Table: Security_events
Displaying rows 96401 - 96450 of 120479 (Page 1929 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 3%7e2faa3a9db1c111de | tls | 2025-07-23 06:41:12 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | 6a0e878e-7ab1-458a-ba26-7d9b73444ceb |
| 3%7ede29393936a8dc4153 | tls | 2025-07-23 06:41:12 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 8dbbbb34-8a9f-4a04-949d-18d6a4cd8412 |
| 3%7ede293936a8dc4153 | tls | 2025-07-23 06:41:12 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 1b2c34b0-79d6-4f2a-a984-123dc16720d5 |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-23 06:41:12 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | 7e3c9ef7-8860-4524-9920-81941607ec14 |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-23 06:41:12 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | e4e193aa-e6a8-4159-a2d1-3083ed76d6b0 |
| UNKNOWN | tls | 2025-07-23 06:41:12 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | ca61e49c-4b87-4353-a7de-edf602f8d9d1 |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-23 06:41:12 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | c3834dfc-4046-4d68-9151-e0f6f3537846 |
| 205.169.39.130 | ip | 2025-07-23 06:15:38 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | df7564b4-a1e1-4c45-853a-c037b8307f1d |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-23 06:15:38 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | cec681af-d6df-4dee-9bf8-d5face141abe |
| 216.126.227.20 | ip | 2025-07-23 06:15:38 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | 45db79f9-35fd-4524-9918-4901092493a3 |
| 205.169.39.4 | ip | 2025-07-23 06:15:38 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 6d83f15e-9f04-4c24-bac1-1106ae8cf332 |
| 3.92.177.104 | ip | 2025-07-23 06:15:38 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | 7221ebe4-d374-4d4d-a310-cb17d5f4cd87 |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-23 06:15:38 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 51f21a94-6706-45a9-a760-a7cc0086c7a4 |
| 34.116.246.85 | ip | 2025-07-23 06:15:38 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 32b27c54-15b2-4350-b82e-5047199e489c |
| 34.116.172.61 | ip | 2025-07-23 06:15:38 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 7f943443-6e35-4f83-ac80-33b7c8457e44 |
| 66.249.77.104 | ip | 2025-07-23 06:15:38 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | db446170-6035-4a1f-a8f5-7765fe332c81 |
| 66.249.68.133 | ip | 2025-07-23 06:15:38 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 2eea98f2-00c0-42e3-8d3d-fd3e36d67d55 |
| 51.38.105.105 | ip | 2025-07-23 06:15:38 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | dcaf533c-a500-4dac-950a-bd3128237036 |
| AS211590 | asn | 2025-07-23 06:15:38 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | a5b38847-b0b5-4c81-9531-2d0767c97253 |
| AS16276 | asn | 2025-07-23 06:15:38 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 81408c0e-cf6b-46c7-bda0-db9f477352ee |
| AS132203 | asn | 2025-07-23 06:15:38 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | fcaaee91-5837-489a-a71f-675f2a05b313 |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-23 06:15:38 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 039ecb3a-bfff-4185-8eb8-bee2c8e97768 |
| 3%7e2faa3a9db1c111de | tls | 2025-07-23 06:15:38 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | d085f6f1-a3f1-4119-a3b7-1a542ec24a65 |
| 3%7ede29393936a8dc4153 | tls | 2025-07-23 06:15:38 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | f93d21e5-35bc-4483-90da-1aae686ce295 |
| 3%7ede293936a8dc4153 | tls | 2025-07-23 06:15:38 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 8be665b0-544f-4c2f-93af-549cc69481ea |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-23 06:15:38 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | c61549fc-52fc-44f8-8f31-1102d912efd0 |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-23 06:15:38 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | c2f5733a-22ce-4503-99c8-9418a5dc68a0 |
| UNKNOWN | tls | 2025-07-23 06:15:38 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | 8ac72ab9-890f-48c5-9c63-73c17291afcd |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-23 06:15:38 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 3ac82ae2-c279-4966-b5c7-3c6b257b44db |
| 157.180.49.118 | ip | 2025-07-23 06:15:37 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | e58ea7fd-c469-458b-8577-c560205ed9ad |
| 123.6.49.50 | ip | 2025-07-23 06:15:37 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | eb53df75-51b6-48ed-bfbc-efa5ffc6ec43 |
| 103.207.148.148 | ip | 2025-07-23 06:15:37 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | d9634e21-4615-4cec-9e5a-224c1314786f |
| 101.55.81.36 | ip | 2025-07-23 06:15:37 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 38a72605-3365-4c1d-b56e-e36adccb0809 |
| 185.177.72.106 | ip | 2025-07-23 06:15:37 | block | Critical malicious activity; 100% of requests flagged by WAF, aggressively targeting sensitive configuration and credential files like .env and aws/credentials. This IP is part of AS211590, which is already blocklisted for similar critical threats. | 1.0 | severity: Severity.critical | f81150e3-8ee8-4620-a29f-f63ac4453b9a |
| 185.177.72.104 | ip | 2025-07-23 06:15:37 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 7c563aea-ef13-4815-a487-03f7de5d16a2 |
| 178.33.134.25 | ip | 2025-07-23 06:15:37 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 2826cc63-915b-458c-9551-c20e1e85663d |
| 185.177.72.16 | ip | 2025-07-23 06:15:37 | block | Critical malicious activity; 100% of requests flagged by WAF, aggressively targeting sensitive configuration and credential files like .env and aws/credentials, coupled with LFI attempts. This IP is part of AS211590, which is already blocklisted for similar critical threats. | 1.0 | severity: Severity.critical | 7afd3967-0694-440d-a652-3866a7177534 |
| 185.177.72.144 | ip | 2025-07-23 06:15:37 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | a361901f-4306-4e5c-a6a7-8c6c7f4494d6 |
| 185.177.72.12 | ip | 2025-07-23 06:15:37 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 73c5e5b5-cba5-4546-bd16-a5426b222102 |
| 185.177.72.11 | ip | 2025-07-23 06:15:37 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 5396f0ec-610b-4e81-a9be-bd41ab7b9d30 |
| 185.177.72.3 | ip | 2025-07-23 06:15:37 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 2b13efb6-5b5d-4caf-bbab-34fa112e2c80 |
| 185.177.72.205 | ip | 2025-07-23 06:15:37 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | b6cc400b-fa42-42be-9dbf-84a85ef0e947 |
| 185.177.72.204 | ip | 2025-07-23 06:15:37 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 8ddbd26e-f8e6-4cca-82af-4390506dc8e6 |
| 185.177.72.2 | ip | 2025-07-23 06:15:37 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 06e0de95-4a38-4c29-8c70-7106d4286ef1 |
| 195.178.110.161 | ip | 2025-07-23 06:15:37 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | dc638b38-d9f3-4351-8639-97ac4b187168 |
| 194.50.16.252 | ip | 2025-07-23 06:15:37 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | dc0fed8d-f707-4e8f-a57c-63ee9971408d |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-23 06:15:37 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | 33da468b-bd34-4684-b107-781a12848680 |
| 20.171.207.158 | ip | 2025-07-23 06:15:37 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | c01f8658-342d-4a6a-a9d4-69ef9f3882ce |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-23 06:15:37 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | e446aa4d-0ae2-4014-9f33-4ece661ee920 |
| UNKNOWN | tls | 2025-07-23 06:15:37 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | 4a860539-d653-4f75-a907-34ff39832728 |