|
66.249.66.40
|
ip
|
2025-10-29 14:47:33
|
block
|
All requests triggered WAF alerts, indicating consistent malicious activity. Warrants maintaining block.
|
0.800000011920929
|
severity: Severity.medium
|
|
62.60.130.211
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.9800000190734863
|
severity: Severity.critical
|
|
51.38.105.105
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
AS16276
|
asn
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
AS132203
|
asn
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
85.204.70.106
|
ip
|
2025-10-29 14:47:33
|
block
|
Extensive scanning and attack attempts against WordPress administrative and sensitive paths, already triggered burst blocking. Warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
81.17.20.98
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
66.249.77.104
|
ip
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7e7bcf51bfc0d0b65f
|
tls
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
3%7e788289bd73e01aa4
|
tls
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
3%7e2faa3a9db1c111de
|
tls
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
AS8075
|
asn
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
AS211590
|
asn
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
3%7ede8d6a84fab8672b
|
tls
|
2025-10-29 14:47:33
|
block
|
Associated with multiple suspicious access patterns, reconnaissance attempts, and burst blocking across various IPs, indicating a common malicious client fingerprint. Other TLS fingerprints are already blocked. Warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7ede29393936a8dc4153
|
tls
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7ede293936a8dc4153
|
tls
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7ebaae1457ad64ff16
|
tls
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
3%7ea97fdb0b70d4a7b7
|
tls
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.9800000190734863
|
severity: Severity.critical
|
|
UNKNOWN
|
tls
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
3%7efe38c35477967146
|
tls
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.9800000190734863
|
severity: Severity.critical
|
|
3%7ee35ec11fcbea7346
|
tls
|
2025-10-29 14:47:33
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
141.98.11.115
|
ip
|
2025-10-29 14:17:14
|
block
|
All requests triggered WAF rules, including bot impersonation, indicating highly malicious automated activity. Warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
123.6.49.50
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
103.207.148.148
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
101.55.81.36
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.106
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.104
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
178.33.134.25
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
172.192.3.69
|
ip
|
2025-10-29 14:17:14
|
block
|
All requests flagged by WAF with suspicious PHP file probing, already triggered IPBLOCK deny rule. ASN also present in blocklist. Warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
172.190.142.176
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
157.180.49.118
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
185.177.72.144
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.12
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.11
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.107
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.3
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.205
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.204
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.2
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.16
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
196.251.84.111
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
196.251.66.28
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
195.178.110.75
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
195.178.110.201
|
ip
|
2025-10-29 14:17:14
|
block
|
Attempting to access sensitive configuration files and detected LFI anomaly, indicating severe reconnaissance and potential exploit attempts. Other IPs in the same subnet are blocked. Warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
195.178.110.161
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
194.50.16.252
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
2001:4878:8216:510:dddd:b98a:3a76:296c
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
20.244.26.188
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
20.193.136.32
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
20.171.207.158
|
ip
|
2025-10-29 14:17:14
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|