|
136.118.224.227
|
ip
|
Extensive WordPress enumeration and bot impersonation attempts detected, with all accessed paths flagged by WAF, and triggered a critical WAF deny rul...
|
2026-02-03 17:27:22
|
1
|
US
|
AS396982
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
176.65.132.163
|
ip
|
High percentage of detected threat requests (62.5%) targeting 'wp-login.php' and triggering a brute-force alert (3900998). Its associated ASN (AS51396...
|
2026-02-03 17:07:15
|
1
|
NL
|
AS51396
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
216.73.216.0
|
ip
|
High percentage of detected threat requests (75%), accessed 'robots.txt' flagged by WAF, triggered security alert '3991023', and its associated ASN (A...
|
2026-02-03 14:17:09
|
1
|
US
|
AS16509
|
['', 'www.darcherif.fr', 'akamai.darcherif.fr']
|
['', 'robots.txt']
|
{"alert": ["3991023"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
103.4.251.234
|
ip
|
Extremely high ratio of detected threat requests (54 over 13), all accessed paths flagged by WAF, and multiple critical security alerts including 'BOT...
|
2026-02-03 11:57:00
|
1
|
US
|
AS9009
|
['akamai.darcherif.fr']
|
['assets/mail/contact_me.js', 'js/scripts.js', 'assets/mail/jqBootstrapValidation.js', 'https%3A/www.linkedin.com/in/startbootstrap', 'https%3A/www.facebook.com/StartBootstrap', '%23portfolio', '%23page-top', 'https%3A/www.dribble.com/startbootstrap', 'js/mpulse.js', 'https%3A/www.twitter.com/sbootstrap']
|
{"alert": ["3904005", "3904006", "3904013", "3904020", "3904042", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
2a10:3c0:4:2:1:51:0:5
|
ip
|
Extremely high percentage of detected threat requests (90.9%), all accessed paths flagged by WAF (mcp, sse), and triggered security alert '3990001'. T...
|
2026-02-03 11:36:58
|
1
|
US
|
AS21859
|
['akamai.darcherif.fr']
|
['mcp', 'sse']
|
{"alert": ["3990001"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
68.183.180.73
|
ip
|
Aggressive reconnaissance targeting sensitive files and API documentation (e.g., '.git/config', '.env', 'server-status'), all requests flagged by WAF,...
|
2026-02-03 11:06:57
|
1
|
SG
|
AS14061
|
['akamai.darcherif.fr']
|
['server-status', '.git/config', 'graphql', 'server', 'v3/api-docs', '.env', 'v2/api-docs', 'swagger/swagger-ui.html', 'webjars/swagger-ui/index.html', '.vscode/sftp.json']
|
{"alert": ["3000508", "3990011", "IPBLOCK-PENALTY-BOX"], "deny": ["LFI-ANOMALY"]}
|
1.0
|
severity: Severity.critical
|
|
167.71.175.236
|
ip
|
Aggressive reconnaissance targeting sensitive files and API documentation (e.g., '.git/config', '.env', 'server-status'), all requests flagged by WAF,...
|
2026-02-03 11:06:57
|
1
|
US
|
AS14061
|
['akamai.darcherif.fr']
|
['server-status', '.git/config', 'graphql', 'server', 'v3/api-docs', '.env', 'v2/api-docs', 'swagger/swagger-ui.html', 'webjars/swagger-ui/index.html', '.vscode/sftp.json']
|
{"alert": ["3000508", "3990011", "IPBLOCK-PENALTY-BOX"], "deny": ["LFI-ANOMALY"]}
|
1.0
|
severity: Severity.critical
|
|
104.164.126.102
|
ip
|
Extremely high ratio of detected threat requests (54 over 13), almost all accessed paths flagged by WAF, and multiple critical security alerts includi...
|
2026-02-03 11:06:57
|
1
|
US
|
AS18779
|
['akamai.darcherif.fr']
|
['assets/mail/contact_me.js', 'js/scripts.js', 'assets/mail/jqBootstrapValidation.js', 'https%3A/www.linkedin.com/in/startbootstrap', 'https%3A/www.facebook.com/StartBootstrap', '%23portfolio', '%23page-top', 'https%3A/www.dribble.com/startbootstrap', 'js/mpulse.js', 'https%3A/www.twitter.com/sbootstrap']
|
{"alert": ["3904005", "3904006", "3904013", "3904020", "3904042", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
64.227.70.2
|
ip
|
Aggressive reconnaissance targeting sensitive files and API documentation (e.g., '.git/config', '.env', 'server-status'), all requests flagged by WAF,...
