Table: Security_events
Displaying rows 96901 - 96950 of 120479 (Page 1939 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 101.55.81.36 | ip | 2025-07-22 15:00:34 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 2dc8d96a-9978-4ba2-a297-24fc068494a1 |
| 185.177.72.104 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 76f76f9c-eb2e-4794-a78b-b1d88c921695 |
| 178.33.134.25 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 39218e86-22c3-4563-a609-783eb2c3ee06 |
| 185.177.72.144 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 9f4e6800-e0f6-4ae7-92a5-0bad47b71929 |
| 185.177.72.12 | ip | 2025-07-22 15:00:34 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | bb3f0f2e-454e-41fb-aee3-daacf772f8f6 |
| 185.177.72.11 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 9473773a-43f5-4cfe-9eb0-7da2be02a44f |
| 185.177.72.3 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 5e426046-5d57-4a6f-8ded-e7a820e3c858 |
| 185.177.72.205 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | fada09cd-a553-42c1-b4d8-f5190854df50 |
| 185.177.72.204 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 95fd4a7e-6294-4fd9-b5c6-1d7c73607068 |
| 185.177.72.2 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | d3344b55-0057-47b6-97d8-029697a341e2 |
| 195.178.110.161 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | c49e2137-2b69-41d7-b57f-27cac808872e |
| 194.50.16.252 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | fa99900c-0d78-4042-8cef-8975688486bd |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | 12dcc763-2e42-4079-b7c2-941577d734a8 |
| 20.171.207.158 | ip | 2025-07-22 15:00:34 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | f6a41222-b08e-460e-848d-5c084514ecad |
| 205.169.39.130 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 6ddeb6e2-794f-4203-8794-311e6a426edf |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 15:00:34 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 60aa1c73-b809-4614-b69c-59c096816da3 |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 15:00:34 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 221f7ea0-24c9-4cc5-8872-a54223afd40a |
| 216.126.227.20 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | 4c992a01-1ee4-4ad8-acb0-eb88e14edeb9 |
| 205.169.39.4 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 3ef088e6-9267-4118-95c5-4bacc8a9194b |
| 3.92.177.104 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | f9ab4f23-12c3-4c5f-907b-0f9a4a4597d6 |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-22 15:00:34 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 8f382227-6662-4823-9f07-eb69e6067010 |
| 34.116.246.85 | ip | 2025-07-22 15:00:34 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 874cd00e-418a-4ec1-8948-bcd8dbfad8c7 |
| 34.116.172.61 | ip | 2025-07-22 15:00:34 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | c92dff8f-89d1-486e-8a77-250f532e9fad |
| 66.249.77.104 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | be1ea5ea-61f7-4493-af0e-c27f1fcae06b |
| 66.249.68.133 | ip | 2025-07-22 15:00:34 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 8bf9a201-e345-4568-b1cd-807ea263fde2 |
| 51.38.105.105 | ip | 2025-07-22 15:00:34 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | f98a2e39-81e0-426b-a0ad-ba9184e466a8 |
| AS211590 | asn | 2025-07-22 15:00:34 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | 1aa78384-ec0a-4c2a-bd08-ddd334c6db05 |
| AS16276 | asn | 2025-07-22 15:00:34 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 4988cea0-30bb-4719-b3b3-e8279eaaaae6 |
| AS132203 | asn | 2025-07-22 15:00:34 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | f1bec366-5615-4fdf-89d0-d18ac33a12d2 |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-22 15:00:34 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 6477aa66-9be2-49d3-8591-94aa3194f99e |
| 3%7e2faa3a9db1c111de | tls | 2025-07-22 15:00:34 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | 67d0c7ba-2e8a-4972-bb73-53af39e506ba |
| 3%7ede29393936a8dc4153 | tls | 2025-07-22 15:00:34 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 12cd926f-9422-416c-b940-6906bf2779fe |
| 3%7ede293936a8dc4153 | tls | 2025-07-22 15:00:34 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | deb71e76-47f2-48e5-af47-6e6e0e4117cc |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-22 15:00:34 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | 9c36f8d3-b99a-4c5b-b380-e8d1056a526d |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-22 15:00:34 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | 3133fa57-17a8-47f1-9f92-bf9b08ec7164 |
| UNKNOWN | tls | 2025-07-22 15:00:34 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | a52165c6-8123-4532-9c3c-e06c0809ae5f |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-22 15:00:34 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 376a27ef-699d-4e77-a94f-8e3614b8ed74 |
| 157.180.49.118 | ip | 2025-07-22 14:55:39 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 801b702a-8371-491b-b3b9-aa9b404c6a42 |
| 185.177.72.104 | ip | 2025-07-22 14:55:39 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | a9e5459a-b641-4acd-b6c4-f2c92be5223e |
| 178.33.134.25 | ip | 2025-07-22 14:55:39 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | a0f809fb-0f11-463b-91e8-a002d00928b8 |
| 185.177.72.144 | ip | 2025-07-22 14:55:39 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | cd602aba-39b3-4d26-82eb-867e83c4ba21 |
| 185.177.72.12 | ip | 2025-07-22 14:55:39 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | f55a5f1c-ccaf-4167-8bdd-e96dadcced02 |
| 185.177.72.11 | ip | 2025-07-22 14:55:39 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 9a3229fc-a4a9-42f5-99b6-91cef9ca0008 |
| 185.177.72.3 | ip | 2025-07-22 14:55:39 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | facf2a8a-0491-4da9-acad-3ab32d3fca32 |
| 185.177.72.205 | ip | 2025-07-22 14:55:39 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | d897bc97-9cb0-4b77-b624-6b25cc6f05af |
| 185.177.72.204 | ip | 2025-07-22 14:55:39 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 13183979-0e68-4cf6-8772-0bb580668f93 |
| 185.177.72.2 | ip | 2025-07-22 14:55:39 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 9c485774-d8ca-449f-9409-49a0bb6b3f0d |
| 195.178.110.161 | ip | 2025-07-22 14:55:39 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | c7021b2f-12b7-4a87-a511-4c4f56a04c7e |
| 194.50.16.252 | ip | 2025-07-22 14:55:39 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | d3ef995a-387c-4640-8156-e5ea41924d09 |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 14:55:39 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | 65a1dced-b2a0-4176-a584-dd98b0b5cc63 |