05 12:40:35
|
1
|
US
|
AS14061
|
['akamai.darcherif.fr']
|
['server-status', '.git/config', 'graphql', 'server', 'v3/api-docs', '.env', 'v2/api-docs', 'swagger/swagger-ui.html', 'webjars/swagger-ui/index.html', '.vscode/sftp.json']
|
{"alert": ["3000508", "3990011", "IPBLOCK-PENALTY-BOX"], "deny": ["LFI-ANOMALY"]}
|
1.0
|
severity: Severity.critical
|
|
142.93.0.66
|
ip
|
Aggressive reconnaissance for sensitive files and API documentation, all requests flagged by WAF, extremely high threat request ratio (62 over 35 requ...
|
2026-02-05 12:40:35
|
1
|
US
|
AS14061
|
['akamai.darcherif.fr']
|
['server-status', '.git/config', 'graphql', 'server', 'v3/api-docs', 'v2/api-docs', '.env', 'swagger/swagger-ui.html', 'webjars/swagger-ui/index.html', '.vscode/sftp.json']
|
{"alert": ["3000508", "3990011", "IPBLOCK-PENALTY-BOX"], "deny": ["LFI-ANOMALY"]}
|
1.0
|
severity: Severity.critical
|
|
45.148.10.154
|
ip
|
Extremely high ratio of detected threat requests (111 over 14 requests), all accessed sensitive version control system files (.svn, .git) were flagged...
|
2026-02-05 01:59:54
|
1
|
AD
|
AS48090
|
['akamai.darcherif.fr']
|
['', 'assets/mail/contact_me.js', 'js/scripts.js', 'assets/mail/jqBootstrapValidation.js', '.svn/entries', 'js/mpulse.js', '.svn/wc.db', '.git/config']
|
{"alert": ["3904000", "3904001", "3904002", "3904003", "3904004", "3904005", "3904006", "3904020", "3904023", "3904028", "3904052", "3904053", "3904055", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
66.249.66.202
|
ip
|
High percentage of detected threat requests (60%), all accessed suspicious paths flagged by WAF, and triggered security alert '3991006'. Its associate...
|
2026-02-05 01:29:53
|
1
|
US
|
AS15169
|
['www.darcherif.fr']
|
['wp-content/themes/mesmerize/assets/css/theme.bundle.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
52.184.97.233
|
ip
|
All requests (100%) from this IP were detected as threats, all accessed suspicious PHP files were flagged by WAF, and a critical 'IPBLOCK' deny rule w...
|
2026-02-04 23:19:39
|
1
|
HK
|
AS8075
|
['akamai.darcherif.fr']
|
['ah25.php', 'db.php', 'chosen.php', 'wp-wso.php', 'stindex.php', 'sd.php', 'gettest.php', 'oller.php', 'sad5.php', 'x.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
51.195.103.76
|
ip
|
All requests (100%) from this IP were detected as threats and flagged by WAF, triggering security alert '3991006'. Its associated ASN (AS16276) is alr...
|
2026-02-04 18:29:24
|
1
|
DE
|
AS16276
|
['www.darcherif.fr']
|
['index.php/category/cloud-security/', 'robots.txt', 'index.php/category/non-classe/', 'index.php/category/cybercrime/', 'index.php/2020/01/22/industry-4-0-concept-threat-landscape-and-security-challenges-of-smart-factories/', 'index.php/category/cyberattacks/', 'index.php/2020/01/24/industry-4-0-threat-landscape/']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
43.164.195.17
|
ip
|
High percentage of detected threat requests (40%), all accessed non-empty paths flagged by WAF, and triggered security alert '3900999', consistent wit...
|
2026-02-04 16:29:19
|
1
|
BR
|
AS132203
|
['', 'www.darcherif.fr']
|
['akam/13/51672fff', 'akam/13/5d10ddae']
|
{"alert": ["3900999"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
167.71.198.160
|
ip
|
IP is actively performing WordPress enumeration and bot impersonation, with an extremely high number of detected threat requests (34 over 6 requests) ...