|
2026-02-03 11:06:57
|
1
|
NL
|
AS14061
|
['akamai.darcherif.fr', 'www.darcherif.fr']
|
['server-status', '.git/config', 'graphql', 'server', 'v3/api-docs', '.env', 'v2/api-docs', 'swagger/swagger-ui.html', 'webjars/swagger-ui/index.html', '.vscode/sftp.json']
|
{"alert": ["3000508", "3990011", "IPBLOCK-PENALTY-BOX"], "deny": ["3990011", "IPBLOCK-PENALTY-BOX", "LFI-ANOMALY"]}
|
1.0
|
severity: Severity.critical
|
|
174.101.186.59
|
ip
|
Triggered critical WAF deny rule 'IPBLOCK-BURST4-318403', with a high percentage (36.8%) of detected threat requests and multiple paths flagged by WAF...
|
2026-02-02 19:35:36
|
1
|
US
|
AS10796
|
['', 'akamai.darcherif.fr']
|
['assets/mail/contact_me.js', 'assets/mail/jqBootstrapValidation.js', 'js/scripts.js', 'assets/img/portfolio/submarine.png', 'assets/img/portfolio/safe.png']
|
{"alert": [], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
2600:382:37f8:bba8:c8a0:48e5:1cb1:a2f1
|
ip
|
Triggered critical WAF deny rule 'IPBLOCK-BURST4-318403', indicating malicious activity despite a lower percentage of detected threat requests.
|
2026-02-02 19:35:36
|
1
|
US
|
AS7018
|
['', 'akamai.darcherif.fr']
|
['favicon.ico']
|
{"alert": [], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
2a10:3c0:100:0:1:1:0:5
|
ip
|
Extremely high ratio of detected threat requests (18 over 11 total requests), all accessed paths flagged by WAF, and multiple critical security alerts...
|
2026-02-02 19:35:36
|
1
|
US
|
AS211680
|
['akamai.darcherif.fr']
|
['', 'mcp', 'sse']
|
{"alert": ["3904000", "3904004", "3904006", "3904020", "3904036", "3904042", "3904053", "3990001", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
44.222.230.102
|
ip
|
All requests (100%) from this IP were flagged as threats, all accessed paths were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. It...
|
2026-02-02 19:05:36
|
1
|
US
|
AS14618
|
['akamai.darcherif.fr']
|
['', 'favicon.png', 'favicon.ico']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
2a00:f2a0:0:f783::100
|
ip
|
High ratio of detected threat requests (~85.7%), the root path was flagged by WAF, and multiple critical security alerts including 'BOT-BROWSER-IMPERS...
|
2026-02-02 18:05:34
|
1
|
RU
|
AS12555
|
['www.darcherif.fr', 'akamai.darcherif.fr']
|
['']
|
{"alert": ["3904004", "3904006", "3904020", "3904042", "3904052", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
104.211.72.80
|
ip
|
IP belongs to AS8075, which is blocklisted for persistent malicious activity, and accessed suspicious PHP files consistent with prior attacks from thi...
|
2026-02-02 17:55:38
|
1
|
IN
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
136.114.98.158
|
ip
|
Extensive WordPress enumeration and bot impersonation attempts detected, with a very high number of detected threat requests (95 over 31 requests), al...
|
2026-02-02 09:04:40
|
1
|
US
|
AS396982
|
['akamai.darcherif.fr']
|
['wp1/wp-includes/wlwmanifest.xml', '2018/wp-includes/wlwmanifest.xml', 'wordpress/wp-includes/wlwmanifest.xml', 'news/wp-includes/wlwmanifest.xml', 'media/wp-includes/wlwmanifest.xml', 'sito/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": ["3904003", "3904006", "3904013", "3904020", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
109.105.210.88
|
ip
|
Extremely high number of detected threat requests (42 over 5 requests), all accessed sensitive paths flagged by WAF, and multiple critical security al...
|
2026-02-02 06:14:27
|
1
|
US
|
AS21859
|
['akamai.darcherif.fr']
|
['', 'login.do', 'aspera/faspex/', 'console']
|
{"alert": ["3904000", "3904004", "3904006", "3904013", "3904020", "3904036", "3904042", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
20.89.56.154
|
ip
|
Extremely high number of detected threat requests (478 over 74 requests), almost all accessed paths flagged by WAF, and multiple critical security ale...
