Table: Security_events
Displaying rows 96701 - 96750 of 120479 (Page 1935 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 157.180.49.118 | ip | 2025-07-22 15:40:51 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 27e95c3c-a72c-474c-9600-f5b3a19d1464 |
| 123.6.49.50 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | fb3cb1f7-ac2f-4a9a-a01b-698f43b6b940 |
| 103.207.148.148 | ip | 2025-07-22 15:40:51 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | 14cf0f1b-a77c-49a7-9bac-1c0886beaa09 |
| 101.55.81.36 | ip | 2025-07-22 15:40:51 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 0780ceda-7390-450a-8ba8-4b150aec092a |
| 185.177.72.104 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | ee5fa0cd-b256-41fd-af99-ba3c8f0469f7 |
| 178.33.134.25 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 3efa123c-a7ff-4fd9-9940-a8b56c7995f3 |
| 185.177.72.144 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 3cb865da-6846-4a25-827f-09e343cf19c1 |
| 185.177.72.12 | ip | 2025-07-22 15:40:51 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | ef48aa46-a2c5-4c69-8d25-5cb12d7df7f2 |
| 185.177.72.11 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 76352991-d6fa-440c-93a8-4dc43b70a9b6 |
| 185.177.72.3 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 565bbbfd-45a2-43ca-9b3c-3b461c49cc13 |
| 185.177.72.205 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | 5d8fff75-68a9-4f60-ae0a-dbfc614453a0 |
| 185.177.72.204 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 1213faf7-7b41-44ed-ba12-9788ddf70154 |
| 185.177.72.2 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 4260acbf-81e8-4f9b-8b67-dc6b28aea6d0 |
| 195.178.110.161 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 5cc3c2e6-8999-406d-a1e6-4748d27bf7aa |
| 194.50.16.252 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | 1c0e0b19-e1cd-432d-ae0c-35f5107a1167 |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | ec9c2013-b1f4-42ff-96a0-3f5cd5cdb29b |
| 20.171.207.158 | ip | 2025-07-22 15:40:51 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 568b7882-298f-4f47-94f9-a143356f4ee9 |
| 205.169.39.130 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 54ce9f12-3195-4851-97a2-d783637d5ec0 |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 15:40:51 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | b55ce74c-1267-4bd2-97dc-308f9c1d076a |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 15:40:51 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 9f91ad58-8d73-41b6-a1cd-56861e4f534f |
| 216.126.227.20 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | a31cd217-9666-4229-8781-372b385a84ac |
| 205.169.39.4 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | cfa3605a-9340-4dae-8889-bce9cd61422e |
| 3.92.177.104 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | b3ef08a6-282b-41aa-a70e-263f5f6b729f |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-22 15:40:51 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | f03171d4-7aa8-415b-b828-3f732b37cffc |
| 34.116.246.85 | ip | 2025-07-22 15:40:51 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | b0046568-7656-4fc1-9f17-5c80749a8f3a |
| 34.116.172.61 | ip | 2025-07-22 15:40:51 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | b71b89df-7567-4d63-bde2-2488325407ed |
| 66.249.77.104 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | f8639567-ab46-445c-be96-75574f120bdb |
| 66.249.68.133 | ip | 2025-07-22 15:40:51 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 79cffd48-9754-4a0c-8616-acb5893cc9fe |
| 51.38.105.105 | ip | 2025-07-22 15:40:51 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | a0fdef23-23a8-4077-9e94-03a154dbe549 |
| AS211590 | asn | 2025-07-22 15:40:51 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | 5a26139d-ef83-4e87-9d51-681db580ca1c |
| AS16276 | asn | 2025-07-22 15:40:51 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 2ff8cb64-4fa8-41c5-958b-9db33e29a143 |
| AS132203 | asn | 2025-07-22 15:40:51 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | 4433a044-0806-47f4-88fc-823c6e60bfac |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-22 15:40:51 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 03a8e041-33b6-4d99-a14b-8cfa98e5b514 |
| 3%7e2faa3a9db1c111de | tls | 2025-07-22 15:40:51 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | e1bfc7bb-e4ee-4d0a-8bfa-999cc37ea465 |
| 3%7ede293936a8dc4153 | tls | 2025-07-22 15:40:51 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | f46c82ba-9c2e-47c1-8b67-987c5b4c191f |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-22 15:40:51 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | d59dbddd-af90-4f7a-857c-d5dc988e8701 |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-22 15:40:51 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | 7481fbd8-5a1a-4176-9c1c-1ca90c2eb877 |
| 157.180.49.118 | ip | 2025-07-22 15:35:56 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 0129a23c-bf55-4366-9052-fdf978a5b7d1 |
| 123.6.49.50 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | 6f65f0de-6468-4b23-99fd-fa0a86a3710c |
| 103.207.148.148 | ip | 2025-07-22 15:35:56 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | 870270bd-5f1e-4594-8d9f-22430a16914c |
| 101.55.81.36 | ip | 2025-07-22 15:35:56 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 4eb4746f-64b6-4b05-9539-fb05247decdc |
| 185.177.72.104 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | adb86cf6-8c21-4d30-93ab-188931ea156c |
| 178.33.134.25 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | cb2f1447-5293-4cd9-9295-78bfd123dfcd |
| 185.177.72.144 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 105961fc-289c-47a6-83fe-2827bceaa090 |
| 185.177.72.12 | ip | 2025-07-22 15:35:56 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | cc3c8d01-8ef8-4f58-87d3-59fbbcdee866 |
| 185.177.72.11 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 5aeefdee-433e-4463-b04e-169b21e0810f |
| 185.177.72.3 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 6d2cb5a0-cb0e-4b56-bb7d-789c7b410b0d |
| 185.177.72.205 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | 8130bea5-70df-4aa7-ab82-5930bc2c63bc |
| 185.177.72.204 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 137c3f29-e2ab-4d5a-a326-9602853fadcc |
| 185.177.72.2 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 7e7208b8-b7e1-413e-8a9c-21e5609104c3 |