|
173.211.0.229
|
ip
|
2026-02-23 08:31:35
|
ignore
|
No detected threat requests, WAF flags, or security rule hits. Observed activity involves common WordPress file access, indicating benign browsing or indexing.
|
1.0
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 08:31:35
|
ignore
|
Minimal activity (5 requests for favicon.ico) via Akamai CDN. No detected threats, WAF flags, or security rule hits.
|
1.0
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 08:21:22
|
ignore
|
No suspicious activity detected; traffic consists of legitimate WordPress resource requests and Akamai pixel loads.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 08:21:22
|
ignore
|
Only accessed favicon.ico; no suspicious activity or threat indicators observed.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 08:11:15
|
ignore
|
No malicious activity detected. All requests appear to be legitimate web traffic to a WordPress site, including static assets and typical site scripts. No WAF flags or security rule hits were recorded, and no threat requests were detected.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 08:11:15
|
ignore
|
No malicious activity detected. The entity made a very limited number of requests, primarily for a favicon. No WAF flags, security rule hits, or detected threat requests were observed.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 08:01:06
|
ignore
|
No suspicious activity detected. All requests are for standard website resources. No WAF flags or security rule hits.
|
1.0
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 08:01:06
|
ignore
|
No suspicious activity detected. Only requests for a favicon. No WAF flags or security rule hits.
|
1.0
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 06:30:35
|
ignore
|
No malicious activity detected; accessed common WordPress paths with no WAF flags or threat alerts. Behavior is consistent with normal website browsing.
|
1.0
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 06:30:35
|
ignore
|
Minimal activity (favicon request only), no detected threats or WAF flags. This appears to be a benign CDN-related request.
|
1.0
|
severity: Severity.low
|
|
104.210.140.137
|
ip
|
2026-02-23 05:40:19
|
block
|
All requests detected as threats; WAF flagged suspicious access to robots.txt; Security rule 3991023 hit.
|
0.949999988079071
|
severity: Severity.critical
|
|
173.211.0.229
|
ip
|
2026-02-23 05:40:19
|
ignore
|
No threats detected, no WAF flags, and no security rule hits. Activity appears to be normal website browsing.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 05:40:19
|
ignore
|
Only accessed favicon.ico; no threats detected, no WAF flags, and no security rule hits. Activity appears benign.
|
0.8999999761581421
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 04:19:57
|
ignore
|
No malicious activity detected; accessed standard WordPress resources without triggering security alerts.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 04:19:57
|
ignore
|
Minimal activity (only favicon.ico access) with no security incidents detected.
|
0.8999999761581421
|
severity: Severity.low
|
|
89.187.187.74
|
ip
|
2026-02-23 04:19:57
|
block
|
Engaged in extensive WordPress vulnerability scanning attempts (wlwmanifest.xml), triggered multiple WAF flags, identified as a bot impersonator, and was explicitly denied by security rules (IPBLOCK-BURST4).
|
0.9900000095367432
|
severity: Severity.critical
|
|
173.211.0.229
|
ip
|
2026-02-23 04:09:49
|
ignore
|
No malicious activity detected. This IP accessed static WordPress content, including themes, plugins, and uploads, without triggering any WAF flags, threat detections, or security rule hits. Behavior is consistent with benign web traffic.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-23 04:09:49
|
ignore
|
No malicious activity detected. This IPv6 address only requested 'favicon.ico' and is associated with 'akamai.darcherif.fr', suggesting it is a legitimate Akamai CDN/proxy performing benign checks. No WAF flags or threat detections.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-23 02:49:28
|
ignore
|
This IP, currently on the watchlist, showed no detected threats or WAF flags across 22 requests. The accessed paths appear legitimate for a WordPress site, and the initial AI assessment was low confidence and severity.
|
0.8500000238418579
|
severity: Severity.low
|
|
68.221.129.30
|
ip
|
2026-02-23 02:49:28
|
block
|
All 92 requests from this IP were flagged by WAF as threats and hit an IPBLOCK deny rule. The accessed paths indicate potential web shell activity or vulnerability scanning.
|
0.9800000190734863
|
severity: Severity.critical
|
|
173.211.0.229
|
ip
|
2026-02-22 23:28:45
|
watchlist
|
Accessed standard WordPress assets. No direct malicious activity observed, but the associated domain 'www.darcherif.fr' is linked to a known malicious IP in the watchlist, warranting continued observation.
|
0.5
|
severity: Severity.low
|
|
20.89.40.149
|
ip
|
2026-02-22 23:28:45
|
block
|
Engaging in highly suspicious reconnaissance and potential exploitation attempts, indicated by requests to non-standard PHP files (e.g., 'ioxi-o.php', 'chosen.php', 'sf.php'), probe for 'cgi-bin/', and unusual plugin directory access ('wp-content/plugins/WordPressCore/'). Matches previous medium severity AI assessment.
|
0.949999988079071
|
severity: Severity.critical
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 23:28:45
|
ignore
|
Only accessed 'favicon.ico' with a very low request count. No malicious activity detected, indicating benign bot or browser behavior.
