|
216.73.216.163
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
216.244.66.244
|
ip
|
2025-10-29 13:13:03
|
block
|
All requests triggered WAF alerts, indicating consistent malicious probing. Maintaining block.
|
0.800000011920929
|
severity: Severity.medium
|
|
216.126.227.20
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
205.169.39.4
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
205.169.39.38
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
34.1.26.204
|
ip
|
2025-10-29 13:13:03
|
block
|
All requests triggered multiple WAF alerts, indicating active malicious scanning. Maintaining block.
|
0.8999999761581421
|
severity: Severity.medium
|
|
34.1.23.207
|
ip
|
2025-10-29 13:13:03
|
block
|
Blocked by WAF due to a burst of activity, suggesting automated or disruptive behavior. Maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
34.1.21.203
|
ip
|
2025-10-29 13:13:03
|
block
|
Blocked by WAF due to a burst of activity, suggesting automated or disruptive behavior. Maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
34.1.17.182
|
ip
|
2025-10-29 13:13:03
|
block
|
Blocked by WAF due to a burst of activity, suggesting automated or disruptive behavior. Maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
34.1.16.79
|
ip
|
2025-10-29 13:13:03
|
block
|
All requests triggered multiple WAF alerts, indicating active malicious scanning. Maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
3.92.177.104
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
2604:a880:400:d1:0:1:4cea:4001
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
2604:a880:0:202a::62df:9000
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
2604:7c00:18:a:4f37:6f4c:d1bd:f3b5
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
48.210.236.214
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
45.153.163.23
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
34.116.246.85
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
34.116.172.61
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.8500000238418579
|
severity: Severity.medium
|
|
34.1.27.103
|
ip
|
2025-10-29 13:13:03
|
block
|
Associated with a blocked malicious TLS fingerprint ('3%7ede8d6a84fab8672b') also seen with 'www.darcherif.fr', indicating this IP is likely part of the same malicious client activity despite no direct WAF hits yet. Maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
66.249.70.200
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
66.249.69.35
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
66.249.68.133
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.8999999761581421
|
severity: Severity.medium
|
|
66.249.66.40
|
ip
|
2025-10-29 13:13:03
|
block
|
All requests triggered WAF alerts, indicating consistent malicious activity. Maintaining block.
|
0.800000011920929
|
severity: Severity.medium
|
|
62.60.130.211
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.9800000190734863
|
severity: Severity.critical
|
|
51.38.105.105
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
AS16276
|
asn
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
AS132203
|
asn
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
85.204.70.106
|
ip
|
2025-10-29 13:13:03
|
block
|
Extensive scanning and attack attempts against WordPress administrative and sensitive paths, already triggered burst blocking. Maintaining block.
|
1.0
|
severity: Severity.critical
|
|
81.17.20.98
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
66.249.77.104
|
ip
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7e7bcf51bfc0d0b65f
|
tls
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
3%7e788289bd73e01aa4
|
tls
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
3%7e2faa3a9db1c111de
|
tls
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
AS8075
|
asn
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
AS211590
|
asn
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
3%7ede8d6a84fab8672b
|
tls
|
2025-10-29 13:13:03
|
block
|
Associated with multiple suspicious access patterns, reconnaissance attempts, and burst blocking across various IPs, indicating a common malicious client fingerprint. Other TLS fingerprints are already blocked. Maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7ede29393936a8dc4153
|
tls
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7ede293936a8dc4153
|
tls
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7ebaae1457ad64ff16
|
tls
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
3%7ea97fdb0b70d4a7b7
|
tls
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.9800000190734863
|
severity: Severity.critical
|
|
UNKNOWN
|
tls
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
3%7efe38c35477967146
|
tls
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.9800000190734863
|
severity: Severity.critical
|
|
3%7ee35ec11fcbea7346
|
tls
|
2025-10-29 13:13:03
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
0.8999999761581421
|
severity: Severity.critical
|
|
185.177.72.106
|
ip
|
2025-10-29 13:07:19
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.144
|
ip
|
2025-10-29 13:07:19
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.12
|
ip
|
2025-10-29 13:07:19
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.11
|
ip
|
2025-10-29 13:07:19
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.107
|
ip
|
2025-10-29 13:07:19
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.3
|
ip
|
2025-10-29 13:07:19
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.205
|
ip
|
2025-10-29 13:07:19
|
block
|
Continued persistent malicious activity observed, maintaining block.
|
1.0
|
severity: Severity.critical
|