Table: Security_events
Displaying rows 96551 - 96600 of 120479 (Page 1932 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 194.50.16.252 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | 794ba3ea-1486-4098-ab90-d63267b78db0 |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | 61f5cf2c-44a3-426f-a554-a0d800af71eb |
| 20.171.207.158 | ip | 2025-07-22 21:07:46 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 723959f4-0acd-4549-8e93-69c266e1b4a9 |
| 205.169.39.130 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | bb51cf15-ffbe-4a51-8b2c-2c8898dcf6bb |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 21:07:46 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | c142ad7b-a435-4add-b774-ef42c8b02bbc |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 21:07:46 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | e4b1fced-348e-41b0-afa3-5c103d42ce8d |
| 216.126.227.20 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | 7051fb18-3710-4cbb-8462-4f0a4636c292 |
| 205.169.39.4 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | d0559f6c-3718-466b-be70-73e9a89307a7 |
| 3.92.177.104 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | 50f34754-b233-4679-9003-e3a4ce1dedd9 |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-22 21:07:46 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 21dc1341-3267-4d16-82c8-a467b0ca47cd |
| 34.116.246.85 | ip | 2025-07-22 21:07:46 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 9bcc5d4f-d7b4-4877-a5fc-e9a4c9c95174 |
| 34.116.172.61 | ip | 2025-07-22 21:07:46 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 2efb8341-ad37-4917-86a5-ed520559de87 |
| 66.249.77.104 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | cad06050-2da8-4ce0-beaf-3e75a75b9491 |
| 66.249.68.133 | ip | 2025-07-22 21:07:46 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 318b650b-2af7-4aa8-9524-8336678aa16d |
| 51.38.105.105 | ip | 2025-07-22 21:07:46 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | c6af4cad-e6c2-4aa7-a8ba-b113ddeb9391 |
| AS211590 | asn | 2025-07-22 21:07:46 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | 76b638fc-b06d-4ebd-8f28-64dd4b3cb036 |
| AS16276 | asn | 2025-07-22 21:07:46 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 26512d8d-ae78-4747-a762-17fbf3b840fc |
| AS132203 | asn | 2025-07-22 21:07:46 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | ffccd0cf-0431-43da-87ea-e9cea92ab01f |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-22 21:07:46 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 96187478-3761-4fe5-b1dd-0431bab29bca |
| 3%7e2faa3a9db1c111de | tls | 2025-07-22 21:07:46 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | ee9a103e-79e7-47ba-9764-34e45a7b5dfc |
| 3%7ede29393936a8dc4153 | tls | 2025-07-22 21:07:46 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | df7dab8b-34f9-4594-90c5-7435eb5cc55d |
| 3%7ede293936a8dc4153 | tls | 2025-07-22 21:07:46 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 3a0d23db-bdff-48bd-b0f1-15cbd91bed53 |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-22 21:07:46 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | 59873b2f-2b95-43ed-9766-888bda39d4ad |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-22 21:07:46 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | 0d7fe2d8-8ef1-4d6a-8c73-09a2d98278a7 |
| UNKNOWN | tls | 2025-07-22 21:07:46 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | 5ead08b7-e36f-416a-9f6a-f5db49015115 |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-22 21:07:46 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | bd82a3d7-ecc0-4cee-8806-f7db84b390c9 |
| 185.177.72.106 | ip | 2025-07-22 18:30:39 | block | Critical malicious activity; 100% of requests flagged by WAF, aggressively targeting sensitive configuration and credential files like .env and aws/credentials. This IP is part of AS211590, which is already blocklisted for similar critical threats. | 1.0 | severity: Severity.critical | a3ee2423-d2af-407a-9ab0-1d8b57351eeb |
| 157.180.49.118 | ip | 2025-07-22 18:14:16 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 57115550-2dc1-419b-9cae-e329f66ec2f3 |
| 123.6.49.50 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | 43e23f10-fbc1-4aca-ba21-7c1bb8df9158 |
| 103.207.148.148 | ip | 2025-07-22 18:14:16 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | 5b943a69-b85f-49bf-9b49-1c47a7e4e95a |
| 101.55.81.36 | ip | 2025-07-22 18:14:16 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 32a1e377-393e-43f4-b80c-1fd4f66b9db6 |
| 185.177.72.104 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 2230b513-3452-445c-88f9-c2ce9c3b1d46 |
| 178.33.134.25 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 84439a00-2ca6-40e1-bb46-e931c451a87e |
| 185.177.72.144 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | f7b06fba-629a-4413-8070-e8990f0d1322 |
| 185.177.72.12 | ip | 2025-07-22 18:14:16 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 5018ce91-4ed9-4ac8-875c-24c236dbb70a |
| 185.177.72.11 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 54f6e73d-ee16-4ec3-8a68-594c8daa321f |
| 185.177.72.3 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 193595f5-7dbc-4d28-b2ee-521fa9ff70f6 |
| 185.177.72.205 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | 1e6f9adb-d9d5-48d5-9644-c3a5523c69f5 |
| 185.177.72.204 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 01083103-46f5-4dee-8d35-c238a2b78572 |
| 185.177.72.2 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 8f54c1b9-7087-4acc-b9d7-fbbc37e7e1cf |
| 195.178.110.161 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 90ae51a1-aa6d-428c-b5ae-e45d0d6b4c9a |
| 194.50.16.252 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | 368d42a7-f70e-41d3-a43f-c5e2c3a710c6 |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | d0242582-81dc-4e96-89b1-63311a51688e |
| 20.171.207.158 | ip | 2025-07-22 18:14:16 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 13c00fb9-8cd8-4b6b-aaa3-41f0aa18660d |
| 205.169.39.130 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 6c6f217e-96fe-490b-b7b9-158124ede29e |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 18:14:16 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 1062a50f-a39b-487d-8482-134119bcebdc |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 18:14:16 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 4c2fc520-601b-4411-a10b-a4ad44714c89 |
| 216.126.227.20 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | 4d03d024-48f9-4d77-b253-079b24a676ad |
| 205.169.39.4 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | e6b46519-c2af-4981-a4db-f7d835b43f6b |
| 3.92.177.104 | ip | 2025-07-22 18:14:16 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | 22381fe0-4f6e-4068-bc79-49c93ea91ec6 |