|
205.169.39.16
|
ip
|
2026-03-10 10:10:37
|
ignore
|
No detected threats or WAF alerts, indicating benign activity.
|
0.9900000095367432
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 10:10:37
|
ignore
|
No detected threats or WAF alerts, indicating benign activity.
|
0.9900000095367432
|
severity: Severity.low
|
|
64.233.172.196
|
ip
|
2026-03-10 10:10:37
|
block
|
All 100% of requests triggered WAF alerts (rule 3991005), indicating malicious activity.
|
0.949999988079071
|
severity: Severity.critical
|
|
64.233.172.197
|
ip
|
2026-03-10 10:10:37
|
block
|
High percentage of requests (81.8%) flagged by WAF and access to a highly suspicious, obfuscated path.
|
0.8999999761581421
|
severity: Severity.critical
|
|
74.125.209.137
|
ip
|
2026-03-10 10:10:37
|
block
|
High percentage of requests (80%) flagged by WAF and access to a highly suspicious, obfuscated path.
|
0.8999999761581421
|
severity: Severity.critical
|
|
74.125.209.129
|
ip
|
2026-03-10 10:10:37
|
block
|
All 100% of requests triggered WAF alerts (rule 3991005), indicating malicious activity.
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7ebf5f8b11f93240e2
|
tls
|
2026-03-10 10:10:37
|
block
|
High percentage of requests (87.7%) flagged by WAF and access to a highly suspicious, obfuscated path.
|
0.949999988079071
|
severity: Severity.critical
|
|
205.169.39.16
|
ip
|
2026-03-10 09:40:12
|
ignore
|
No suspicious activity or security alerts detected during analysis. Standard WordPress paths accessed without WAF flags or security rule hits.
|
0.949999988079071
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 09:40:12
|
ignore
|
No suspicious activity or security alerts detected during analysis. Standard WordPress paths accessed without WAF flags or security rule hits.
|
0.949999988079071
|
severity: Severity.low
|
|
205.169.39.16
|
ip
|
2026-03-10 09:29:57
|
ignore
|
Observed legitimate WordPress site access patterns; no WAF flags, detected threats, or security rule hits. Entity is not currently in the watchlist but exhibits no malicious behavior.
|
1.0
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 09:29:57
|
ignore
|
Observed legitimate WordPress site access patterns; no WAF flags, detected threats, or security rule hits. Entity is not currently in the watchlist but exhibits no malicious behavior.
|
1.0
|
severity: Severity.low
|
|
205.169.39.16
|
ip
|
2026-03-10 09:19:38
|
ignore
|
No suspicious activity detected, no WAF flags, no security rule hits, and standard access patterns to WordPress site. Not considered malicious.
|
1.0
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 09:19:38
|
ignore
|
No suspicious activity detected, no WAF flags, no security rule hits, and standard access patterns to WordPress site. Not considered malicious.
|
1.0
|
severity: Severity.low
|
|
205.169.39.16
|
ip
|
2026-03-10 09:09:27
|
ignore
|
No malicious activity detected, only legitimate access to standard WordPress resources. No WAF flags or security rule hits.
|
1.0
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 09:09:27
|
ignore
|
No malicious activity detected, only legitimate access to standard WordPress resources. No WAF flags or security rule hits.
|
1.0
|
severity: Severity.low
|
|
205.169.39.16
|
ip
|
2026-03-10 08:59:17
|
ignore
|
Normal WordPress access patterns observed, no malicious activity, WAF alerts, or security rule hits detected. Entity appears benign.
|
0.8999999761581421
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 08:59:17
|
ignore
|
Normal WordPress access patterns observed, no malicious activity, WAF alerts, or security rule hits detected. Entity appears benign.
|
0.8999999761581421
|
severity: Severity.low
|
|
205.169.39.16
|
ip
|
2026-03-10 08:49:06
|
ignore
|
No suspicious activity detected. The IP accessed standard WordPress paths without triggering any WAF rules or security alerts, and no threat requests were observed. Indicative of a legitimate visitor or crawler.
