Table: Security_events
Displaying rows 96751 - 96800 of 120479 (Page 1936 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 195.178.110.161 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 80ffad10-8e57-4079-9e27-1ae26602f236 |
| 194.50.16.252 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | 557af853-5da9-404d-bc5a-d07de9e589e9 |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | 2d8eba1b-89c0-45eb-952a-0c5b9774cf77 |
| 20.171.207.158 | ip | 2025-07-22 15:35:56 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 31034d96-91cf-41ae-8025-19dc389720d0 |
| 205.169.39.130 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | adb8e27e-c993-4b31-b2d4-46b32b9378b5 |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 15:35:56 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | bdc47945-9a7f-46e2-8427-509d1477639b |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 15:35:56 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 3d40028b-69a0-46cb-824f-92b7a25527d6 |
| 216.126.227.20 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | e2feb294-8cf2-4573-a587-0a913d6dbcb6 |
| 205.169.39.4 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | fddb0640-ed69-4756-b4f5-a18fd787c83a |
| 3.92.177.104 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | e85bd0e7-74ea-4926-8b36-a40dba040d35 |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-22 15:35:56 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | c6a5dade-4767-4605-80e5-84e0f19a1575 |
| 34.116.246.85 | ip | 2025-07-22 15:35:56 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 374891de-9f67-43c8-a916-5a54d1dbecf8 |
| 34.116.172.61 | ip | 2025-07-22 15:35:56 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | e52be820-0b5f-4b8c-a9df-9d4ca9752d31 |
| 66.249.77.104 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | 7e5a67da-70d8-4d49-abbf-1b37262ece9c |
| 66.249.68.133 | ip | 2025-07-22 15:35:56 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 61fe1136-8dca-4dfe-bcf9-8d066ae4799a |
| 51.38.105.105 | ip | 2025-07-22 15:35:56 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 4189c27a-c979-4093-8b07-8fbd7fd6df4c |
| AS211590 | asn | 2025-07-22 15:35:56 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | b43ed57c-20a4-4955-a19d-afff39aac74d |
| AS16276 | asn | 2025-07-22 15:35:56 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 99839069-6d6b-4a68-9b2d-4f87e732aea6 |
| AS132203 | asn | 2025-07-22 15:35:56 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | 11c3108c-13c9-4c00-af0e-24b95a8d26de |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-22 15:35:56 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | ffb859cf-ea61-4a67-8201-6bc1be055bf3 |
| 3%7e2faa3a9db1c111de | tls | 2025-07-22 15:35:56 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | 41a884a5-dd6a-4cf3-bfee-7824e25979fb |
| 3%7ede29393936a8dc4153 | tls | 2025-07-22 15:35:56 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 69f490ad-836b-4273-8b53-7fef5539bb81 |
| 3%7ede293936a8dc4153 | tls | 2025-07-22 15:35:56 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 04483fef-bd57-4aeb-8591-af40cebd79b2 |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-22 15:35:56 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | 54b4f150-fa17-4af0-b761-9b1590cec295 |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-22 15:35:56 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | cb2eb93e-88f9-4477-b8c7-66dbacbd4423 |
| UNKNOWN | tls | 2025-07-22 15:35:56 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | 6ddf4984-2c55-4d1c-bd57-41e1dd66c88d |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-22 15:35:56 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | ae3e12e0-75ae-4fb0-b786-4ac5f564ba72 |
| 157.180.49.118 | ip | 2025-07-22 15:25:41 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 4ece0e98-014e-4175-8df3-991f6f71b50d |
| 123.6.49.50 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | dc00a339-a594-4a4f-8abc-db9d6fb34d5d |
| 103.207.148.148 | ip | 2025-07-22 15:25:41 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | dc3b5d76-2f66-4e91-961b-f1b2154ee210 |
| 101.55.81.36 | ip | 2025-07-22 15:25:41 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 86f0cf12-289c-487a-a4b3-352db1a5a001 |
| 185.177.72.104 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | fd46e4b9-3403-4522-b09b-5c30a232efc6 |
| 178.33.134.25 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 2c315c49-52d1-4264-93f4-3e81a5b93eaa |
| 185.177.72.144 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | f261b072-a425-4cfa-86a7-eaf7d9e9d46f |
| 185.177.72.12 | ip | 2025-07-22 15:25:41 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 9b9fcd12-c418-49da-9701-b8edc6094050 |
| 185.177.72.11 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 23d76f30-abb3-41c9-a0f4-4e39c1b602b4 |
| 185.177.72.3 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 77a90fec-0fb6-4239-9246-edc280df95b1 |
| 185.177.72.205 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | ec24c0e3-2481-4a1c-8db7-c4fc030e8b13 |
| 185.177.72.204 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | d62ebc90-7159-40a6-9d3a-bc6cb895d7f2 |
| 185.177.72.2 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 6512b8cb-3963-4dd2-a556-79af01cc69cd |
| 195.178.110.161 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | b6e68fd0-d2cb-481e-9c9c-85aeab2247b3 |
| 194.50.16.252 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | 0c9c39e3-101c-4a1e-b94b-6ba7cc18aacb |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | c4386070-29a3-402c-974f-93f8d573d380 |
| 20.171.207.158 | ip | 2025-07-22 15:25:41 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 2ab4724c-1cb4-4378-a21d-f37fcd36e0ec |
| 205.169.39.130 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | f61136b0-e808-4397-9c04-3b6e15ce9396 |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 15:25:41 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 203d6821-1d7a-45b3-b4d1-6859733afedc |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 15:25:41 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 14b3f28f-bfcf-4e38-8c1e-8d3250a44ef8 |
| 216.126.227.20 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | 7deb80ae-9d24-4c5d-a1cd-588ed2f0b5c7 |
| 205.169.39.4 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 5e565b10-2b33-40d4-a855-d89254b77482 |
| 3.92.177.104 | ip | 2025-07-22 15:25:41 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | b4492f95-ceef-4002-9011-760ed2ccb9c8 |