Table: Security_events
Displaying rows 97501 - 97550 of 120479 (Page 1951 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 101.55.81.36 | ip | 2025-07-22 12:25:32 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 26965fec-e1de-40df-950d-a36bfb94962e |
| 185.177.72.104 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | e9b27724-861e-4c81-a7d5-eb2be86749d7 |
| 178.33.134.25 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 6f2a9198-0d4f-43c0-8f1e-6f6016e5296e |
| 185.177.72.144 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | a8cb9781-753a-4919-be49-a51d2e3732a3 |
| 185.177.72.12 | ip | 2025-07-22 12:25:32 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 8a88ebb0-f87b-46b2-bcd9-c204c6798473 |
| 185.177.72.11 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 8739fea1-e883-4d58-b308-9dabd0088ce7 |
| 185.177.72.3 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 625db99b-5e71-42e6-b4c6-84ce03c3a0ad |
| 185.177.72.205 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | 68ae0e7b-bdbb-48ec-b145-a15b745c6b2b |
| 185.177.72.204 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 46e60056-3e49-466f-b788-99dc788f592b |
| 185.177.72.2 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 13fa7f0b-037c-447f-9128-b7e14550215a |
| 195.178.110.161 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 5ab8368c-0bd3-44c9-9a37-54eaf18e8895 |
| 194.50.16.252 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | c414da63-08cb-4ede-80b9-556b1809693f |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | e4f8960a-7037-448b-b4b0-fb1cacd01bc1 |
| 20.171.207.158 | ip | 2025-07-22 12:25:32 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 9b3ce215-0b6e-4e7d-b50b-d3f261ae99c6 |
| 205.169.39.130 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 66305218-081d-4c6d-98c1-7fa05497ef95 |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 12:25:32 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | df6b9054-0e65-4fa5-b85d-42d82b9e0218 |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 12:25:32 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | cde0a235-088e-4447-8f60-06374cfc9b57 |
| 216.126.227.20 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | b0526ce2-39ad-4289-a1bf-ba35f784abc6 |
| 205.169.39.4 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 5dd4508b-7c64-48c9-947b-34bc92cd503d |
| 3.92.177.104 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | d8a56dd2-4fdf-4326-8b66-60c172488051 |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-22 12:25:32 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 8f754972-1368-4872-ae0d-377d00c19720 |
| 51.38.105.105 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 19fb25ee-7419-4037-b9bf-408aa7ac761b |
| 34.116.246.85 | ip | 2025-07-22 12:25:32 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | a9d38ef3-09c2-4973-a367-d9173341d67c |
| 34.116.172.61 | ip | 2025-07-22 12:25:32 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | d3ca7b5c-4a3e-44df-bad1-32692c10a267 |
| 66.249.77.104 | ip | 2025-07-22 12:25:32 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | 9a56f942-a419-4835-8533-2be47360b988 |
| 66.249.68.133 | ip | 2025-07-22 12:25:32 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 69f9d4e7-049c-496c-ae3b-4e644aae59a0 |
| AS211590 | asn | 2025-07-22 12:25:32 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | 5dc804ee-6917-4849-bf16-1012875b7c05 |
| AS16276 | asn | 2025-07-22 12:25:32 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 20259729-9bf9-4a7d-872d-e979290ae497 |
| AS132203 | asn | 2025-07-22 12:25:32 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | bc6e45ec-3ee3-4c64-a41c-fe940bc149d7 |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-22 12:25:32 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | f46dd852-71e4-4edf-8c7b-4afa274c0b85 |
| 3%7e2faa3a9db1c111de | tls | 2025-07-22 12:25:32 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | c4b8fe5f-2830-4104-9d26-a22719b14382 |
| 3%7ede29393936a8dc4153 | tls | 2025-07-22 12:25:32 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 04a2bfc2-0c59-4d7c-92bb-92f19d2bf384 |
| 3%7ede293936a8dc4153 | tls | 2025-07-22 12:25:32 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | 53fa6621-22a5-46e8-b238-58159bb13912 |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-22 12:25:32 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | e75f0187-7a93-4815-a1cb-658a6a52ced5 |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-22 12:25:32 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | e8f7b994-893b-43ef-a953-a8349fc17fbf |
| UNKNOWN | tls | 2025-07-22 12:25:32 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | fed35075-00d7-4db4-8681-556a4e2ef937 |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-22 12:25:32 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | f0743555-5ed1-4bbe-9233-8670fedce947 |
| 157.180.49.118 | ip | 2025-07-22 12:05:25 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | c14288c5-0f6b-4ae2-84e9-c4d51cd38449 |
| 123.6.49.50 | ip | 2025-07-22 12:05:25 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | 2128f3e5-b0fc-436d-99a7-98d58811f896 |
| 103.207.148.148 | ip | 2025-07-22 12:05:25 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | 10230e3c-1024-4f33-8195-76bd008cf158 |
| 101.55.81.36 | ip | 2025-07-22 12:05:25 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 62d55bfd-4ebd-42ae-b6f9-b8b4e6d02597 |
| 185.177.72.104 | ip | 2025-07-22 12:05:25 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 5a5c1d11-924b-494d-ae2c-cd807a4413f0 |
| 178.33.134.25 | ip | 2025-07-22 12:05:25 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | d6ef94ce-2b63-49ce-a606-1edb840daf23 |
| 185.177.72.144 | ip | 2025-07-22 12:05:25 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | edded3f8-4334-4842-8d97-19565a4ac20f |
| 185.177.72.12 | ip | 2025-07-22 12:05:25 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | d32036ce-a6ff-40e7-b3c0-ba56afcb8f44 |
| 185.177.72.11 | ip | 2025-07-22 12:05:25 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | b4585b99-a335-435c-9c47-81f4e2f1fe03 |
| 185.177.72.3 | ip | 2025-07-22 12:05:25 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 14fafde7-e289-4bbf-88d1-0f049a8593b1 |
| 185.177.72.205 | ip | 2025-07-22 12:05:25 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | 2627fa92-69ca-441a-8c26-eb9141a76330 |
| 185.177.72.204 | ip | 2025-07-22 12:05:25 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | f4462a51-53c5-4737-be79-1ed03f63ff8c |
| 185.177.72.2 | ip | 2025-07-22 12:05:25 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 5d1c4a5d-463e-4678-b741-c58735223751 |