|
0.949999988079071
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 08:49:06
|
ignore
|
No suspicious activity detected. The IP accessed standard WordPress paths without triggering any WAF rules or security alerts, and no threat requests were observed. Indicative of a legitimate visitor or crawler.
|
0.949999988079071
|
severity: Severity.low
|
|
205.169.39.16
|
ip
|
2026-03-10 08:28:50
|
ignore
|
No malicious activity detected. Entity is accessing standard WordPress assets, with no WAF flags or security rule hits. Behavior is consistent with a legitimate user.
|
0.949999988079071
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 08:28:50
|
ignore
|
No malicious activity detected. Entity is accessing standard WordPress assets, with no WAF flags or security rule hits. Behavior is consistent with a legitimate user.
|
0.949999988079071
|
severity: Severity.low
|
|
205.169.39.16
|
ip
|
2026-03-10 08:18:38
|
ignore
|
No suspicious activity detected; accessed standard WordPress paths without triggering any security alerts or WAF rules.
|
0.949999988079071
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 08:18:38
|
ignore
|
No suspicious activity detected; accessed standard WordPress paths without triggering any security alerts or WAF rules.
|
0.949999988079071
|
severity: Severity.low
|
|
205.169.39.16
|
ip
|
2026-03-10 08:08:29
|
ignore
|
No suspicious activity detected; accessed standard WordPress paths without triggering any security alerts or WAF flags.
|
0.8999999761581421
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 08:08:29
|
ignore
|
No suspicious activity detected; accessed standard WordPress paths without triggering any security alerts or WAF flags.
|
0.8999999761581421
|
severity: Severity.low
|
|
205.169.39.16
|
ip
|
2026-03-10 07:48:06
|
ignore
|
No malicious activity or suspicious patterns observed. All requests were for standard WordPress assets, with no detected threats or WAF flags.
|
0.949999988079071
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 07:48:06
|
ignore
|
No malicious activity or suspicious patterns observed. All requests were for standard WordPress assets, with no detected threats or WAF flags.
|
0.949999988079071
|
severity: Severity.low
|
|
89.187.187.72
|
ip
|
2026-03-10 07:48:06
|
block
|
This IP is highly suspicious: it has a high number of detected threat requests (119), triggered multiple security alerts including 'BOT-BROWSER-IMPERSONATOR', and was denied by WAF for burst activity (IPBLOCK-BURST4-318403) while scanning for WordPress manifest files.
|
0.9900000095367432
|
severity: Severity.critical
|
|
205.169.39.16
|
ip
|
2026-03-10 07:37:56
|
ignore
|
No malicious activity detected. Entity accessed standard WordPress resources, themes, plugins, and images. No WAF flags, detected threat requests, or security rule hits were observed.
|
1.0
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 07:37:56
|
ignore
|
No malicious activity detected. Entity accessed standard WordPress resources, themes, plugins, and images. No WAF flags, detected threat requests, or security rule hits were observed.
|
1.0
|
severity: Severity.low
|
|
205.169.39.16
|
ip
|
2026-03-10 07:27:44
|
ignore
|
Benign activity detected. The IP accessed standard WordPress paths without triggering any security alerts, WAF flags, or detected threats. No malicious indicators found.
|
1.0
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 07:27:44
|
ignore
|
Benign activity detected. The IP (Google Cloud) accessed standard WordPress paths without triggering any security alerts, WAF flags, or detected threats. No malicious indicators found.
|
1.0
|
severity: Severity.low
|
|
205.169.39.16
|
ip
|
2026-03-10 07:17:33
|
ignore
|
Accessing standard WordPress paths without triggering any security alerts or WAF flags. No suspicious activity detected.
|
1.0
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 07:17:33
|
ignore
|
Accessing standard WordPress paths without triggering any security alerts or WAF flags. No suspicious activity detected.
|
1.0
|
severity: Severity.low
|
|
205.169.39.16
|
ip
|
2026-03-10 07:07:17
|
ignore
|
No suspicious activity, threat requests, or WAF alerts detected for this IP.
