|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 22:27:29
|
ignore
|
No suspicious activity detected. Traffic patterns are normal, no WAF flags or security rule hits observed. Entity is not malicious.
|
1.0
|
severity: Severity.low
|
|
43.133.220.37
|
ip
|
2026-02-23 22:27:29
|
ignore
|
No suspicious activity detected. Accessed paths are common for web browsing, no WAF flags or security rule hits observed. Entity is not malicious.
|
1.0
|
severity: Severity.low
|
|
20.89.58.48
|
ip
|
2026-02-23 21:37:08
|
block
|
Engaged in highly malicious activity, with all accessed paths flagged by WAF, numerous detected threat requests, and triggered WAF deny rules including IP blocking and bot impersonation.
|
1.0
|
severity: Severity.critical
|
|
20.78.146.86
|
ip
|
2026-02-23 21:37:08
|
block
|
Accessed suspicious PHP files and WordPress plugin directories commonly used in exploit attempts and reconnaissance, indicating malicious intent despite no direct WAF hits.
|
0.800000011920929
|
severity: Severity.critical
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 21:37:08
|
ignore
|
Only requested 'favicon.ico' with very few total requests, no detected threats, and no WAF rule hits, indicating normal benign browsing.
|
0.949999988079071
|
severity: Severity.low
|
|
43.133.220.37
|
ip
|
2026-02-23 21:37:08
|
ignore
|
Made very few requests to standard website paths (root and a blog post) with no detected threats or WAF rule hits, indicating benign user activity.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 19:56:37
|
ignore
|
Entity shows no detected threat requests, WAF flags, or security rule hits. Only accessed a common favicon.ico. No evidence of malicious activity found.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 17:36:03
|
ignore
|
No malicious activity detected. Entity accessed only favicon.ico, no WAF flags, security rule hits, or detected threat requests. Total requests are minimal.
|
1.0
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 16:55:46
|
ignore
|
Entity shows no signs of malicious activity. Only 5 requests made, all to 'favicon.ico'. No WAF flags or security rule hits reported. Associated with Akamai CDN.
|
1.0
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 13:55:06
|
ignore
|
No malicious activity detected; accessed standard website resources without triggering any WAF rules or threat detections.
|
0.8999999761581421
|
severity: Severity.low
|
|
20.100.195.34
|
ip
|
2026-02-23 13:55:06
|
block
|
Engaged in highly suspicious activity, attempting to access multiple potentially vulnerable PHP files. All requests were flagged as threats by the WAF and subsequently denied by an IP block rule.
|
1.0
|
severity: Severity.critical
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 13:55:06
|
ignore
|
Only accessed the favicon.ico file; no malicious activity or security alerts were detected.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 11:44:35
|
ignore
|
No malicious activity detected; observed standard website access patterns, no WAF flags, and no security rule hits.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 11:44:35
|
ignore
|
Limited activity observed (only favicon request); no malicious indicators, WAF flags, or security rule hits.
|
0.8999999761581421
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 11:34:21
|
ignore
|
Analyzed IP shows no detected threat requests, WAF flags, or security rule hits. Accessed common WordPress files consistent with benign website interaction.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 11:34:21
|
ignore
|
Only accessed favicon.ico; no malicious activity detected, no security alerts, and very low request count, indicative of benign traffic.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 11:24:12
|
ignore
|
Analyzed access logs show no malicious activity, only requests for standard WordPress theme assets and images. No WAF flags or security rule hits were detected.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 11:24:12
|
ignore
|
Only a single request for 'favicon.ico' observed. No suspicious activity, WAF flags, or security rule hits. Hostname 'akamai.darcherif.fr' suggests legitimate CDN traffic.
|
0.9800000190734863
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 11:14:01
|
ignore
|
No malicious activity detected; accessed standard WordPress paths; no WAF flags or security rule hits.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 11:14:01
|
ignore
|
Minimal and benign activity (favicon.ico request); no malicious indicators; associated with CDN.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 11:03:53
|
ignore
|
No malicious activity detected; accessed standard WordPress files without triggering any security alerts or WAF flags. Traffic pattern consistent with benign web crawling or user activity.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 11:03:53
|
ignore
|
No malicious activity detected; only accessed 'favicon.ico' and no security rules were hit. Hostname indicates traffic through Akamai, suggesting benign CDN activity or a standard browser request.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 10:53:46
|
ignore
|
No detected threats, WAF flags, or suspicious activity. Standard website access patterns observed for a WordPress site.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 10:53:46
|
ignore
|
Accessing only favicon.ico via Akamai CDN. No suspicious activity detected.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 10:43:35
|
ignore
|
No malicious activity detected. All accessed paths are common for a WordPress site, no WAF flags, and no security rule hits.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 10:43:35
|
ignore
|
No malicious activity detected. Accessing only 'favicon.ico' via a legitimate Akamai hostname, no WAF flags, and no security rule hits.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 10:33:27
|
ignore
|
No malicious activity, WAF flags, or security rule hits detected. Appears to be normal website access.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 10:33:27
|
ignore
|
Legitimate Akamai CDN traffic accessing basic site files. No malicious indicators found.