|
2026-02-02 04:54:23
|
1
|
JP
|
AS8075
|
['akamai.darcherif.fr']
|
['lkj.php', 'co.php', 'wefile.php', 'classwithtostring.php', 'wp-includes/images/wp-login.php', 'obfuscate.php', 'img.php', '.well-known/index.php', 'tool.php', 'vx.php']
|
{"alert": ["3904001", "3904002", "3904003", "3904004", "3904006", "3904013", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
4.213.174.69
|
ip
|
Extremely high ratio of detected threat requests (1349/254), all accessed suspicious PHP and WordPress admin paths flagged by WAF, triggered multiple ...
|
2026-02-02 03:04:06
|
1
|
IN
|
AS8075
|
['akamai.darcherif.fr']
|
['server.php', 'bs2.php', 'sx.php', 'wp-load.php', 'yr.PHP', 'function.php', 'okxh.php', 'wp-admin/maint/admin.php', 'zwso.php', 'x.php']
|
{"alert": ["3904001", "3904002", "3904003", "3904004", "3904006", "3904013", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
185.177.72.22
|
ip
|
Extremely high ratio of detected threat requests (1643/1625), all accessed paths flagged by WAF, and multiple critical security deny rules triggered (...
|
2026-02-01 17:13:23
|
1
|
FR
|
AS211590
|
['www.darcherif.fr']
|
['api/files.remote.share', 'vendor/drupal/coder/.git/objects/info', 'phpinfomolten.php', 'config/env/sendgrid_keys.env', '.aws/secrets/', 'sendgrid.env', 'swagger/', 'actuator/', 'boxes/oracle-vagrant-boxes/ContainerRegistry/.env', 'default/.env']
|
{"alert": ["3000126", "3000508", "950203"], "deny": ["IPBLOCK-BURST4-128987", "IPBLOCK-SUMMARY8-128987", "LFI-ANOMALY", "REP_1654536"]}
|
1.0
|
severity: Severity.critical
|
|
4.241.184.25
|
ip
|
All requests (100%) from this IP were detected as threats, all accessed suspicious PHP and WordPress admin paths were flagged by WAF, and a critical '...
|
2026-02-01 13:12:49
|
1
|
JP
|
AS8075
|
['akamai.darcherif.fr']
|
['db.php', '.cache/x.php', 'wp-includes/blocks/', '.trash7309/f/', 'WordPress/x/', 'admin/function.php', 'doc.php', 'zwso.php', 'ahax.php', 'x.php']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
45.156.87.17
|
ip
|
IP is performing WordPress brute-force attempts targeting 'wp-login.php', with 50% threat requests and triggered WAF alert '3900998'. Its associated A...
|
2026-02-01 11:02:41
|
1
|
NL
|
AS51396
|
['www.darcherif.fr']
|
['wp-login.php']
|
{"alert": ["3900998"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
149.56.150.84
|
ip
|
All requests (100%) from this IP were detected as threats and flagged by WAF, triggering security alert '3991017'. Its associated ASN (AS16276) is alr...
|
2026-01-31 20:41:44
|
1
|
CA
|
AS16276
|
['www.darcherif.fr']
|
['ads.txt', 'index.php/2023/04/27/ddos-what-is-it-how-does-it-work-and-how-to-be-protected/', '.well-known/security.txt', 'index.php/author/admin3157/', 'security.txt', 'llms.txt', 'index.php/category/cybersecurity/', 'index.php/2020/01/24/industry-4-0-threat-landscape/', 'sitemap.xml', 'index.php/2020/01/24/industry-4-0-corrupted-smart-factories-examples/']
|
{"alert": ["3991017"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
149.56.160.146
|
ip
|
High percentage of detected threat requests (~88.89%) and almost all accessed paths flagged by WAF, including a highly obfuscated suspicious path, tri...
|
2026-01-31 20:41:44
|
1
|
CA
|
AS16276
|
['', 'www.darcherif.fr']
|
['wp-content/themes/highlight/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-content/themes/highlight/assets/js/theme-child.js', 'wp-includes/js/imagesloaded.min.js', 'wp-content/themes/mesmerize/assets/css/theme.bundle.min.css', 'wp-content/uploads/2020/05/ConferenceIndiaCropped.png', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/themes/highlight/assets/images/hero-2.jpg', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css', 'wp-content/uploads/2020/01/Czech-Republic-operation-Temelin-Nuclear-Power-Plant-2003-1024x669.jpg']
|
{"alert": ["3991017"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
141.98.10.134
|
ip
|
IP 141.98.10.134 is performing WordPress enumeration attempts against 'index.php/author/admin3157/', detected by WAF alert '3900998'. Its associated A...