|
1.0
|
severity: Severity.low
|
|
45.94.31.197
|
ip
|
2026-03-10 07:07:17
|
block
|
This IP is actively engaging in WordPress enumeration attempts by repeatedly accessing 'wlwmanifest.xml' paths across various directories. It has triggered multiple WAF alerts, including bot impersonation, and has been subject to IP blocking due to suspicious activity bursts.
|
0.949999988079071
|
severity: Severity.critical
|
|
34.72.176.129
|
ip
|
2026-03-10 07:07:17
|
ignore
|
No suspicious activity, threat requests, or WAF alerts detected for this IP.
|
1.0
|
severity: Severity.low
|
|
138.201.83.102
|
ip
|
2026-03-10 04:26:42
|
block
|
Access to 'wp-login.php' endpoint is highly suspicious and often indicates brute-force attempts or credential stuffing. Even with low requests, this specific access pattern is a common attack vector.
|
0.800000011920929
|
severity: Severity.critical
|
|
205.169.39.16
|
ip
|
2026-03-10 04:26:42
|
ignore
|
Access patterns are consistent with normal website browsing, fetching static assets and content. No malicious activity detected by WAF or security rules.
|
0.949999988079071
|
severity: Severity.low
|
|
34.72.176.129
|
ip
|
2026-03-10 04:26:42
|
ignore
|
Access patterns are consistent with normal website browsing, fetching static assets and content, including plugin and theme files. No malicious activity detected by WAF or security rules.
|
0.949999988079071
|
severity: Severity.low
|
|
62.216.67.111
|
ip
|
2026-03-10 04:26:42
|
ignore
|
Access patterns are consistent with normal website browsing, including navigating to a category page and fetching necessary JavaScript files. No malicious activity detected by WAF or security rules.
|
0.949999988079071
|
severity: Severity.low
|
|
138.201.83.102
|
ip
|
2026-03-10 01:15:57
|
ignore
|
No observed activity (0 requests, 0 threats, 0 WAF flags, 0 security rule hits) since being added to the watchlist.
|
0.8500000238418579
|
severity: Severity.low
|
|
20.219.138.200
|
ip
|
2026-03-10 01:15:57
|
block
|
Accessing highly suspicious paths indicative of scanning, backdoor attempts, and vulnerability probing (e.g., info.php, db.php, upload.php, sx.php, htaccess.php, admin directories, wp-content/themes/haha.php).
|
0.949999988079071
|
severity: Severity.critical
|
|
205.220.242.185
|
ip
|
2026-03-10 01:15:57
|
block
|
Multiple WAF deny hits (IPBLOCK-BURST4-318403) and a high proportion (10 out of 21) of detected threat requests.
|
0.9900000095367432
|
severity: Severity.critical
|
|
138.201.83.102
|
ip
|
2026-03-09 17:54:23
|
watchlist
|
Entity previously identified with medium severity and accessed wp-login.php, indicating potential brute-force or reconnaissance. Further monitoring is advised.
|
0.699999988079071
|
severity: Severity.medium
|
|
205.169.39.16
|
ip
|
2026-03-09 17:54:23
|
ignore
|
No suspicious activity detected; all requests appear legitimate.
|
0.8999999761581421
|
severity: Severity.low
|
|
47.128.121.167
|
ip
|
2026-03-09 17:54:23
|
block
|
All requests (9/9) were flagged by WAF, detected as threats, and triggered a security rule (3991023).
|
1.0
|
severity: Severity.critical
|
|
34.72.176.129
|
ip
|
2026-03-09 17:54:23
|
ignore
|
No suspicious activity detected; all requests appear legitimate.
|
0.8999999761581421
|
severity: Severity.low
|
|
62.216.67.111
|
ip
|
2026-03-09 17:54:23
|
ignore
|
No suspicious activity detected; all requests appear legitimate.
|
0.8999999761581421
|
severity: Severity.low
|
|
138.201.83.102
|
ip
|
2026-03-09 16:44:03
|
watchlist
|
Frequent access to wp-login.php, indicative of potential brute-force or reconnaissance attempts.
|
0.699999988079071
|
severity: Severity.medium
|