|
141.98.11.115
|
ip
|
2025-10-29 14:12:38
|
block
|
All requests triggered WAF rules, including bot impersonation, indicating highly malicious automated activity. Warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
123.6.49.50
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
103.207.148.148
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
101.55.81.36
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.106
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.104
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
178.33.134.25
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
172.192.3.69
|
ip
|
2025-10-29 14:12:38
|
block
|
All requests flagged by WAF with suspicious PHP file probing, already triggered IPBLOCK deny rule. ASN also present in blocklist. Warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
172.190.142.176
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
157.180.49.118
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
185.177.72.144
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.12
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.11
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.107
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.3
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.205
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.204
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.2
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.16
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
196.251.84.111
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
196.251.66.28
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
195.178.110.75
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
195.178.110.201
|
ip
|
2025-10-29 14:12:38
|
block
|
Attempting to access sensitive configuration files and detected LFI anomaly, indicating severe reconnaissance and potential exploit attempts. Other IPs in the same subnet are blocked. Warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
195.178.110.161
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
194.50.16.252
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
2001:4878:8216:510:dddd:b98a:3a76:296c
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
20.244.26.188
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
20.193.136.32
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
20.171.207.158
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
196.251.86.207
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.9800000190734863
|
severity: Severity.critical
|
|
205.169.39.130
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
205.169.39.125
|
ip
|
2025-10-29 14:12:38
|
block
|
IP from a subnet with multiple blocked malicious IPs, associated with a hostname (www.darcherif.fr) linked to a blocked malicious TLS fingerprint, and accessed suspicious obfuscated paths, indicating likely participation in coordinated malicious activity. Warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
2001:bc8:1f90:4:7ec2:55ff:fe9e:8476
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
2001:bc8:1201:19:46a8:42ff:fe1b:ae29
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
2601:155:80:2a0:de29:81f:6eed:b186
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.9800000190734863
|
severity: Severity.critical
|
|
217.156.56.11
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
216.73.216.163
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
216.244.66.244
|
ip
|
2025-10-29 14:12:38
|
block
|
All requests triggered WAF alerts, indicating consistent malicious probing. Warrants maintaining block.
|
0.800000011920929
|
severity: Severity.medium
|
|
216.126.227.20
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
205.169.39.4
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
205.169.39.38
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
34.1.26.204
|
ip
|
2025-10-29 14:12:38
|
block
|
All requests triggered multiple WAF alerts, indicating active malicious scanning. Warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.medium
|
|
34.1.23.207
|
ip
|
2025-10-29 14:12:38
|
block
|
Blocked by WAF due to a burst of activity, suggesting automated or disruptive behavior. Warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
34.1.21.203
|
ip
|
2025-10-29 14:12:38
|
block
|
Blocked by WAF due to a burst of activity, suggesting automated or disruptive behavior. Warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
34.1.17.182
|
ip
|
2025-10-29 14:12:38
|
block
|
Blocked by WAF due to a burst of activity, suggesting automated or disruptive behavior. Warrants maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
34.1.16.79
|
ip
|
2025-10-29 14:12:38
|
block
|
All requests triggered multiple WAF alerts, indicating active malicious scanning. Warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
3.92.177.104
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
2604:a880:400:d1:0:1:4cea:4001
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
2604:a880:0:202a::62df:9000
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|
|
2604:7c00:18:a:4f37:6f4c:d1bd:f3b5
|
ip
|
2025-10-29 14:12:38
|
block
|
Continued persistent malicious activity observed, warrants maintaining block.
|
1.0
|
severity: Severity.critical
|