|
2026-01-30 10:48:16
|
1
|
LT
|
AS209605
|
['www.darcherif.fr']
|
['']
|
{"alert": ["3900998"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
205.169.39.53
|
ip
|
Triggered critical WAF deny rule 'IPBLOCK-BURST4-318403', detected threat requests (5/19), accessed a suspicious path ('assets/e8318ad247f4935a64a6053...
|
2026-01-30 08:07:56
|
1
|
US
|
AS3356
|
['', 'akamai.darcherif.fr']
|
['assets/mail/contact_me.js', 'assets/mail/jqBootstrapValidation.js', 'js/scripts.js', 'assets/img/portfolio/submarine.png', 'assets/img/portfolio/safe.png']
|
{"alert": [], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
101.36.118.228
|
ip
|
Extremely high number of detected threat events (28 over 9 requests), all accessed paths flagged by WAF, and multiple critical security alerts includi...
|
2026-01-30 06:47:44
|
1
|
HK
|
AS135377
|
['akamai.darcherif.fr']
|
['', 'js/scripts.js', 'js/mpulse.js', 'assets/mail/jqBootstrapValidation.js']
|
{"alert": ["3904003", "3904005", "3904006", "3904007", "3904020", "3904036", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
152.32.131.118
|
ip
|
Extremely high number of detected threat events (16 over 5 requests), all accessed paths flagged by WAF, and multiple critical security alerts includi...
|
2026-01-30 06:47:44
|
1
|
HK
|
AS135377
|
['akamai.darcherif.fr']
|
['', 'assets/mail/jqBootstrapValidation.js', 'js/mpulse.js', 'js/scripts.js']
|
{"alert": ["3904003", "3904005", "3904006", "3904036", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
51.79.137.237
|
ip
|
All requests (100%) from this IP were detected as threats, targeting WordPress enumeration paths like 'wlwmanifest.xml' and 'xmlrpc.php', and triggere...
|
2026-01-29 02:45:00
|
1
|
SG
|
AS16276
|
['www.darcherif.fr']
|
['blog/wp-includes/wlwmanifest.xml', 'wp/wp-includes/wlwmanifest.xml', 'cms/wp-includes/wlwmanifest.xml', 'wp1/wp-includes/wlwmanifest.xml', 'wp-includes/wlwmanifest.xml', 'web/wp-includes/wlwmanifest.xml', 'website/wp-includes/wlwmanifest.xml', 'xmlrpc.php', 'news/wp-includes/wlwmanifest.xml', 'test/wp-includes/wlwmanifest.xml']
|
{"alert": [], "deny": ["REP_1654538"]}
|
1.0
|
severity: Severity.critical
|
|
146.19.24.116
|
ip
|
All requests (100%) from this IP were detected as threats and flagged by WAF, triggering security alert '3990001'. Its associated ASN (AS201814) is al...
|
2026-01-28 21:24:39
|
1
|
PL
|
AS201814
|
['akamai.darcherif.fr']
|
['', 'assets/mail/contact_me.js', 'js/scripts.js', 'js/mpulse.js']
|
{"alert": ["3990001"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
104.210.140.139
|
ip
|
All requests (100%) from this IP were detected as threats, the accessed path 'robots.txt' was flagged by WAF, and a critical 'IPBLOCK' deny rule was t...
|
2026-01-28 21:04:36
|
1
|
US
|
AS8075
|
['akamai.darcherif.fr', 'www.darcherif.fr']
|
['robots.txt']
|
{"alert": ["3991023"], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
64.225.8.2
|
ip
|
IP 64.225.8.2 is attempting local file inclusion by accessing sensitive '.env' files, triggering critical WAF deny rules (LFI-ANOMALY, REP_1654536), a...
|
2026-01-28 20:54:43
|
1
|
US
|
AS14061
|
['www.darcherif.fr']
|
['', '.env']
|
{"alert": ["3000508"], "deny": ["LFI-ANOMALY", "REP_1654536"]}
|
1.0
|
severity: Severity.critical
|
|
66.249.66.11
|
ip
|
All requests (100%) from this IP were detected as threats, all accessed paths were flagged by WAF, and security alert '3991006' was triggered. Its ass...
