Table: Security_events
Displaying rows 97251 - 97300 of 120479 (Page 1946 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 3%7ede293936a8dc4153 | tls | 2025-07-22 13:30:33 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | e4a238a6-0be8-4474-9cb8-a11f3b73e642 |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-22 13:30:33 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | 1d956990-aa32-4a79-8a96-42faca314c66 |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-22 13:30:33 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | 38466cc8-29e6-4038-b51d-3a31594eff74 |
| UNKNOWN | tls | 2025-07-22 13:30:33 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | c146431e-9e17-4b08-91c2-ffc728a758e7 |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-22 13:30:33 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | c1fc1089-6dba-4497-b0c5-d4d2506dfd6c |
| 103.207.148.148 | ip | 2025-07-22 13:30:32 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | c071a4ea-0104-45f8-815e-8aec909e800a |
| 101.55.81.36 | ip | 2025-07-22 13:30:32 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 1564a1a8-412e-4f3c-a86b-384d703e4818 |
| 157.180.49.118 | ip | 2025-07-22 13:25:36 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 3fd31f70-bec3-40c4-80a8-8d06b31475e9 |
| 123.6.49.50 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | 7da5845d-537e-4d05-9a7c-7b741084d096 |
| 103.207.148.148 | ip | 2025-07-22 13:25:36 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | 4538ce6b-ae0d-421f-87f4-468be5f961a5 |
| 101.55.81.36 | ip | 2025-07-22 13:25:36 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | d772028b-bf72-4ca7-a476-2553a0c0ee8f |
| 185.177.72.104 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 7707223f-3a4e-4e45-b9cd-7eb132fed4d8 |
| 178.33.134.25 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 831c8273-027b-4298-975d-9c5591d4db0f |
| 185.177.72.144 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 2fedfe70-0416-43d7-94ba-4a019302e3e8 |
| 185.177.72.12 | ip | 2025-07-22 13:25:36 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | f2c51eac-a53c-49dd-bfc1-04ab66facd5a |
| 185.177.72.11 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 38b72983-b368-43a1-aa7a-8177663e7575 |
| 185.177.72.3 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | ee401d48-0836-40fb-9db5-0ccb6f537994 |
| 185.177.72.205 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | f9f46f48-aed8-45a6-a40b-1eff2f36dc7b |
| 185.177.72.204 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 0f9e3eeb-28c1-4c88-870c-637012edab92 |
| 185.177.72.2 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | d9bfa85b-aea7-4d3b-99d8-94a28139f3ae |
| 195.178.110.161 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 5bb1002a-123b-4f65-90f4-bbb21e64d5e1 |
| 194.50.16.252 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | 0a69c552-14ed-4a34-8aff-229e6a119dd7 |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | e96f219c-8b9a-419d-9f7b-0e186f40d2cd |
| 20.171.207.158 | ip | 2025-07-22 13:25:36 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | be4ef492-6b80-4865-ab4e-cb0a479858cc |
| 205.169.39.130 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | ed4a65e2-c020-4768-aa5d-bbee5f933f22 |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 13:25:36 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 63a23376-74b0-47fe-b5cd-f1666f29dde6 |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 13:25:36 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 7bdb7fa9-5047-4acf-b846-ef31fd5dcb25 |
| 216.126.227.20 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | 2adf3df2-7cda-41b8-ab4a-864d8b691358 |
| 205.169.39.4 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | df7abed6-ceba-4953-aeda-911d5ef876af |
| 3.92.177.104 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | b836557a-d0ad-4912-ad9e-8186dac265cb |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-22 13:25:36 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 76bc17f5-1f8a-4e9d-b9ae-7cd6e86c0397 |
| 34.116.246.85 | ip | 2025-07-22 13:25:36 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | b29cc8b4-c0bc-4098-9de3-5a03366ae5a7 |
| 34.116.172.61 | ip | 2025-07-22 13:25:36 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 4ecb93f7-f123-460e-b961-383129d3de88 |
| 66.249.77.104 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | 2b9cf466-bc7f-4434-9099-ccb254c59df9 |
| 66.249.68.133 | ip | 2025-07-22 13:25:36 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 8157cdda-4951-4bd5-80f7-aa11f0558a63 |
| 51.38.105.105 | ip | 2025-07-22 13:25:36 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 6200a8be-25ea-4f3c-90ae-681f0913d118 |
| AS211590 | asn | 2025-07-22 13:25:36 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | bcc07e8f-a035-497e-986e-364dd18dbe50 |
| AS16276 | asn | 2025-07-22 13:25:36 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 260d6d45-0827-41cc-9050-02a474ebff93 |
| AS132203 | asn | 2025-07-22 13:25:36 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | 70d0e716-08cd-4749-8c10-7d868841d56b |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-22 13:25:36 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 67a06d7e-c1b9-48f1-a053-fe71b25e1547 |
| 3%7e2faa3a9db1c111de | tls | 2025-07-22 13:25:36 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | 821c64cd-6d2d-442f-a5c3-e20e6b6a91a2 |
| 3%7ede29393936a8dc4153 | tls | 2025-07-22 13:25:36 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | d756abdd-9010-45ad-81ea-7e65fe795fad |
| 3%7ede293936a8dc4153 | tls | 2025-07-22 13:25:36 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | ec3b0afe-66f1-4488-84df-3021f94e1b82 |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-22 13:25:36 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | cdb8d97c-ee77-4016-ae13-e3fda16bf3d9 |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-22 13:25:36 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | 47cf9f8b-15ed-4778-ba25-d40dce613d12 |
| UNKNOWN | tls | 2025-07-22 13:25:36 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | b4e3f774-a26b-4c1f-98ba-dfd70a04298e |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-22 13:25:36 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 465b6685-7a7f-43b0-94c2-d73bb3971ce4 |
| 157.180.49.118 | ip | 2025-07-22 13:20:31 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | f735bcaf-dba0-4660-a8c5-09339792045b |
| 123.6.49.50 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | 35e0fbb2-164d-4db6-9867-41aab9f08f32 |
| 103.207.148.148 | ip | 2025-07-22 13:20:31 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | da9970d3-740e-4bb9-9fe1-e50b23a9c3b9 |