Table: Security_events
Displaying rows 97701 - 97750 of 120479 (Page 1955 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 101.55.81.36 | ip | 2025-07-22 11:25:20 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 2672f890-763e-49d7-b0d7-fc12ea9b067c |
| 185.177.72.104 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | f324f89e-daf5-40ea-85fd-39b071ffa2f6 |
| 178.33.134.25 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 6d2b0cfb-8afc-43f3-ad03-b3739a1e559a |
| 185.177.72.144 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 87ce40a7-f1c9-4753-a3e1-7e76421a332a |
| 185.177.72.12 | ip | 2025-07-22 11:25:20 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 23df9fee-6e9b-45e7-823e-1d237fc9110e |
| 185.177.72.11 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | fd682628-cabb-4223-bc4f-d4535e51e22a |
| 185.177.72.3 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 52c57ad2-6d7d-4527-8add-149dde76ba70 |
| 185.177.72.205 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | e6bdbbe6-9bb3-4d66-992f-7f0d0e2ae6d3 |
| 185.177.72.204 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | e3dde7a0-b6b9-41f9-90a9-d9f0e8290f0e |
| 185.177.72.2 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 6e0d3eff-e570-4285-9b1c-f7722a9eb2ac |
| 195.178.110.161 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | d522e091-b176-4050-87f7-6125113ce8c0 |
| 194.50.16.252 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | dba12100-9aac-4985-a83f-853bdab4c7ec |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | b2f02599-4ab7-47d3-86f7-d09db38d1772 |
| 20.171.207.158 | ip | 2025-07-22 11:25:20 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 26448e5f-99e6-4ad0-83e6-b824069ac4da |
| 205.169.39.130 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 7cf9e75a-6b4b-43ef-bbd9-3ccd6d8b437f |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 11:25:20 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 9e55ecb6-9050-4e6c-b1eb-3068b5a30e77 |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 11:25:20 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 128a8a54-2a06-4d72-8e19-3c57d9528a44 |
| 216.126.227.20 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | 79a43fe4-df7b-4172-8e78-21b5f6527012 |
| 205.169.39.4 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 8a53e587-3a6c-4b59-9d1c-af6eb34681df |
| 3.92.177.104 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | b06c01dc-c86e-4564-ba2d-c375bada23fa |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-22 11:25:20 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 891448f8-35bf-48b6-a80e-72910f55aef7 |
| 51.38.105.105 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 37dc818e-dcb7-481a-a097-8ff958616b3f |
| 34.116.246.85 | ip | 2025-07-22 11:25:20 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 556353b6-1a7b-48a9-b702-b9edd9c83b37 |
| 34.116.172.61 | ip | 2025-07-22 11:25:20 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 85719be9-0f04-4af1-beb9-bbfb21959c40 |
| 66.249.77.104 | ip | 2025-07-22 11:25:20 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | d86f7d08-610d-426c-8fa8-994099f2a6b6 |
| 66.249.68.133 | ip | 2025-07-22 11:25:20 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | aaf7db0e-05ef-410d-b4a7-c69684682efd |
| AS211590 | asn | 2025-07-22 11:25:20 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | a38ce9f2-a05f-47cb-9fbe-c5ca1bdf7788 |
| AS16276 | asn | 2025-07-22 11:25:20 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 4caf025f-f85a-43c1-acef-b6a3cd5fe625 |
| AS132203 | asn | 2025-07-22 11:25:20 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | a87e5b9d-d7b2-4bce-a61f-274a4a4e1c71 |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-22 11:25:20 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | f74de546-f88f-4913-841e-e4d13250a501 |
| 3%7e2faa3a9db1c111de | tls | 2025-07-22 11:25:20 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths. | 1.0 | severity: Severity.critical | 6c7c9620-6132-40df-895e-f469cdc4fda3 |
| 3%7ede29393936a8dc4153 | tls | 2025-07-22 11:25:20 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | c1b9ccde-eb4f-49cd-9730-77f9bf12b55a |
| 3%7ede293936a8dc4153 | tls | 2025-07-22 11:25:20 | block | Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation. | 0.949999988079071 | severity: Severity.critical | ce9bd555-3a68-418e-b5db-bfba88fd16bd |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-22 11:25:20 | block | Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance. | 0.8999999761581421 | severity: Severity.critical | aee591ea-2421-4b11-9308-d5492bd4a3dd |
| 3%7ea97fdb0b70d4a7b7 | tls | 2025-07-22 11:25:20 | block | Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation. | 0.9800000190734863 | severity: Severity.critical | e5fb4299-9895-412c-a471-47a41cc2234c |
| UNKNOWN | tls | 2025-07-22 11:25:20 | block | Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI. | 1.0 | severity: Severity.critical | ab7985f2-03c2-48a5-8bbc-2f26567eafcf |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-22 11:25:20 | block | Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 8edffa19-a220-451d-89d2-f527eb3985bf |
| 157.180.49.118 | ip | 2025-07-22 11:10:14 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | a1b6a992-5b48-4125-a00b-e515995366da |
| 123.6.49.50 | ip | 2025-07-22 11:10:14 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | aacaf7bc-ba14-4f99-910e-8f0b20e46915 |
| 103.207.148.148 | ip | 2025-07-22 11:10:14 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | 101f7a1a-5ad2-4574-a2ac-77fcdfbf08a5 |
| 101.55.81.36 | ip | 2025-07-22 11:10:14 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 4f85ef3c-0202-4d43-9d6b-f11e6b33a916 |
| 185.177.72.104 | ip | 2025-07-22 11:10:14 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 8e295a7d-6dfe-4d61-a0ca-5d52482bca64 |
| 178.33.134.25 | ip | 2025-07-22 11:10:14 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 529a71c9-f226-4dff-84e3-9525638a6b32 |
| 185.177.72.144 | ip | 2025-07-22 11:10:14 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 1673f57c-1db5-4da1-abda-120b577ab9a9 |
| 185.177.72.12 | ip | 2025-07-22 11:10:14 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | fd7d5934-801d-435b-ae8b-d1ea9b39265c |
| 185.177.72.11 | ip | 2025-07-22 11:10:14 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 3a8b5a6a-343f-46d6-9d3e-8dbed9f6daa0 |
| 185.177.72.3 | ip | 2025-07-22 11:10:14 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 2490b084-4437-468b-a6bd-7cd44efc004b |
| 185.177.72.205 | ip | 2025-07-22 11:10:14 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | 2e444c91-ddb8-461c-bd61-72611fafd4f8 |
| 185.177.72.204 | ip | 2025-07-22 11:10:14 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 5d929e90-e318-460f-9188-4460bb002bea |
| 185.177.72.2 | ip | 2025-07-22 11:10:14 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 5a343f0e-ee6f-446d-85d9-30b46c669566 |