Table: Security_events
Displaying rows 96101 - 96150 of 120479 (Page 1923 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 66.249.68.133 | ip | 2025-07-23 08:15:59 | watchlist | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 8637afc9-8e91-41b8-9b0a-482d0fc05e58 |
| 51.38.105.105 | ip | 2025-07-23 08:15:59 | watchlist | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 87b4dc04-577a-4fbf-8614-1b91c417d06a |
| AS211590 | asn | 2025-07-23 08:15:59 | watchlist | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | d080531d-b026-48c8-abd3-9d280517e147 |
| AS16276 | asn | 2025-07-23 08:15:59 | watchlist | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | e6ce63e8-f683-4369-9722-386119e8e911 |
| AS132203 | asn | 2025-07-23 08:15:59 | watchlist | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | 320983fc-7a0c-447e-8aee-58dc4187312a |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-23 08:15:59 | watchlist | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 754e75df-b97c-4cce-8578-80427b4b28e8 |
| 3%7e2faa3a9db1c111de | tls | 2025-07-23 08:15:59 | watchlist | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | 222247dc-627e-4171-adc2-7fb2beb8fd65 |
| 3%7ede29393936a8dc4153 | tls | 2025-07-23 08:15:59 | watchlist | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | aa8775aa-b23a-4c3d-9668-6b500c949079 |
| 3%7ede293936a8dc4153 | tls | 2025-07-23 08:15:59 | watchlist | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 972e22c4-bbb8-454a-8dc6-77063d17cf64 |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-23 08:15:59 | watchlist | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | b49b665c-083f-42be-aaed-f339dedd6bd7 |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-23 08:15:59 | watchlist | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | a3223cdc-dd81-489d-b4d3-ec989feb0a98 |
| UNKNOWN | tls | 2025-07-23 08:15:59 | watchlist | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | 25ade671-5ded-430b-b83f-7812ced1675b |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-23 08:15:59 | watchlist | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 2d67658e-d140-404d-b750-6f3e989fef72 |
| 157.180.49.118 | ip | 2025-07-23 08:11:00 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 33c4dc32-9041-4377-a354-443169668371 |
| 123.6.49.50 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | a319cd14-6ae2-426d-9716-32e58d26e1fe |
| 103.207.148.148 | ip | 2025-07-23 08:11:00 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | 01c94b57-f2e0-4673-8292-e9a489fed152 |
| 101.55.81.36 | ip | 2025-07-23 08:11:00 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 688645bf-c1ed-42a2-9d2b-d8b8ed59632a |
| 185.177.72.106 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; 100% of requests flagged by WAF, aggressively targeting sensitive configuration and credential files like .env and aws/credentials. This IP is part of AS211590, which is already blocklisted for similar critical threats. | 1.0 | severity: Severity.critical | 784a985b-f89e-4c2a-ba42-48aecb6710de |
| 185.177.72.104 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | c0b50694-5d18-455b-83c0-db6b76bc88e1 |
| 178.33.134.25 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | d5c4e7a3-627e-4322-86b1-779f5148fa82 |
| 185.177.72.16 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; 100% of requests flagged by WAF, aggressively targeting sensitive configuration and credential files like .env and aws/credentials, coupled with LFI attempts. This IP is part of AS211590, which is already blocklisted for similar critical threats. | 1.0 | severity: Severity.critical | f218b261-59a1-44e4-aa72-80d4783d2157 |
| 185.177.72.144 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 014f410a-2b0d-4f07-aca6-91adf881251d |
| 185.177.72.12 | ip | 2025-07-23 08:11:00 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | b999b941-1b87-40dc-a89f-3eb0e98e2c6d |
| 185.177.72.11 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 97950787-bd01-47f4-a9ab-fb4df90ad1da |
| 185.177.72.3 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 6b76b3e4-52cd-4660-96d2-beb1de9e5415 |
| 185.177.72.205 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | cf4f0c99-26a1-416f-bd26-7e192a39a83a |
| 185.177.72.204 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | feb15e51-7c1a-49a9-a55d-a290148c7fd6 |
| 185.177.72.2 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | a02b82c8-34ef-44da-9efe-4dc7baed059c |
| 195.178.110.161 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 343f5d42-bde1-471d-bca1-a3dc9bf3517d |
| 194.50.16.252 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | 97999c86-85ea-420c-b48c-7e360916b756 |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | 8e1dbfe1-f400-4e16-973e-a51cd34de812 |
| 20.171.207.158 | ip | 2025-07-23 08:11:00 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 42511e18-b5bd-4912-87fe-e5602563be09 |
| 205.169.39.130 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | e6b77560-55c2-4b05-b3ed-31a97350cb08 |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-23 08:11:00 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | a80cc449-2fae-4b94-89c0-8d994f0bd9a9 |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-23 08:11:00 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 7a27fa2f-1693-4b09-9554-9c33c1915776 |
| 216.126.227.20 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | 234de6ff-82e6-4a92-b176-6a10ef79247b |
| 205.169.39.4 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 78c6a9fe-c142-42c4-8d4b-dd7ab1ac236a |
| 3.92.177.104 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | 18179872-30d8-4282-be1c-6ba053a17060 |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-23 08:11:00 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 04b1021c-c486-4ae8-84d7-3993b54b8689 |
| 34.116.246.85 | ip | 2025-07-23 08:11:00 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | fac0cb56-6548-4ed8-8cfc-e9bee129e9e4 |
| 34.116.172.61 | ip | 2025-07-23 08:11:00 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 235dc636-e999-4586-80c7-0125026082d7 |
| 66.249.77.104 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | 50114642-47f4-4588-9cd5-d21bb947c9cc |
| 66.249.68.133 | ip | 2025-07-23 08:11:00 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 63cccfe3-39bc-4b95-ad00-83d2e76aa4d8 |
| 51.38.105.105 | ip | 2025-07-23 08:11:00 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | e418bb75-a0d4-4cf5-aadb-c6a4beac13e2 |
| AS211590 | asn | 2025-07-23 08:11:00 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | b7708315-8726-41fd-b954-1e5c8204c98c |
| AS16276 | asn | 2025-07-23 08:11:00 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | c6b8d11c-52bd-4881-b92c-715474fa1b64 |
| AS132203 | asn | 2025-07-23 08:11:00 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | 196aa7c7-aac4-4954-9d87-e7e5884ab4b4 |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-23 08:11:00 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 8754beab-508f-4361-92bb-6c92d69c098b |
| 3%7e2faa3a9db1c111de | tls | 2025-07-23 08:11:00 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | a8e65a33-535f-4789-b83b-3140889e0f1a |
| 3%7ede29393936a8dc4153 | tls | 2025-07-23 08:11:00 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 59a07e33-9cce-4718-a411-aa3336c23989 |