|
173.211.0.229
|
ip
|
2026-02-22 09:33:51
|
ignore
|
No detected threat requests, WAF flags, or security rule hits. Accessed common WordPress paths indicative of normal web browsing.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 09:33:51
|
ignore
|
No detected threat requests, WAF flags, or security rule hits. Only requested favicon.ico, typical of harmless bot or browser activity.
|
0.9800000190734863
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 09:23:40
|
ignore
|
No suspicious activity detected. The IP address accessed common WordPress files and images on a legitimate domain. There were no WAF flags, detected threat requests, or security rule hits.
|
1.0
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 09:23:40
|
ignore
|
No suspicious activity detected. The IP address accessed a common static file (favicon.ico) on an Akamai-hosted subdomain. There were no WAF flags, detected threat requests, or security rule hits.
|
1.0
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 09:13:31
|
ignore
|
Normal web traffic patterns accessing WordPress resources; no suspicious activity, WAF flags, or security rule hits detected. Entity appears benign.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 09:13:31
|
ignore
|
Minimal and benign web traffic for favicon on an Akamai-hosted domain; no suspicious activity, WAF flags, or security rule hits detected. Entity appears benign.
|
0.8999999761581421
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 09:03:21
|
ignore
|
No malicious activity detected. This IP is accessing standard WordPress resources without triggering any WAF flags or security rules. Total requests are low and benign.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 09:03:21
|
ignore
|
No malicious activity detected. This IPv6 address made a minimal number of requests for a common resource (favicon.ico) and did not trigger any security alerts. Hostname suggests a CDN association.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 08:53:14
|
ignore
|
Benign WordPress access, no suspicious activity, WAF flags, or security rule hits detected. Entity not currently in watchlist.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 08:53:14
|
ignore
|
Minimal activity (favicon.ico access) and no suspicious indicators, WAF flags, or security rule hits detected. Entity not currently in watchlist.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 08:43:02
|
ignore
|
No suspicious activity detected; IP accessed standard WordPress website resources without triggering any WAF or security alerts.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 08:43:02
|
ignore
|
No suspicious activity detected; IP accessed only favicon.ico and did not trigger any WAF or security alerts.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 08:32:51
|
ignore
|
Benign web traffic observed for WordPress assets and Akamai pixel. No detected threats, WAF flags, or security rule hits.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 08:32:51
|
ignore
|
Benign web traffic observed for favicon. No detected threats, WAF flags, or security rule hits.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 08:22:38
|
ignore
|
Normal website access patterns, no detected threats, WAF flags, or security rule hits. Behavior is benign.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 08:22:38
|
ignore
|
Minimal and benign access (favicon.ico), no detected threats, WAF flags, or security rule hits. Behavior is benign.
|
0.8999999761581421
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 08:12:27
|
ignore
|
No suspicious activity detected. IP address accessed common WordPress resources (CSS, JS, images) for a legitimate hostname (www.darcherif.fr) with no WAF flags, security rule hits, or detected threats. Activity is benign.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 08:12:27
|
ignore
|
Minimal and legitimate activity (5 requests, only for favicon.ico) through a known CDN (Akamai) for a legitimate hostname. No detected threats, WAF flags, or security rule hits. Activity is benign.
|
0.9800000190734863
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 08:02:19
|
ignore
|
Legitimate WordPress site access, no malicious indicators detected.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 08:02:19
|
ignore
|
Minimal, benign access to favicon.ico via Akamai, no malicious indicators.
|
0.8999999761581421
|
severity: Severity.low
|
|
52.141.18.191
|
ip
|
2026-02-22 08:02:19
|
block
|
Attempted access to common exploit paths and directories (e.g., cgi-bin/, suspicious PHP files like ioxi-o.php, chosen.php, sf.php, and non-existent WordPress plugin paths), indicating vulnerability scanning or exploitation attempts.
|
0.949999988079071
|
severity: Severity.critical
|
|
173.211.0.229
|
ip
|
2026-02-22 06:51:59
|
ignore
|
No malicious activity detected; observed normal web traffic patterns, including WordPress resource access, without any WAF flags or security rule hits.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 06:51:59
|
ignore
|
No malicious activity detected; observed only favicon access, likely a legitimate crawler, Akamai CDN interaction, or benign scanner.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 05:11:32
|
ignore
|
Accessed standard website resources without triggering security alerts or showing any malicious indicators.
|
0.8999999761581421
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 05:11:32
|
ignore
|
Only accessed favicon.ico; no malicious activity detected.
|
0.949999988079071
|
severity: Severity.low
|
|
47.128.35.25
|
ip
|
2026-02-22 05:11:32
|
block
|
All requests (9 out of 9) were flagged by the WAF and detected as threats (WAF rule 3991023 alerted), indicating highly suspicious or malicious automated activity.
|
0.949999988079071
|
severity: Severity.critical
|
|
173.211.0.229
|
ip
|
2026-02-22 01:10:34
|
ignore
|
No malicious activity detected. Entity exhibited normal website browsing behavior, accessing standard WordPress files without triggering any WAF or security rule alerts.
|
1.0
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 01:10:34
|
ignore
|
No malicious activity detected. Entity only accessed the favicon.ico file, indicating benign or automated access, without triggering any security alerts.
|
1.0
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-22 00:30:18
|
ignore
|
No malicious activity or suspicious patterns detected; access logs show normal website resource loading.
|
0.949999988079071
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-22 00:30:18
|
ignore
|
Limited activity to favicon.ico; no malicious or suspicious behavior observed.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-21 22:49:54
|
ignore
|
No suspicious activity detected. All accessed paths are typical for website browsing, and no WAF flags or threat requests were recorded.