|
2026-01-28 20:44:40
|
1
|
US
|
AS15169
|
['www.darcherif.fr']
|
['', 'wp-content/themes/highlight/customizer/sections/content.css', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/themes/highlight/style.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css', 'wp-content/themes/highlight/assets/js/theme-child.js']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
66.249.66.165
|
ip
|
All requests (100%) from this IP were detected as threats, all accessed paths were flagged by WAF, and security alert '3991006' was triggered. Its ass...
|
2026-01-28 20:44:40
|
1
|
US
|
AS15169
|
['www.darcherif.fr']
|
['', 'wp-content/themes/highlight/customizer/sections/content.css', 'wp-includes/js/imagesloaded.min.js', 'wp-content/themes/mesmerize/assets/css/theme.bundle.min.css', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/js/companion.bundle.min.js', 'wp-content/themes/highlight/style.min.css', 'wp-content/themes/highlight/assets/js/theme-child.js']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
66.249.66.74
|
ip
|
All requests (100%) from this IP were detected as threats, all accessed paths were flagged by WAF, and security alert '3991006' was triggered. Its ass...
|
2026-01-28 20:44:40
|
1
|
US
|
AS15169
|
['www.darcherif.fr']
|
['wp-content/themes/mesmerize/assets/css/theme.bundle.min.css', 'wp-includes/js/wp-emoji-release.min.js', 'wp-includes/js/jquery/jquery.min.js', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/js/companion.bundle.min.js', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'wp-content/themes/mesmerize/style.min.css', 'wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css', 'wp-includes/js/jquery/jquery-migrate.min.js', 'wp-includes/css/dist/block-library/style.min.css', 'wp-content/themes/highlight/assets/js/theme-child.js']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
20.214.153.76
|
ip
|
IP belongs to blocklisted ASN AS8075, known for persistent malicious activity, and is probing suspicious PHP and WordPress paths, consistent with othe...
|
2026-01-28 13:24:18
|
1
|
KR
|
AS8075
|
['www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
46.29.238.105
|
ip
|
Accessed a highly obfuscated and suspicious path (rNiTG/9Z/...), consistent with other blocklisted IPs exhibiting similar malicious probing for exploi...
|
2026-01-28 12:24:09
|
1
|
NO
|
AS215540
|
['', 'www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.8999999761581421
|
severity: Severity.critical
|
|
129.204.130.14
|
ip
|
Extremely high ratio of detected threat requests (81 for 9 total requests), all accessed paths were flagged by WAF, and multiple critical security ale...
|
2026-01-28 12:14:14
|
1
|
CN
|
AS45090
|
['akamai.darcherif.fr']
|
['', 'index.php', 'wp-json/', 'wp-json/wc/v3', 'magento_version', 'admin/']
|
{"alert": ["3904000", "3904001", "3904004", "3904006", "3904013", "3904020", "3904052", "3904053", "BOT-BROWSER-IMPERSONATOR"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
3.128.33.89
|
ip
|
All requests (100%) from this IP were detected as threats, all accessed paths were flagged by WAF, and a critical 'IPBLOCK' deny rule was triggered. I...
|
2026-01-28 12:04:06
|
1
|
US
|
AS16509
|
['akamai.darcherif.fr']
|
['', 'apps', '_next/data', 'api/actions', 'api/action']
|
{"alert": [], "deny": ["IPBLOCK"]}
|
1.0
|
severity: Severity.critical
|
|
161.118.211.239
|
ip
|
Actively targeting sensitive WordPress admin and login paths, all requests flagged by WAF with multiple security alerts (including 'BOT-BROWSER-IMPERS...
|
2026-01-28 07:23:46
|
1
|
SG
|
AS31898
|
['akamai.darcherif.fr']
|
['', 'login', 'wp-admin/', 'admin', 'administrator/', 'register', 'wp-login.php', 'user/login']
|
{"alert": ["3904000", "3904001", "3904004", "3904006", "3904013", "3904023", "3904052", "3904053", "3990001", "BOT-BROWSER-IMPERSONATOR"], "deny": ["IPBLOCK-BURST4-318403"]}
|
1.0
|
severity: Severity.critical
|
|
37.77.150.124
|
ip
|
All requests (100%) from this IP targeted known WordPress exploit paths ('xmlrpc.php', 'wp-login.php') and triggered multiple critical WAF deny rules ...
