Table: Security_events
Displaying rows 96501 - 96550 of 120479 (Page 1931 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 178.33.134.25 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 002c4cc3-c680-4055-88b1-3ab948655760 |
| 185.177.72.144 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 7d5017e7-66a7-4225-8a39-179cd8ec4160 |
| 185.177.72.12 | ip | 2025-07-23 02:50:12 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | ce9bef69-39dc-4674-9fad-1182aa2b706f |
| 185.177.72.11 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | dcfda66c-9ac9-4222-838d-a8657e1fef49 |
| 185.177.72.3 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 89d56649-e390-4def-bf33-e4168156ff8e |
| 185.177.72.205 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | 411f58d1-21f2-4562-969b-53ff03292afa |
| 185.177.72.204 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 413e43da-a3ed-487d-82d9-8ec4392b5bc6 |
| 185.177.72.2 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 6da933c5-8d00-431d-8565-3138fb35ccc8 |
| 195.178.110.161 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | c5422d20-e02c-434c-9a70-fdd99b34c963 |
| 194.50.16.252 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | fbf8bfd1-59f4-44df-86a9-c8461e221997 |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | d58e3059-09d9-40a3-9ee0-dfb01e2194f8 |
| 20.171.207.158 | ip | 2025-07-23 02:50:12 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 8ce5c049-c497-4e3e-89cb-979530beab55 |
| 205.169.39.130 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 639941e7-5cc2-48ba-8477-602ebd2de3dd |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-23 02:50:12 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | a3e62d98-e5f9-4f35-beec-eb4626abee2f |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-23 02:50:12 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | e2b51ba1-6a6c-4a89-8bdd-9849594c7c5d |
| 216.126.227.20 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | 0a2d2635-e4db-4239-83b9-8cd40131c9b9 |
| 205.169.39.4 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | b896656b-ed3a-4cd5-a378-9ce1dab18318 |
| 3.92.177.104 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | 85b400b1-a24b-4699-8fb2-78a7c3f82807 |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-23 02:50:12 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 2ddb2d3d-4125-4723-87ec-337803c07a01 |
| 34.116.246.85 | ip | 2025-07-23 02:50:12 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | a2fc1a1f-ee22-4bb3-9b4f-4441b9cd6a4d |
| 34.116.172.61 | ip | 2025-07-23 02:50:12 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | d202f1cf-1036-430c-8597-087a5f882423 |
| 66.249.77.104 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | 9312a5a8-6f3d-467f-851c-01d341915c7a |
| 66.249.68.133 | ip | 2025-07-23 02:50:12 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 402ed3b6-19b8-4864-8e5e-a3b246de8a1b |
| 51.38.105.105 | ip | 2025-07-23 02:50:12 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 2caf98ab-ea4c-4740-88e0-9c766d254e8a |
| AS211590 | asn | 2025-07-23 02:50:12 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | ce3322cb-5cc8-4009-b5c3-c2395b22c6cc |
| AS16276 | asn | 2025-07-23 02:50:12 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 9e529d5e-01db-4e2a-ab68-ce9b299de52b |
| AS132203 | asn | 2025-07-23 02:50:12 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | d761a7ee-4abb-4552-bb31-d1a1497611d6 |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-23 02:50:12 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | da4d3bc8-5781-4090-9666-0ce4e2e7c49e |
| 3%7e2faa3a9db1c111de | tls | 2025-07-23 02:50:12 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | dae86347-29cd-4fab-86af-2ec04541ec01 |
| 3%7ede29393936a8dc4153 | tls | 2025-07-23 02:50:12 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 86a6224f-4c22-484e-8d1f-1b5e86b38c0b |
| 3%7ede293936a8dc4153 | tls | 2025-07-23 02:50:12 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 8429e3a0-9509-4f43-9432-6b7da0e5e014 |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-23 02:50:12 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | 3d640beb-636b-4fa4-8980-71ac126c05ac |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-23 02:50:12 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | 9dbed19e-cffe-4ab0-adf6-7ad670f7ca69 |
| UNKNOWN | tls | 2025-07-23 02:50:12 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | 02f7bcea-ea42-4b98-b1df-224a43fdd539 |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-23 02:50:12 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 3dfc1db7-ebb0-42e1-a76b-a39099c98fec |
| 157.180.49.118 | ip | 2025-07-22 21:07:46 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 0804b666-56bf-4b8f-9646-fa27e621e114 |
| 123.6.49.50 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | 46b38344-003b-4489-9042-6269ab7646ba |
| 103.207.148.148 | ip | 2025-07-22 21:07:46 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | 098aec80-b789-44e3-82b6-b9b2ff13868a |
| 101.55.81.36 | ip | 2025-07-22 21:07:46 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | c330f7c8-addd-41f9-bf34-9cf5d078db16 |
| 185.177.72.106 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; 100% of requests flagged by WAF, aggressively targeting sensitive configuration and credential files like .env and aws/credentials. This IP is part of AS211590, which is already blocklisted for similar critical threats. | 1.0 | severity: Severity.critical | 8b243ce3-f704-4b16-a837-544821a709de |
| 185.177.72.104 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 84e08303-9ce6-412c-8b28-ec9e71bc9c1b |
| 178.33.134.25 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 0745da7b-1f70-4f51-861b-eb408ef6f4fe |
| 185.177.72.144 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 3273ed1b-a037-4d0c-98c4-e1f9479ad9d5 |
| 185.177.72.12 | ip | 2025-07-22 21:07:46 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 21894dac-6fcd-466b-aa52-e61a3787d69c |
| 185.177.72.11 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 05b22409-b96f-49a0-8cad-40a7aab7ecb1 |
| 185.177.72.3 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 90693670-841a-471f-bfe6-ade084736381 |
| 185.177.72.205 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | 76414f17-caeb-4359-a896-77a7b91429dc |
| 185.177.72.204 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 3b0b4148-9551-47b4-ae27-08dc7d8f1385 |
| 185.177.72.2 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 292c6496-4fa2-4f89-b300-0f1479a9da74 |
| 195.178.110.161 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 443601b2-1e4a-422e-9152-df0b809409ef |