|
172.190.142.176
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
157.180.49.118
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
185.177.72.144
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.12
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.11
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.107
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.3
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.205
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.204
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.2
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.16
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
196.251.84.111
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
196.251.66.28
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
195.178.110.75
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
195.178.110.201
|
ip
|
2025-10-29 14:47:33
|
block
|
Attempting to access sensitive configuration files and detected LFI anomaly, indicating severe reconnaissance and potential exploit attempts. Other IPs in the same subnet are blocked. Warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
195.178.110.161
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
194.50.16.252
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
2001:4878:8216:510:dddd:b98a:3a76:296c
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
20.244.26.188
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
20.193.136.32
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
20.171.207.158
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
196.251.86.207
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.9800000190734863
|
severity: Severity.critical
|
|
205.169.39.130
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
205.169.39.125
|
ip
|
2025-10-29 14:47:33
|
block
|
IP from a subnet with multiple blocked malicious IPs, associated with a hostname (www.darcherif.fr) linked to a blocked malicious TLS fingerprint, and accessed suspicious obfuscated paths, indicating likely participation in coordinated malicious activity. Warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
2001:bc8:1f90:4:7ec2:55ff:fe9e:8476
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
2001:bc8:1201:19:46a8:42ff:fe1b:ae29
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
2601:155:80:2a0:de29:81f:6eed:b186
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.9800000190734863
|
severity: Severity.critical
|
|
217.156.56.11
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
216.73.216.163
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
216.244.66.244
|
ip
|
2025-10-29 14:47:33
|
block
|
All requests triggered WAF alerts, indicating consistent malicious probing. Warrants maintaining block.
|
0.800000011920929
|
severity: Severity.medium
|
|
216.126.227.20
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
205.169.39.4
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
205.169.39.38
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
34.1.26.204
|
ip
|
2025-10-29 14:47:33
|
block
|
All requests triggered multiple WAF alerts, indicating active malicious scanning. Warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.medium
|
|
34.1.23.207
|
ip
|
2025-10-29 14:47:33
|
block
|
Blocked by WAF due to a burst of activity, suggesting automated or disruptive behavior. Warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
34.1.21.203
|
ip
|
2025-10-29 14:47:33
|
block
|
Blocked by WAF due to a burst of activity, suggesting automated or disruptive behavior. Warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
34.1.17.182
|
ip
|
2025-10-29 14:47:33
|
block
|
Blocked by WAF due to a burst of activity, suggesting automated or disruptive behavior. Warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
34.1.16.79
|
ip
|
2025-10-29 14:47:33
|
block
|
All requests triggered multiple WAF alerts, indicating active malicious scanning. Warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
3.92.177.104
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
2604:a880:400:d1:0:1:4cea:4001
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
2604:a880:0:202a::62df:9000
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
2604:7c00:18:a:4f37:6f4c:d1bd:f3b5
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
48.210.236.214
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
45.153.163.23
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
34.116.246.85
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
34.116.172.61
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
34.1.27.103
|
ip
|
2025-10-29 14:47:33
|
block
|
Associated with a blocked malicious TLS fingerprint ('3%7ede8d6a84fab8672b') also seen with 'www.darcherif.fr', indicating this IP is likely part of the same malicious client activity despite no direct WAF hits yet. Warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
66.249.70.200
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
66.249.69.35
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
66.249.68.133
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.medium
|