|
2026-02-04 11:58:50
|
1
|
SG
|
AS14061
|
['akamai.darcherif.fr']
|
['', 'blog/', 'wordpress/', 'wp/', 'xmlrpc.php', 'blog/robots.txt']
|
{"alert": ["3904003", "3904013", "3904020", "3904052", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
20.211.1.249
|
ip
|
IP belongs to AS8075, which is blocklisted for persistent malicious activity. This IP is actively probing highly suspicious WordPress administration a...
|
2026-02-04 11:48:48
|
1
|
AU
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.9800000190734863
|
severity: Severity.critical
|
|
AS64286
|
asn
|
Multiple associated IPs are performing malicious probing by accessing WAF-flagged obfuscated paths and triggering security alert '3910006', indicating...
|
2026-02-04 10:28:43
|
1
|
US
|
AS64286
|
['', 'www.darcherif.fr']
|
['akam/13/pixel_2eb3b1d8', 'akam/13/pixel_2eb3b2db', 'akam/13/pixel_69827dcf']
|
{"alert": ["3910006"], "deny": []}
|
0.9800000190734863
|
severity: Severity.critical
|
|
149.57.176.44
|
ip
|
Accessed a WAF-flagged obfuscated path ("akam/13/pixel_2eb3b2db") and triggered security alert '3910006', a pattern consistent with malicious probing ...
|
2026-02-04 10:28:43
|
1
|
US
|
AS64286
|
['', 'www.darcherif.fr']
|
['akam/13/pixel_2eb3b2db']
|
{"alert": ["3910006"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
149.57.191.228
|
ip
|
Accessed a WAF-flagged obfuscated path ("akam/13/pixel_69827dcf") and triggered security alert '3910006', a pattern consistent with malicious probing ...
|
2026-02-04 10:28:43
|
1
|
US
|
AS64286
|
['', 'www.darcherif.fr']
|
['akam/13/pixel_69827dcf']
|
{"alert": ["3910006"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
149.57.191.20
|
ip
|
Accessed a WAF-flagged obfuscated path ("akam/13/pixel_2eb3b1d8") and triggered security alert '3910006', a pattern consistent with malicious probing ...
|
2026-02-04 09:28:40
|
1
|
N/A
|
N/A
|
[]
|
[]
|
{"alert": [], "deny": []}
|
0.8500000238418579
|
severity: Severity.critical
|
|
205.169.39.29
|
ip
|
Accessed a WAF-flagged obfuscated path ("akam/13/2f321e7e") and triggered security alert '3900999', consistent with other blocklisted IPs from its ass...
|
2026-02-04 09:28:40
|
1
|
US
|
AS3356
|
['', 'www.darcherif.fr']
|
['akam/13/2f321e7e']
|
{"alert": ["3900999"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
74.7.230.8
|
ip
|
This IP shows 100% detected threat requests, accessed a WAF-flagged path 'robots.txt', and its associated ASN (AS8075) is already blocklisted for pers...
|
2026-02-04 06:48:32
|
1
|
US
|
AS8075
|
['www.darcherif.fr']
|
['robots.txt']
|
{"alert": ["3991023"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
74.7.228.59
|
ip
|
All requests (100%) from this IP were detected as threats, the accessed path 'robots.txt' was flagged by WAF, and a critical 'IPBLOCK' deny rule was t...
|
2026-02-04 06:38:31
|
1
|
US
|
AS8075
|
['akamai.darcherif.fr']
|
['robots.txt']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
216.81.248.41
|
ip
|
Extremely high ratio of detected threat requests (36 for 6 total requests), all accessed highly sensitive configuration and version control paths flag...
|
2026-02-03 18:57:27
|
1
|
US
|
AS11320
|
['akamai.darcherif.fr']
|
['.gitlab-cli.yml', '.git/config.bak', '.git/config', 'package.json', '.git/config.backup', '.git/config.old']
|
{"alert": ["3904000", "3904001", "3904004", "3904006", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|