|
2026-01-27 11:52:32
|
1
|
RU
|
AS198953
|
['www.darcherif.fr']
|
['xmlrpc.php', 'wp-login.php']
|
{"alert": ["3000136", "961912"], "deny": ["IPBLOCK-PENALTY-BOX", "PLATFORM-ANOMALY", "POLICY-ANOMALY"]}
|
1.0
|
severity: Severity.critical
|
|
96.41.38.202
|
ip
|
Detected threat requests, WAF flagged suspicious path, and triggered security alert indicate active malicious activity.
|
2026-01-27 09:02:27
|
1
|
N/A
|
N/A
|
[]
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
91.98.176.9
|
ip
|
Detected threat requests, WAF flagged suspicious path, and triggered security alert indicate active malicious activity.
|
2026-01-27 09:02:27
|
1
|
N/A
|
N/A
|
[]
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7e19BE7A78618186D4
|
tls
|
Detected threat requests, WAF flagged suspicious path, and triggered security alert indicate active malicious activity, correlated with another malici...
|
2026-01-27 09:02:27
|
1
|
N/A
|
N/A
|
[]
|
[]
|
{"alert": [], "deny": []}
|
0.9800000190734863
|
severity: Severity.critical
|
|
185.177.72.56
|
ip
|
This IP has a 100% threat request rate, triggered a critical reputation-based WAF deny rule (REP_1654536), and belongs to ASN AS211590, which is alrea...
|
2026-01-26 21:31:27
|
1
|
FR
|
AS211590
|
['www.darcherif.fr']
|
['']
|
{"alert": [], "deny": ["REP_1654536"]}
|
1.0
|
severity: Severity.critical
|
|
205.169.39.20
|
ip
|
IP is part of blocklisted ASN AS3356, which has a history of widespread and persistent malicious activity from multiple IPs, warranting blocking of al...
|
2026-01-26 19:21:29
|
1
|
US
|
AS3356
|
['', 'www.darcherif.fr']
|
[]
|
{"alert": [], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
160.30.137.9
|
ip
|
Actively probing WordPress admin and login paths, with WAF alert 3900998 triggered, indicative of brute-force attempts, and originating from a high-ri...
|
2026-01-26 18:01:19
|
1
|
VN
|
AS150895
|
['www.darcherif.fr']
|
['', 'wp-json/wp/v2/users']
|
{"alert": ["3900998"], "deny": []}
|
0.949999988079071
|
severity: Severity.critical
|
|
185.177.72.52
|
ip
|
Aggressively probed highly sensitive configuration, credential, and exploit paths with all requests flagged by WAF, triggered multiple critical LFI, I...
|
2026-01-26 16:21:05
|
1
|
FR
|
AS211590
|
['www.darcherif.fr']
|
['api/files.remote.share', 'vendor/drupal/coder/.git/objects/info', 'phpinfomolten.php', 'config/env/sendgrid_keys.env', '.aws/secrets/', 'sendgrid.env', 'swagger/', 'actuator/', 'boxes/oracle-vagrant-boxes/ContainerRegistry/.env', 'default/.env']
|
{"alert": ["3000126", "3000508", "950203"], "deny": ["IPBLOCK-BURST4-128987", "LFI-ANOMALY", "REP_1654536"]}
|
1.0
|
severity: Severity.critical
|
|
157.55.39.203
|
ip
|
All requests (100%) from this IP were detected as threats, all accessed paths were flagged by WAF, and triggered security alert '3991006'. Its associa...
|
2026-01-26 13:10:56
|
1
|
US
|
AS8075
|
['www.darcherif.fr']
|
['wp-includes/js/wp-emoji-release.min.js', 'wp-includes/js/jquery/jquery.min.js', 'wp-content/themes/mesmerize/assets/js/theme.bundle.min.js', 'index.php/2020/01/22/industry-4-0-concept-threat-landscape-and-security-challenges-of-smart-factories/', 'wp-content/themes/mesmerize/style.min.css', 'wp-content/themes/highlight/style.min.css']
|
{"alert": ["3991006"], "deny": []}
|
1.0
|
severity: Severity.critical
|
|
34.116.135.1
|
ip
|
IP showed detected threat requests, a WAF flagged path, triggered a security alert, and its associated ASN AS396982 is already blocklisted for extensi...
|
2026-01-26 07:50:36
|
1
|
PL
|
AS396982
|
['', 'www.darcherif.fr']
|
['akam/13/pixel_5abb1b71']
|
{"alert": ["3910002"], "deny": []}
|
1.0
|
severity: Severity.critical
|