Table: Security_events
Displaying rows 96451 - 96500 of 120479 (Page 1930 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 3%7ee35ec11fcbea7346 | tls | 2025-07-23 06:15:37 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | e4fa624b-93c3-4081-9f88-c3ad5d60347a |
| 157.180.49.118 | ip | 2025-07-23 05:58:52 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | c76dc1b4-463f-436b-a685-5d91f3c2cb18 |
| 123.6.49.50 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | 7cb4a541-036e-4a45-8f00-0b70bbfab132 |
| 103.207.148.148 | ip | 2025-07-23 05:58:52 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | d0b20147-ab27-4a61-a633-c494fccf5833 |
| 101.55.81.36 | ip | 2025-07-23 05:58:52 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | cfb61000-1e4e-4347-9ee2-df042be9277e |
| 185.177.72.106 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; 100% of requests flagged by WAF, aggressively targeting sensitive configuration and credential files like .env and aws/credentials. This IP is part of AS211590, which is already blocklisted for similar critical threats. | 1.0 | severity: Severity.critical | 3732d055-8288-4b19-a95f-209df60923aa |
| 185.177.72.104 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | fa09b37f-3ce1-44eb-8445-c1017044b341 |
| 178.33.134.25 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | b08ab0e6-9410-4ac1-8d46-16554d869645 |
| 185.177.72.16 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; 100% of requests flagged by WAF, aggressively targeting sensitive configuration and credential files like .env and aws/credentials, coupled with LFI attempts. This IP is part of AS211590, which is already blocklisted for similar critical threats. | 1.0 | severity: Severity.critical | e2f3b9f4-8fcb-4c47-9245-eb03dfc79b76 |
| 185.177.72.144 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 582b1db2-0788-41b1-84ae-0e1ad0012245 |
| 185.177.72.12 | ip | 2025-07-23 05:58:52 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 80077a19-7ac9-4e97-8cee-7036a99ebfa5 |
| 185.177.72.11 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 87505682-e64c-40d8-8bc2-121efb0d5a36 |
| 185.177.72.3 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 8157b5c5-3f7a-40c4-9685-fbb52e8071d5 |
| 185.177.72.205 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | 557c2171-7dad-49f3-80cf-d9a2e29febef |
| 185.177.72.204 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 75074c96-c825-4c61-a018-a1e5b2b456ed |
| 185.177.72.2 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | b3023e0f-a041-4d11-81b4-0cf598a03776 |
| 195.178.110.161 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 8d6f162e-34b9-4f54-8d88-31fd9409647d |
| 194.50.16.252 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | 07c71bb2-eeaa-4d0a-8ce7-1e3d9a7a4a0a |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | 3cdd28fe-90a1-41d8-8e44-5594b1d64e40 |
| 20.171.207.158 | ip | 2025-07-23 05:58:52 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 8b84fccc-b27d-49d9-9091-2120d6b4e1da |
| 205.169.39.130 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 20248cf8-4396-40b5-ad4e-30d643047c21 |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-23 05:58:52 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 5e56801d-9431-48b3-9220-44dc02fab7f1 |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-23 05:58:52 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | d56b9612-f8b2-46eb-b85e-15f2937f79ab |
| 216.126.227.20 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | eb5b36ad-67bf-43a1-bdb9-2bd045db2708 |
| 205.169.39.4 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 706a974b-6b84-468b-97e8-2a1d43dfb73a |
| 3.92.177.104 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | 00bd8479-6a8f-413b-93f0-867dd4ebe936 |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-23 05:58:52 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 660f2f5f-6093-427a-84ec-25e988dc2e92 |
| 34.116.246.85 | ip | 2025-07-23 05:58:52 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | da253fa5-d89d-406f-8dda-408e27a04f60 |
| 34.116.172.61 | ip | 2025-07-23 05:58:52 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 4bf4dce8-ecf2-476e-94ac-f9546ba8d65e |
| 66.249.77.104 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | 0b8f3b54-4f6b-4347-8791-7c47c1bf81f4 |
| 66.249.68.133 | ip | 2025-07-23 05:58:52 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 373042f7-c221-43ef-a74a-f3e078459cb7 |
| 51.38.105.105 | ip | 2025-07-23 05:58:52 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | eb340618-cf94-484e-a664-a2c8983d705e |
| AS211590 | asn | 2025-07-23 05:58:52 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | 337e0964-80d7-4ad6-b2e7-abbe482e4173 |
| AS16276 | asn | 2025-07-23 05:58:52 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 0a4b8fd0-5546-4af8-9771-925170657ce4 |
| AS132203 | asn | 2025-07-23 05:58:52 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | 5c993291-ffa2-415d-8790-226dbf5af351 |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-23 05:58:52 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 3c9700b9-63bc-4e39-bef0-e6679bcdbcf7 |
| 3%7e2faa3a9db1c111de | tls | 2025-07-23 05:58:52 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | 5d47f424-6acc-4a07-a5e6-0507b1682f83 |
| 3%7ede29393936a8dc4153 | tls | 2025-07-23 05:58:52 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 22689bc5-1a6f-4d84-9524-1db958ee81db |
| 3%7ede293936a8dc4153 | tls | 2025-07-23 05:58:52 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 447d907e-7f46-4416-896e-da36c700dc43 |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-23 05:58:52 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | 776c951d-1d45-4a1f-a91a-50ddf023435c |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-23 05:58:52 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | 2532ed91-8cd3-4d6d-9eb5-80cbeaa4d36c |
| UNKNOWN | tls | 2025-07-23 05:58:52 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | e3ede816-56ed-4aff-bd20-be1d5a3546b4 |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-23 05:58:52 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 8c51247e-4ace-4f32-9b34-8c5bfa0ed2b8 |
| 185.177.72.16 | ip | 2025-07-23 03:39:45 | block | Critical malicious activity; 100% of requests flagged by WAF, aggressively targeting sensitive configuration and credential files like .env and aws/credentials, coupled with LFI attempts. This IP is part of AS211590, which is already blocklisted for similar critical threats. | 1.0 | severity: Severity.critical | e29e846c-9b16-4194-8b08-889eaa85f71b |
| 157.180.49.118 | ip | 2025-07-23 02:50:12 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | b6a146e0-0715-4dc2-bb13-5087b5a0fe1f |
| 123.6.49.50 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | d24f657a-34b6-462d-b024-e0382a42f6d8 |
| 103.207.148.148 | ip | 2025-07-23 02:50:12 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | ae365abc-5c84-48f0-a7d1-f13208763838 |
| 101.55.81.36 | ip | 2025-07-23 02:50:12 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 68f44ce6-4f58-40a2-ab39-1b26db62bd60 |
| 185.177.72.106 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; 100% of requests flagged by WAF, aggressively targeting sensitive configuration and credential files like .env and aws/credentials. This IP is part of AS211590, which is already blocklisted for similar critical threats. | 1.0 | severity: Severity.critical | ece7b827-8023-439c-83d4-44753b5e3c80 |
| 185.177.72.104 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 10d38af4-a8fb-4f54-a3e2-5a1f6b18d8b3 |