Table: Security_events
Displaying rows 96351 - 96400 of 120479 (Page 1928 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 216.126.227.20 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | 4b6ccf5e-c7ba-420b-a841-172eebbbf023 |
| 205.169.39.4 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 9ee4ace8-7db6-4730-9c32-be57679631f9 |
| 3.92.177.104 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | d6bcf3ff-3a5e-45d4-a7ed-3e73462620dd |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-23 07:20:51 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | c03e7c89-f218-4002-a25a-f2529cf0ce43 |
| 34.116.246.85 | ip | 2025-07-23 07:20:51 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | db1160f7-845e-4172-b2de-b7fcbc57c02c |
| 34.116.172.61 | ip | 2025-07-23 07:20:51 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 2302ab2d-4dd8-4240-96dc-44dd2b44b729 |
| 66.249.77.104 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | 23c4afc4-9af0-4cea-8ea3-9a54de749005 |
| 66.249.68.133 | ip | 2025-07-23 07:20:51 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 9467251e-523e-4021-92c4-008bd0a83059 |
| 51.38.105.105 | ip | 2025-07-23 07:20:51 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 512b8b12-1c31-4b84-8f2d-0004c04414cd |
| AS211590 | asn | 2025-07-23 07:20:51 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | 7353bbaf-f097-44b6-ab3a-8c4349574836 |
| AS16276 | asn | 2025-07-23 07:20:51 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 82f5f038-a0c6-4fa4-af8e-b7ab19d7b975 |
| AS132203 | asn | 2025-07-23 07:20:51 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | d843ad42-14ea-401b-8d17-5ebc03477bab |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-23 07:20:51 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 4805813d-15fa-47f3-a355-bcc53352b06b |
| 3%7e2faa3a9db1c111de | tls | 2025-07-23 07:20:51 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | 2d893822-790f-43bc-81a2-7ed6bd275da4 |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-23 07:20:51 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | c28555f3-5a2d-4ce7-af7c-a40b2e995b1f |
| 157.180.49.118 | ip | 2025-07-23 06:41:12 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | dc697604-104f-4cd4-9700-93244ef05086 |
| 123.6.49.50 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | a9699c7f-2323-4300-8419-04d2307d170a |
| 103.207.148.148 | ip | 2025-07-23 06:41:12 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | 1c74850e-37be-4d1e-8619-8c3a4fe747ee |
| 101.55.81.36 | ip | 2025-07-23 06:41:12 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 9ea88e84-4875-429f-8bd7-2d49ce157690 |
| 185.177.72.106 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; 100% of requests flagged by WAF, aggressively targeting sensitive configuration and credential files like .env and aws/credentials. This IP is part of AS211590, which is already blocklisted for similar critical threats. | 1.0 | severity: Severity.critical | 44b50f71-ed3d-4e71-98b4-c9166461ec5c |
| 185.177.72.104 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 85d443a3-7233-4bba-bcc5-45b5182b2c98 |
| 178.33.134.25 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | a49386ec-d7cf-41e5-a289-fe93262ad9dd |
| 185.177.72.16 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; 100% of requests flagged by WAF, aggressively targeting sensitive configuration and credential files like .env and aws/credentials, coupled with LFI attempts. This IP is part of AS211590, which is already blocklisted for similar critical threats. | 1.0 | severity: Severity.critical | 30a946e4-4c72-453f-b53c-0ebf72726dd8 |
| 185.177.72.144 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 1c131b49-4afb-4e62-8e3d-826249f55f3d |
| 185.177.72.12 | ip | 2025-07-23 06:41:12 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 09bc7a1f-9ec4-43ed-8f1d-bc80290ab378 |
| 185.177.72.11 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | aef1b102-ce4e-4294-9654-908582d0b425 |
| 185.177.72.3 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 974b3ace-c5e1-4652-9697-ee2f5adb5805 |
| 185.177.72.205 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | c68c0a65-393c-45ab-b93c-a082473087fa |
| 185.177.72.204 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | cf0c58f6-84f4-497d-a39b-bc308c7a280b |
| 185.177.72.2 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | f86cfc51-9417-4518-b5f6-9a0a73080d4e |
| 195.178.110.161 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | d1d66eda-f10e-4bf7-8a16-3bc5ddd90718 |
| 194.50.16.252 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | b96ce78b-3805-4da6-b706-1b1723b14f1b |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | a971b894-c780-4ef2-b5f8-613942203fb5 |
| 20.171.207.158 | ip | 2025-07-23 06:41:12 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | b2521c4f-dc2b-414d-8453-f45bc40ad7d0 |
| 205.169.39.130 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 80740ded-1f6d-49e2-a2a8-d48fba98a6e7 |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-23 06:41:12 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 0196e56f-1a92-4823-991a-95bd7563941e |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-23 06:41:12 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | ddb3e78e-4898-41f2-838c-9b9f0cfd4448 |
| 216.126.227.20 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | 69da2cb9-a454-4bdd-bfd1-ced007c65460 |
| 205.169.39.4 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 661fbb18-fd2a-424a-ad47-4a5048137b1c |
| 3.92.177.104 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | e748c7cf-dee6-4999-af62-c41da9465fa4 |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-23 06:41:12 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 5681bd17-27ae-4e89-ad26-3fff70001929 |
| 34.116.246.85 | ip | 2025-07-23 06:41:12 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 7b9675a2-2052-4a62-a0ad-437d77adf22b |
| 34.116.172.61 | ip | 2025-07-23 06:41:12 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 74a32ca8-862b-41ca-bafb-c7c35030b17d |
| 66.249.77.104 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | 531f1b7d-90a0-4918-8485-ed93fb7594ae |
| 66.249.68.133 | ip | 2025-07-23 06:41:12 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 91b835f0-7beb-42b9-9bf3-8a2a61c19320 |
| 51.38.105.105 | ip | 2025-07-23 06:41:12 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 9d921d09-09a3-4906-8799-6a5842048b5c |
| AS211590 | asn | 2025-07-23 06:41:12 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | 5732aaea-e5f5-4d49-9bb4-609a38453f28 |
| AS16276 | asn | 2025-07-23 06:41:12 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 0abdf843-9496-462c-8cf1-67efcffc36a0 |
| AS132203 | asn | 2025-07-23 06:41:12 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | f8ceb498-051f-4990-8135-2922d7f7d9b4 |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-23 06:41:12 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 4eb9d5a8-657c-497a-8b2f-7c7c6b1573c0 |