|
0.8999999761581421
|
severity: Severity.low
|
|
216.73.216.154
|
ip
|
2026-02-21 22:49:54
|
block
|
Accessed highly suspicious and obfuscated paths, triggered WAF alerts, and has a high ratio of detected threat requests, indicating potential malicious probing or exploitation attempts.
|
0.949999988079071
|
severity: Severity.critical
|
|
2a10:3c0:101:0:1:42:0:5
|
ip
|
2026-02-21 22:49:54
|
block
|
All accessed paths were flagged by WAF, an extremely high number of detected threat requests (more than total requests), and multiple WAF alerts including 'BOT-BROWSER-IMPERSONATOR', strongly indicating malicious bot activity or attempted exploitation.
|
0.9800000190734863
|
severity: Severity.critical
|
|
2a10:3c0:101:0:1:42:0:3
|
ip
|
2026-02-21 22:49:54
|
ignore
|
Only accessed a standard favicon.ico file. No suspicious activity detected, no WAF flags, and no threat requests.
|
0.8999999761581421
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-21 17:38:42
|
ignore
|
No security rule hits, WAF flags, or detected threat requests. Accessed paths are common WordPress components, and activity appears benign based on the provided logs.
|
0.8999999761581421
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-21 17:28:32
|
ignore
|
No malicious activity detected. Accesses to standard WordPress paths. No WAF flags, security rule hits, or detected threat requests.
|
1.0
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-21 17:18:25
|
ignore
|
No detected threat requests, WAF flags, or security rule hits. Appears to be normal web browsing activity.
|
1.0
|
severity: Severity.low
|
|
66.249.66.12
|
ip
|
2026-02-21 17:18:25
|
block
|
All requests (10 out of 10) were detected as threats, flagged by WAF, and triggered a security alert (3991006). This indicates active malicious activity.
|
1.0
|
severity: Severity.critical
|
|
173.211.0.229
|
ip
|
2026-02-21 17:08:20
|
ignore
|
Analysis revealed no malicious activity, WAF flags, or security rule hits. All accessed paths are consistent with benign WordPress site browsing. Associated hostname 'www.darcherif.fr' appears legitimate.
|
0.9900000095367432
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-21 16:58:09
|
ignore
|
No malicious indicators detected. Activity consists of standard WordPress asset requests without WAF flags, security rule hits, or identified threat requests. Associated hostname 'www.darcherif.fr' appears legitimate.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-21 16:47:58
|
ignore
|
No malicious activity detected. All requests were for standard WordPress resources, no WAF flags, no detected threats, and no security rule hits. Associated hostname 'www.darcherif.fr' appears legitimate. The future 'last_seen' date is an anomaly but does not indicate malicious intent given the lack of other threat indicators.
|
0.949999988079071
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-21 16:37:47
|
ignore
|
No malicious activity, WAF flags, or security rule hits detected. Appears to be a benign IP accessing standard website resources.
|
0.8999999761581421
|
severity: Severity.low
|
|
34.173.96.22
|
ip
|
2026-02-21 16:37:47
|
block
|
Multiple WAF alerts, including 'BOT-BROWSER-IMPERSONATOR', and denial rules ('IPBLOCK-BURST4') triggered. Repeated attempts to access 'wlwmanifest.xml' paths indicate automated enumeration or scanning activity.
|
0.9800000190734863
|
severity: Severity.critical
|
|
173.211.0.229
|
ip
|
2026-02-21 16:27:40
|
ignore
|
No suspicious activity detected; zero threat requests, no WAF flags, and access to common WordPress files. Previous AI assessment of medium severity is not supported by current data.
|
0.8999999761581421
|
severity: Severity.low
|
|
40.69.66.178
|
ip
|
2026-02-21 16:27:40
|
block
|
All requests were flagged by WAF and hit 'IPBLOCK' security rule, attempting access to known malicious paths like 'admin.php' and 'wp_filemanager.php'.
|
1.0
|
severity: Severity.critical
|
|
173.211.0.229
|
ip
|
2026-02-21 14:37:16
|
watchlist
|
The 'last_seen' timestamp for this entity (2026-02-21T12:42:52) is in the future, which is an anomalous data point that could indicate system misconfiguration or an attempt to obscure activity. While no immediate malicious activities (WAF flags, threat detections) were observed from the accessed WordPress paths, the timestamp anomaly warrants further monitoring and investigation to determine the root cause and ensure it's not indicative of a deeper issue.
|
0.699999988079071
|
severity: Severity.medium
|
|
173.211.0.229
|
ip
|
2026-02-21 14:27:01
|
ignore
|
No detected threat requests, WAF flags, or security rule hits. Access patterns are consistent with typical WordPress site interaction. The entity is not currently present in the watchlist.
|
0.8999999761581421
|
severity: Severity.low
|
|
173.211.0.229
|
ip
|
2026-02-21 14:16:53
|
ignore
|
No suspicious activity detected. All requests are benign, with no WAF flags or security rule hits.
|
1.0
|
severity: Severity.low
|
|
2a10:3c0:101:0:1:12:0:5
|
ip
|
2026-02-21 14:16:53
|
block
|
All requests flagged by WAF and detected as threats. High confidence in malicious activity requiring immediate blocking.
|
0.949999988079071
|
severity: Severity.critical
|
|
173.211.0.229
|
ip
|
2026-02-21 14:06:35
|
ignore
|
No suspicious activities detected; all requests are for standard website resources with no WAF rule hits or detected threats.
|
0.949999988079071
|
severity: Severity.low
|