|
0.8999999761581421
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 10:23:17
|
ignore
|
No malicious activity detected. Accessing typical WordPress files; no WAF flags or security alerts. Not currently on watchlist but no reason to add.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 10:23:17
|
ignore
|
Minimal activity (favicon request) with no malicious indicators, WAF flags, or security alerts. Appears to be a benign Akamai CDN request. Not currently on watchlist but no reason to add.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 10:13:07
|
ignore
|
No malicious activity detected. Entity is accessing common WordPress files and there are no WAF flags or security rule hits.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 10:13:07
|
ignore
|
Minimal requests (5 total), only accessed favicon.ico. No malicious activity detected, no WAF flags or security rule hits.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 10:03:00
|
ignore
|
Analysis shows no detected threat requests, WAF flags, or security rule hits. Observed activity is consistent with normal web browsing or benign crawling of a WordPress site.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 10:03:00
|
ignore
|
Only benign activity detected (favicon request). No threat requests, WAF flags, or security rule hits observed.
|
0.9800000190734863
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 09:52:49
|
ignore
|
No malicious activity detected; accessed standard WordPress paths without triggering security alerts or WAF flags. Likely benign web traffic.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 09:52:49
|
ignore
|
Accessed only favicon.ico, which is common and benign browser or CDN activity. No detected threats or security alerts.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 09:42:40
|
ignore
|
No suspicious activity detected. This IP address accessed typical website resources (WordPress files, images) with no WAF flags, detected threat requests, or security rule hits. Appears to be a legitimate user or bot accessing a website.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 09:42:40
|
ignore
|
No suspicious activity detected. This IPv6 address made a minimal number of requests (5 total), only accessing 'favicon.ico', with no WAF flags, detected threat requests, or security rule hits. Appears to be benign activity.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 09:32:31
|
ignore
|
No WAF flags, no detected threat requests, and no security rule hits. The accessed paths are typical for a regular user browsing a WordPress site. The existing AI confidence score of 0.6 and low severity are not substantiated by any malicious activity in the provided data.
|
0.800000011920929
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 09:32:31
|
ignore
|
Only accessed 'favicon.ico', which is a benign and common request. No WAF flags, no detected threat requests, and no security rule hits. The existing AI confidence score is very low (0.1), supporting removal from the watchlist.
|
0.8999999761581421
|
severity: Severity.low
|
|
3%7eeebdc6ca9733c8c8
|
tls
|
2026-02-23 09:32:31
|
block
|
TLS certificate associated with numerous WAF-flagged paths, including '.git/', indicating potential source code exposure attempts. High number of detected threat requests (43 vs 19 total requests) and hits on critical security rules such as 'SQL-INJECTION-ANOMALY' and 'IPBLOCK-PENALTY-BOX'.
|
0.949999988079071
|
severity: Severity.critical
|
|
173.211.0.229
|
ip
|
2026-02-23 09:02:14
|
watchlist
|
Accessed domain 'darcherif.fr' with similar 'akam' path pattern as a flagged IP in watchlist. Monitoring initiated due to contextual link to suspicious activity.
|
0.6000000238418579
|
severity: Severity.low
|
|
199.127.56.236
|
ip
|
2026-02-23 09:02:14
|
block
|
WAF flagged suspicious 'akam' path, security rule 3910001 triggered, and accessed a highly obfuscated/suspicious path. Clear indicators of malicious activity.
|
0.949999988079071
|
severity: Severity.critical
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 09:02:14
|
watchlist
|
Minimal benign activity (favicon.ico request) on a subdomain ('akamai.darcherif.fr') related to a domain ('darcherif.fr') that has shown suspicious activity from other IPs. Low confidence, but monitoring initiated for completeness.
|
0.10000000149011612
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 08:51:55
|
ignore
|
No new detected threats or WAF flags in recent activity, despite prior watchlist entry.
|
0.8999999761581421
|
severity: Severity.low
|
|
199.127.56.236
|
ip
|
2026-02-23 08:51:55
|
watchlist
|
One flagged request and a WAF alert, requiring further investigation.
|
0.699999988079071
|
severity: Severity.low
|
|
2a09:bac5:cad2:1541::21e:163
|
ip
|
2026-02-23 08:51:55
|
block
|
All requests flagged by WAF as threats, indicating active malicious activity likely web shell or backdoor attempts.
|
0.949999988079071
|
severity: Severity.critical
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 08:51:55
|
ignore
|
No detected threats, WAF flags, or security rule hits. Only accessed favicon.ico.
|
0.9900000095367432
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 08:41:47
|
watchlist
|
Accessed multiple WordPress-related paths (22 requests) without explicit threat detections; activity could indicate reconnaissance or probing.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 08:41:47
|
ignore
|
Extremely low and benign activity (5 requests for favicon.ico); no threat indicators observed.
|
0.949999988079071
|
severity: Severity.low
|