Table: Security_events
Displaying rows 97401 - 97450 of 120479 (Page 1949 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 185.177.72.11 | ip | 2025-07-22 13:10:30 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 0dea22c3-2495-429f-a2e1-ee3a34e8f14f |
| 185.177.72.3 | ip | 2025-07-22 13:10:30 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | d1377e8b-4b82-4c19-bfa9-fdc4eda38177 |
| 185.177.72.205 | ip | 2025-07-22 13:10:30 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | 5c6f52bc-f38b-4b52-ba92-4897c975d2fc |
| 185.177.72.204 | ip | 2025-07-22 13:10:30 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 601229d6-952e-46d0-87f2-3e260fe4d75d |
| 185.177.72.2 | ip | 2025-07-22 13:10:30 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 7789ea74-408c-42fa-a72c-e2352043d8e9 |
| 195.178.110.161 | ip | 2025-07-22 13:10:30 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | b1964766-f2bb-4ada-93c3-0fd6fbda8b14 |
| 194.50.16.252 | ip | 2025-07-22 13:10:30 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | 753d4c9f-6a2c-4b5c-ae14-093854ba8c77 |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 13:10:30 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | 9f2644f6-913b-44a7-b386-45ad4f9b97df |
| 20.171.207.158 | ip | 2025-07-22 13:10:30 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | d0464cdd-5f1e-41e5-8ca3-17a365555030 |
| 205.169.39.130 | ip | 2025-07-22 13:10:30 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | ad30e35f-9328-479b-abfe-9f9b765a8d25 |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 13:10:30 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 79177e15-726a-447c-869c-b23f770aeeed |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 13:10:30 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 1da1a5fc-f398-4b74-8419-bf0319d9565f |
| 216.126.227.20 | ip | 2025-07-22 13:10:30 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | 7c2bc077-6eaf-4053-9d81-a04e4f9c79f1 |
| 205.169.39.4 | ip | 2025-07-22 13:10:30 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 3ca7d030-778e-43d7-bf30-14bb7c42ad1a |
| 3.92.177.104 | ip | 2025-07-22 13:10:30 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | 07492561-c963-4dfa-8385-41f857cb89f7 |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-22 13:10:30 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 80a22b43-1286-467e-9a4f-5bd80f7c45d0 |
| 34.116.172.61 | ip | 2025-07-22 13:10:30 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 3f968182-2dc5-4240-a830-0c65be2337a5 |
| 157.180.49.118 | ip | 2025-07-22 13:05:34 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | fe539c3e-0277-4455-ac4c-96f7130b9390 |
| 123.6.49.50 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | 7de36db9-d549-48af-b8e5-bc8dad29b880 |
| 103.207.148.148 | ip | 2025-07-22 13:05:34 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | debf32bb-d44f-45b6-8dcb-9d2172aca118 |
| 101.55.81.36 | ip | 2025-07-22 13:05:34 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | b0c8c3fe-ee9d-4b33-824d-abe8942efa68 |
| 185.177.72.104 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 9ec7f1bf-fb5e-470d-b485-879efb12e365 |
| 178.33.134.25 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | bf743ad1-0560-4e03-bdc0-dd3faa99873e |
| 185.177.72.144 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 376b0475-f485-4366-b74a-745069e5c31c |
| 185.177.72.12 | ip | 2025-07-22 13:05:34 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 588571e0-1a6e-464a-9792-32bae5568e88 |
| 185.177.72.11 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | ad1df044-3f5c-4cb9-9df8-95249f1a4c45 |
| 185.177.72.3 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 165eb41c-3eea-4a67-9928-71112f707706 |
| 185.177.72.205 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | 02f7c20d-4b5f-4aa3-8f47-e7fe352f5026 |
| 185.177.72.204 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | ee27abde-579a-4132-9853-2ea8f0077b2e |
| 185.177.72.2 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 938a2afa-8648-4240-a9c2-40f0e3b5a99a |
| 195.178.110.161 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 71d279ae-cc4c-42d1-b5b4-a985337238c2 |
| 194.50.16.252 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | cab2f6ef-1c84-4479-bf6f-6a048df749cf |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | 9ef74cb2-b114-4fee-a406-f9dd129c9074 |
| 20.171.207.158 | ip | 2025-07-22 13:05:34 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 3ba8ad02-8a89-4598-9b7c-4b73d1c683d5 |
| 205.169.39.130 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 26eed6f3-c220-449b-81c5-4fc66e9c696f |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 13:05:34 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 4da0bb93-3cbb-49cb-95a5-56105f442a76 |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 13:05:34 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 7ee856d8-fc1e-4591-bdfe-53ba48e9627d |
| 216.126.227.20 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | 77f85854-866a-4211-bc7f-8d8a21f5602d |
| 205.169.39.4 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 2629cd4e-d6d8-47cc-83e5-c6004bffef90 |
| 3.92.177.104 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | fc98bb94-472e-4689-b972-9c8aaed873ef |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-22 13:05:34 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | ea23f5d1-4b76-4b31-808a-7967aaf3bcf2 |
| 34.116.246.85 | ip | 2025-07-22 13:05:34 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | a5e51278-2490-47af-baa0-a217ba6ce389 |
| 34.116.172.61 | ip | 2025-07-22 13:05:34 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | cf86f23e-d680-4fba-9209-c7110d1c7fd9 |
| 66.249.77.104 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | c8f8c998-46f2-4317-a2f9-341eecf136f5 |
| 66.249.68.133 | ip | 2025-07-22 13:05:34 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | a311c346-f822-4671-8b0a-f9777e58eed0 |
| 51.38.105.105 | ip | 2025-07-22 13:05:34 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 49e794c4-c247-47ae-924e-014346097f0f |
| AS211590 | asn | 2025-07-22 13:05:34 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | 8dd9967a-9d24-4e23-8a61-6855be7b0874 |
| AS16276 | asn | 2025-07-22 13:05:34 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 0e88e0bf-1511-4461-9126-54933293a06b |
| AS132203 | asn | 2025-07-22 13:05:34 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | fdeea01e-0500-4e31-8616-9c3615c00b17 |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-22 13:05:34 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 64263065-1b3d-48f0-b70d-f85aad80c90b |