Table: Security_events
Displaying rows 97301 - 97350 of 120479 (Page 1947 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 101.55.81.36 | ip | 2025-07-22 13:20:31 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | ee366f5c-e34d-4236-a008-9fd0f1b1bdb2 |
| 185.177.72.104 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 63120bea-3258-41ca-95d4-eaeb604cd9fc |
| 178.33.134.25 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 81caae6b-504f-4fcf-a58e-0fb86ee0db1d |
| 185.177.72.144 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | b622687b-fd13-42eb-91a1-67b4138be473 |
| 185.177.72.12 | ip | 2025-07-22 13:20:31 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 7e6fef6c-4b2c-4924-8c6c-04dffbbcec4f |
| 185.177.72.11 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | d6674b97-7f63-40b2-9fa9-64e1391eeaaa |
| 185.177.72.3 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | e3411af5-ced8-4d8c-bb05-42f663392fea |
| 185.177.72.205 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | a365975f-63c2-437a-9941-f38696c1f096 |
| 185.177.72.204 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | d975a38e-a6f2-43a1-8c42-2d86d6bdfa75 |
| 185.177.72.2 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | ad087acd-b901-4cf1-bfa6-797653148dc0 |
| 195.178.110.161 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 81cab1a4-0064-49d2-ad09-9c4e113d6a0b |
| 194.50.16.252 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | 39de568b-622e-456b-a557-ee23fbca4738 |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | 2959cccc-4750-45ce-9f08-457475790934 |
| 20.171.207.158 | ip | 2025-07-22 13:20:31 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 34fdfb6a-aa42-475e-b918-b02d31c5fa56 |
| 205.169.39.130 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 3afdd07d-37be-4b60-a33f-60a1593820d4 |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 13:20:31 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 50c95e77-d6f6-446e-a2d8-5ccd34587b81 |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 13:20:31 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 69386dc9-5475-4c88-b4ad-0eb575f4e493 |
| 216.126.227.20 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | b93a8ca7-3af9-4783-bd45-4d7368268c35 |
| 205.169.39.4 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | c2a24266-aee4-47ff-a6ea-841698d8efed |
| 3.92.177.104 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | ac903339-5886-415c-bbf5-e57ca51f81ee |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-22 13:20:31 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 18467200-eb2f-4cbb-9160-ac0298f0d0d3 |
| 34.116.246.85 | ip | 2025-07-22 13:20:31 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 75d000cf-6faf-4f18-8af5-cfb00be45487 |
| 34.116.172.61 | ip | 2025-07-22 13:20:31 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 17552fb2-3d67-4018-b5eb-aecdc1c84f05 |
| 66.249.77.104 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | 72a935f5-792a-45e7-baae-45ef425ca1ed |
| 66.249.68.133 | ip | 2025-07-22 13:20:31 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | a70e1621-b425-478a-adae-aa24cc4700f7 |
| 51.38.105.105 | ip | 2025-07-22 13:20:31 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | d0a21567-0adb-428a-bb93-fb255f543132 |
| AS211590 | asn | 2025-07-22 13:20:31 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | fef40ff6-cc81-4024-bf24-e97a77b5647c |
| AS16276 | asn | 2025-07-22 13:20:31 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 69a55020-03f1-4058-9a74-5e77b0389781 |
| AS132203 | asn | 2025-07-22 13:20:31 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | 01d5e495-74f3-4dca-a62d-6f1a3113ceb2 |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-22 13:20:31 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | f83379a8-dcd2-491e-831d-4e62c9879714 |
| 3%7e2faa3a9db1c111de | tls | 2025-07-22 13:20:31 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | 020d1e0a-5e43-4760-80ae-cea4c51c94fc |
| 3%7ede29393936a8dc4153 | tls | 2025-07-22 13:20:31 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 3cc84713-df8a-439f-823f-fcd70cfb49c2 |
| 3%7ede293936a8dc4153 | tls | 2025-07-22 13:20:31 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 2e48ee0a-0196-483a-93b5-d19418193ec0 |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-22 13:20:31 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | 130ade18-ffb4-4ba6-a807-97b36700493f |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-22 13:20:31 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | d889b78a-85bb-4ba4-bcc6-6a6792a39836 |
| UNKNOWN | tls | 2025-07-22 13:20:31 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | 624239b0-0a19-4a2f-83e6-326ee05b1d0e |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-22 13:20:31 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 13bb47d1-2be4-4197-be77-d3b869612bc6 |
| 157.180.49.118 | ip | 2025-07-22 13:15:47 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | c9a5e468-384e-4d7c-bc26-7ed6813b9adf |
| 123.6.49.50 | ip | 2025-07-22 13:15:47 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | 2a7de1f7-7de8-4d78-8a42-2e265b70ecc4 |
| 103.207.148.148 | ip | 2025-07-22 13:15:47 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | ab3dabb9-0123-4f16-b4a9-39bbf978c984 |
| 101.55.81.36 | ip | 2025-07-22 13:15:47 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 2b3df8a8-1e60-4417-9b0c-c6d6d6a4c084 |
| 185.177.72.104 | ip | 2025-07-22 13:15:47 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 0cfa95ae-7f27-450a-aec5-68c4add39d22 |
| 178.33.134.25 | ip | 2025-07-22 13:15:47 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 38780bb6-721a-494e-98fb-bd868f2a387b |
| 185.177.72.144 | ip | 2025-07-22 13:15:47 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 1599df38-9180-4d6c-950b-3458b7ef6113 |
| 185.177.72.12 | ip | 2025-07-22 13:15:47 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 19eacfa8-4932-4f73-a704-4c691db17e89 |
| 185.177.72.11 | ip | 2025-07-22 13:15:47 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | a5699401-c01d-4b27-b7a1-31dd3be1eee5 |
| 185.177.72.3 | ip | 2025-07-22 13:15:47 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | fea8097c-b3fd-4e98-910c-dfdc7698ebfc |
| 185.177.72.205 | ip | 2025-07-22 13:15:47 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | abd8ea7c-5d4a-451e-ac9c-d8b58788c512 |
| 185.177.72.204 | ip | 2025-07-22 13:15:47 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 42e5ae86-ea7f-4389-b627-439252725f84 |
| 185.177.72.2 | ip | 2025-07-22 13:15:47 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | a9a80b89-851f-4810-bfe5-0878b3e19313 |