Table: Security_events
Displaying rows 96301 - 96350 of 120479 (Page 1927 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 205.169.39.130 | ip | 2025-07-23 07:35:52 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 7d5a714f-6959-4eae-8f29-d2490fa3d790 |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-23 07:35:52 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 96a9ac2b-9921-4e99-b167-96093913f02b |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-23 07:35:52 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 3fcec62d-12b2-49cb-af80-fc6f23f61978 |
| 216.126.227.20 | ip | 2025-07-23 07:35:52 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | e5c10d06-f9c6-47af-9e74-29cf454a52d6 |
| 205.169.39.4 | ip | 2025-07-23 07:35:52 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 285c16cc-1332-484b-9047-9bb6968bd8fd |
| 3.92.177.104 | ip | 2025-07-23 07:35:52 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | 09ea70e0-2039-437c-8105-c4ba658fbd47 |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-23 07:35:52 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 341e4b7f-d4f6-40cc-8aca-64f048f9b406 |
| 34.116.246.85 | ip | 2025-07-23 07:35:52 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 4e370ae6-fe4d-461c-a291-0d3b9842def7 |
| 34.116.172.61 | ip | 2025-07-23 07:35:52 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 3283ff0f-b8f1-4f75-9b13-7a96a4e87b6d |
| 66.249.77.104 | ip | 2025-07-23 07:35:52 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | 27078b5a-3103-4783-a4fe-26cd389110c8 |
| 66.249.68.133 | ip | 2025-07-23 07:35:52 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 6eb4f44f-ce71-4d45-a232-e08d7d977f3c |
| 51.38.105.105 | ip | 2025-07-23 07:35:52 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | c9c596a9-93c8-41cb-ab1f-2a11d6a189c6 |
| AS211590 | asn | 2025-07-23 07:35:52 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | 4a7692fe-afd6-487a-b7b7-5550883d7218 |
| AS16276 | asn | 2025-07-23 07:35:52 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 3eabdc86-de22-408e-8870-76d3b12b46bc |
| AS132203 | asn | 2025-07-23 07:35:52 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | 52f96ecf-37bc-4ff1-89c4-d597774ff8ce |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-23 07:35:52 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 6048c471-7c37-4d17-93fe-2e37d33bd458 |
| 3%7e2faa3a9db1c111de | tls | 2025-07-23 07:35:52 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | 4a62aaca-7f40-4c7a-b6c5-d0f7a7d83a92 |
| 3%7ede29393936a8dc4153 | tls | 2025-07-23 07:35:52 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 655de2cc-2a1a-4467-92e9-1850b4e5209c |
| 3%7ede293936a8dc4153 | tls | 2025-07-23 07:35:52 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | a4da9ffc-3164-4ae8-a210-6559a0796ef8 |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-23 07:35:52 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | 34d66ebc-2822-4520-9b4a-39a12a2b5d54 |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-23 07:35:52 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | a56f062e-46e9-41da-8d32-bb96dfcf724b |
| UNKNOWN | tls | 2025-07-23 07:35:52 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | b3dd344e-533b-4c09-8a32-8b5e67ae950c |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-23 07:35:52 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 0980ef95-8375-4cc9-b1ad-16ca6e015f6a |
| 3%7ede29393936a8dc4153 | tls | 2025-07-23 07:20:52 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 260e158d-eca8-4e10-a776-1bfa5ff0558e |
| 3%7ede293936a8dc4153 | tls | 2025-07-23 07:20:52 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | fdbb647e-6208-46ea-ab0d-36516e824923 |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-23 07:20:52 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | 3c4c2d0b-3353-4af9-aff8-b9e588e80e47 |
| UNKNOWN | tls | 2025-07-23 07:20:52 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | c1ee4969-1209-47ca-9514-579602dcb765 |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-23 07:20:52 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 08f6d00a-b80b-47c1-a9db-c46fabf2675b |
| 157.180.49.118 | ip | 2025-07-23 07:20:51 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 0be7f823-73b8-4466-8011-ca6e20226e86 |
| 123.6.49.50 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | 87707211-781d-4970-bed5-8295c0b88e0b |
| 103.207.148.148 | ip | 2025-07-23 07:20:51 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | a54595c1-e2ed-4c88-b6a1-0dae52675d7e |
| 101.55.81.36 | ip | 2025-07-23 07:20:51 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | ae94d3dd-d105-40ae-b33c-5907cd358b79 |
| 185.177.72.106 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; 100% of requests flagged by WAF, aggressively targeting sensitive configuration and credential files like .env and aws/credentials. This IP is part of AS211590, which is already blocklisted for similar critical threats. | 1.0 | severity: Severity.critical | ffc1c2ea-da50-42bc-8715-bd638207f444 |
| 185.177.72.104 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 4a4f1a01-749e-4f7f-80dc-fa6b51d1ddf0 |
| 178.33.134.25 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 6e8edb98-4e42-4349-a603-d85a132b9356 |
| 185.177.72.16 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; 100% of requests flagged by WAF, aggressively targeting sensitive configuration and credential files like .env and aws/credentials, coupled with LFI attempts. This IP is part of AS211590, which is already blocklisted for similar critical threats. | 1.0 | severity: Severity.critical | b744c1b6-6b12-4ae9-b375-033545be6e09 |
| 185.177.72.144 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 114533e7-6cb6-4bef-bd83-5e2a05c4fbce |
| 185.177.72.12 | ip | 2025-07-23 07:20:51 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | b456359c-58e8-4952-bf33-569dee928412 |
| 185.177.72.11 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 8dc059da-f16b-418d-b92f-3518bb4c7b10 |
| 185.177.72.3 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | ee806474-a924-406c-9998-e2ba7445d09d |
| 185.177.72.205 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | bfc4effc-0814-4a0e-8a12-f3d22223c18a |
| 185.177.72.204 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | d6d9c794-8c75-4bde-b67c-f4a5d7a8faa1 |
| 185.177.72.2 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 00a5466a-93a5-4c26-80bd-8f4e2445164c |
| 195.178.110.161 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 234aa54a-9c19-422e-ac6a-2ec8d089046d |
| 194.50.16.252 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | 99311de1-ac14-48fd-8861-ebed151b80f1 |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | 3f19ec32-df59-4362-b3a4-653e3083d149 |
| 20.171.207.158 | ip | 2025-07-23 07:20:51 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 8c4944bd-77a4-4b3d-9e45-3676ccfda126 |
| 205.169.39.130 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | dc648a8c-e08d-4912-9988-6e92f95795c7 |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-23 07:20:51 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | b43dae9f-b74f-4b97-9cad-d988c4464bb1 |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-23 07:20:51 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 9c7ccf70-b52b-473c-aeaa-00eb9c7278d1 |