|
0.8999999761581421
|
severity: Severity.low
|
|
104.46.226.22
|
ip
|
2026-02-22 22:18:19
|
block
|
100% of requests are flagged as threats and hit an IPBLOCK rule. All accessed paths are suspicious and flagged by WAF.
|
1.0
|
severity: Severity.critical
|
|
172.213.17.83
|
ip
|
2026-02-22 22:18:19
|
block
|
Extremely high number of detected threat requests (766 detected threats for 176 requests), multiple WAF alerts, IPBLOCK rule hit, and identified as a bot impersonator. All accessed paths are suspicious and flagged by WAF.
|
1.0
|
severity: Severity.critical
|
|
173.211.0.229
|
ip
|
2026-02-22 22:18:19
|
ignore
|
No detected threats, no WAF flags, and accessing common website resources. Appears to be legitimate traffic.
|
0.8999999761581421
|
severity: Severity.low
|
|
20.89.40.149
|
ip
|
2026-02-22 22:18:19
|
watchlist
|
No detected threats or WAF flags, but some accessed paths ('wp-admin/css/', 'cgi-bin/', 'wp-content/plugins/') could indicate probing or reconnaissance attempts. Requires further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 22:18:19
|
ignore
|
Very low request count (5 requests), only accessed 'favicon.ico', and no detected threats or WAF flags. Appears to be benign.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 13:26:26
|
ignore
|
No suspicious activity detected; accessing standard WordPress paths, zero threat requests or WAF flags. Behaves like normal web traffic.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 13:26:26
|
ignore
|
Minimal activity (favicon request only), no threat indicators, zero threat requests or WAF flags. Appears benign.
|
0.8999999761581421
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 11:25:54
|
ignore
|
IP shows no indicators of malicious activity; observed normal web traffic patterns to a legitimate domain.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 11:25:54
|
ignore
|
IPv6 shows no indicators of malicious activity; single request for favicon.ico to a legitimate domain's CDN.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 11:15:39
|
ignore
|
No malicious activity detected. Traffic consistent with legitimate website access to WordPress resources.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 11:15:39
|
ignore
|
Only accessed favicon.ico with a low request count. No malicious activity detected.
|
0.8999999761581421
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 11:05:29
|
ignore
|
Benign activity observed; accessed standard WordPress paths without triggering any security alerts, WAF flags, or detected threats.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 11:05:29
|
ignore
|
Benign activity observed; only accessed 'favicon.ico' with a very low request count and no security alerts or detected threats.
|
0.9800000190734863
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 10:55:17
|
ignore
|
No suspicious activity detected. Entity is accessing standard WordPress assets on a legitimate hostname (www.darcherif.fr). There are no WAF flags, detected threat requests, or security rule hits.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 10:55:17
|
ignore
|
Minimal activity observed (5 requests, primarily for favicon.ico) directed at a legitimate Akamai-hosted subdomain (akamai.darcherif.fr). No suspicious patterns, WAF flags, or threat detections.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 10:34:52
|
ignore
|
No malicious activity detected; accessed legitimate website resources without triggering any security alerts or WAF flags. Common WordPress paths accessed.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 10:34:52
|
ignore
|
Only accessed 'favicon.ico', which is a standard web resource, and showed no other suspicious activity or security alerts. Hostname suggests Akamai CDN traffic.
|
0.8999999761581421
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 10:24:43
|
ignore
|
No detected threat requests or security rule hits. All accessed paths are typical website content.
|
1.0
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 10:24:43
|
ignore
|
No detected threat requests or security rule hits. Only accessed common favicon resource with a low number of requests.
|
1.0
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 10:14:37
|
ignore
|
IP observed accessing standard website resources (WordPress files, images, CSS, JS) for 'darcherif.fr'. No detected threat requests, WAF flags, or security rule hits. Appears to be a legitimate visitor or crawler.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 10:14:37
|
ignore
|
IPv6 address observed making minimal requests (only favicon) to a legitimate domain 'akamai.darcherif.fr'. No detected threat requests, WAF flags, or security rule hits. Appears to be benign activity.
|
0.8999999761581421
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 10:04:21
|
ignore
|
No malicious activity detected; accessed standard website resources without triggering security alerts or WAF rules. Appears to be normal web traffic.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 10:04:21
|
ignore
|
No malicious activity detected; very limited benign access (favicon) without triggering security alerts or WAF rules. Likely legitimate CDN traffic from Akamai.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 09:54:13
|
ignore
|
No detected threat requests, WAF flags, or security rule hits. Accessed paths are typical for a WordPress site and do not indicate malicious activity.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 09:54:13
|
ignore
|
Very low request count (5 requests for favicon.ico) with no detected threat requests, WAF flags, or security rule hits. No malicious activity observed.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 09:44:02
|
ignore
|
No malicious activity detected; accesses common web server resources for a legitimate domain. No WAF flags, detected threat requests, or security rule hits.
|
1.0
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 09:44:02
|
ignore
|
Benign request for favicon from an Akamai-hosted subdomain of a legitimate website. No malicious indicators, WAF flags, detected threat requests, or security rule hits.
|
1.0
|
severity: Severity.low
|