Table: Security_events
Displaying rows 97601 - 97650 of 120479 (Page 1953 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 3%7ebaae1457ad64ff16 | tls | 2025-07-22 11:55:21 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | 13e67543-7b07-4a5a-b7ad-440860777cac |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-22 11:55:21 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | 72e6e098-80ea-4adb-a841-5ef920913a39 |
| UNKNOWN | tls | 2025-07-22 11:55:21 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | 607cc0de-0856-4a49-85b6-2e33904003da |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-22 11:55:21 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 3ceb8447-2c3a-4e0b-84da-7e05568fb09a |
| 157.180.49.118 | ip | 2025-07-22 11:55:20 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 01204b7e-e1b7-4fcd-89ac-d395a335d375 |
| 123.6.49.50 | ip | 2025-07-22 11:55:20 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | d68a1b69-08ce-4681-8ee3-bb1a847c0cb7 |
| 103.207.148.148 | ip | 2025-07-22 11:55:20 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | a235f56d-1389-42c8-b274-87fe7832c006 |
| 101.55.81.36 | ip | 2025-07-22 11:55:20 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | d3915342-51cb-439f-971f-0e99e8c06a42 |
| 185.177.72.104 | ip | 2025-07-22 11:55:20 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | a819dea1-3520-4a00-bbaa-009fedf8a730 |
| 178.33.134.25 | ip | 2025-07-22 11:55:20 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | e7fe3951-d790-430e-a538-2fa107dae2b7 |
| 185.177.72.144 | ip | 2025-07-22 11:55:20 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | de8f488f-f16f-456a-b7ef-5f086ecc04cd |
| 185.177.72.12 | ip | 2025-07-22 11:55:20 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 3157e9a1-88ac-44c5-820e-55ccd37b0e55 |
| 185.177.72.11 | ip | 2025-07-22 11:55:20 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 48909e31-ef3f-47f6-b0b4-05b86b3e4b51 |
| 185.177.72.3 | ip | 2025-07-22 11:55:20 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | ae3c519b-bcd3-42f1-ba51-a8cff8febaec |
| 185.177.72.205 | ip | 2025-07-22 11:55:20 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | 183196fe-6de4-4f79-9915-2f93037c71af |
| 185.177.72.204 | ip | 2025-07-22 11:55:20 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 02b942ef-dd4d-496c-ad6d-03ae44a16620 |
| 185.177.72.2 | ip | 2025-07-22 11:55:20 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | af6baa00-4c4e-4096-9e76-8ef5835187f0 |
| 157.180.49.118 | ip | 2025-07-22 11:35:16 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 044ec9bd-94d8-4943-80dd-8aa28edf3293 |
| 123.6.49.50 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | dbbb14af-bede-4777-9a18-b96a8f60bd33 |
| 103.207.148.148 | ip | 2025-07-22 11:35:16 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | 0e5453ad-6df2-421e-83ed-a38940dfafa5 |
| 101.55.81.36 | ip | 2025-07-22 11:35:16 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | c2bf807c-5bd0-4d2d-8711-ead85d236054 |
| 185.177.72.104 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 461b62e0-acd8-4369-9340-8deb27e80897 |
| 178.33.134.25 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 428cb8ba-05f3-4dd7-be8e-1f599200ae38 |
| 185.177.72.144 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | dac165dc-b672-4fae-8be9-d71897cc24d6 |
| 185.177.72.12 | ip | 2025-07-22 11:35:16 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 06f2824c-51c5-4b92-8504-5f874983a5b8 |
| 185.177.72.11 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 7f871b41-7b10-46f8-b4b6-53f502479519 |
| 185.177.72.3 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | d6cbb165-70bd-43fa-a2c1-8d12224fa67e |
| 185.177.72.205 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | 1f942079-233d-4bc2-a2a0-1b835454aafa |
| 185.177.72.204 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 9c83205a-109d-4401-90a2-46471deba5e2 |
| 185.177.72.2 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 7d62866e-35be-4462-9f2e-30d4f33b5fbf |
| 195.178.110.161 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 6b76fba9-e44b-40c4-9c2c-ef82116a07f5 |
| 194.50.16.252 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | 13292d4b-0d0c-4bbe-af1b-1a1473a37ec4 |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | 4e7475e7-d1b7-465b-b353-a268e65f4a0e |
| 20.171.207.158 | ip | 2025-07-22 11:35:16 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 8a89b69e-2ea7-44af-9d07-0e7ce0eba464 |
| 205.169.39.130 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 85199171-125c-4b2e-95d0-b7a49745b3ee |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 11:35:16 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 4c748645-fde2-4081-a255-4685020d06a5 |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 11:35:16 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 0c667d80-e491-4704-82ee-28f4c3e68efa |
| 216.126.227.20 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | d06c7b0d-260c-49d7-89ea-4a8498ff9346 |
| 205.169.39.4 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 25077b73-ba63-428f-9fec-c3e6c6961aff |
| 3.92.177.104 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | a4f9cbde-58ec-4686-a817-4af28497157c |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-22 11:35:16 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 6b108750-d2dd-45b0-8b9c-be679db26341 |
| 51.38.105.105 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | d39be36a-0f6e-4f33-8aa8-728b876e8427 |
| 34.116.246.85 | ip | 2025-07-22 11:35:16 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 9b41706c-9d4b-48c6-9159-5cc8385128a9 |
| 34.116.172.61 | ip | 2025-07-22 11:35:16 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | dbb13fae-e7ba-4e03-a97a-96d8b2cf9c67 |
| 66.249.77.104 | ip | 2025-07-22 11:35:16 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | c8dc76a1-98f4-4cab-93eb-338fbce8695a |
| 66.249.68.133 | ip | 2025-07-22 11:35:16 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | 4ede3d8f-5ef3-4c2b-adfc-87e847c6a102 |
| AS211590 | asn | 2025-07-22 11:35:16 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | 8631df85-b173-4ab4-966e-326f230bb1ad |
| AS16276 | asn | 2025-07-22 11:35:16 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 87df279d-89cd-49df-9dd4-33f9e2de150d |
| AS132203 | asn | 2025-07-22 11:35:16 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | 48e1936b-78b5-40dd-9f33-f70ff5721f21 |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-22 11:35:16 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 6e28c488-ab63-4c15-9b28-94fafee34e6d |