Table: Security_events
Displaying rows 97801 - 97850 of 120479 (Page 1957 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 103.207.148.148 | ip | 2025-07-22 11:05:14 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | b5ae5db6-d3de-40f1-90b1-82619b7dfddf |
| 101.55.81.36 | ip | 2025-07-22 11:05:14 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | 3e2ffc8d-cede-4635-9bea-2f1d297eb3c9 |
| 185.177.72.104 | ip | 2025-07-22 11:05:14 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 5eb400aa-409e-45dd-9f64-8de6d447f9e0 |
| 178.33.134.25 | ip | 2025-07-22 11:05:14 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 5ba7bdea-40fc-4d1b-87cc-8665f83db96d |
| 185.177.72.144 | ip | 2025-07-22 11:05:14 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 4d6dd4e3-9b9d-4fcf-915b-128b265ce164 |
| 185.177.72.12 | ip | 2025-07-22 11:05:14 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 3a8bfc33-6103-4e37-bd0a-282128322080 |
| 185.177.72.11 | ip | 2025-07-22 11:05:14 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 70e2fec6-f993-489d-bf2d-65a885b9af88 |
| 185.177.72.3 | ip | 2025-07-22 11:05:14 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | a350ec32-9d0a-4df3-9e3f-cc045f9fb40b |
| 185.177.72.205 | ip | 2025-07-22 11:05:14 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | 12db63bf-3b97-4ba9-b354-e28e87e48a55 |
| 185.177.72.204 | ip | 2025-07-22 11:05:14 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 360e91ce-e5bf-40cc-9c3f-69555abe0804 |
| 185.177.72.2 | ip | 2025-07-22 11:05:14 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 4163e049-45d9-4b2d-b3a1-a2c175e523a3 |
| 195.178.110.161 | ip | 2025-07-22 11:05:14 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | bc71dcc9-ddd4-4dae-8f9f-2d0462f32c46 |
| 194.50.16.252 | ip | 2025-07-22 11:05:14 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | a360b25b-71fb-40ac-b223-9e3832f9cc96 |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 11:05:14 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | d0543a6f-c015-4248-954e-bda6765ca051 |
| 20.171.207.158 | ip | 2025-07-22 11:05:14 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | d0792896-b2de-4387-8de4-1488beb75feb |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 11:05:14 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 3b5a9ae5-97c0-46c1-b6e4-a8efd1649556 |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 11:05:14 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 4f3f7528-0034-4fd2-8a24-bd30a0115dd6 |
| 157.180.49.118 | ip | 2025-07-22 10:50:24 | block | Persistent medium malicious probing; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | e6883ac7-f879-410d-8d1f-820d205a7f7a |
| 123.6.49.50 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; all requests flagged by WAF with multiple rule hits. | 0.8999999761581421 | severity: Severity.critical | 69410fac-9a28-4ff0-ac3f-f7ade41a1854 |
| 103.207.148.148 | ip | 2025-07-22 10:50:24 | block | Critical malicious probing for sensitive config/env files; browser impersonation detected. | 0.949999988079071 | severity: Severity.critical | 7e73da2c-26ba-4629-a96e-9d66d517f3bf |
| 101.55.81.36 | ip | 2025-07-22 10:50:24 | block | Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation. | 1.0 | severity: Severity.critical | f2292d4a-84fa-4d22-80d8-b8744ba17dfe |
| 185.177.72.104 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; aggressive scanning for .env, phpinfo, .git files. | 1.0 | severity: Severity.critical | 89df2eb8-668f-4517-b73d-321355409ced |
| 178.33.134.25 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; scanning common directories with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 2e191d03-eb4a-48c9-b744-26ff33cdcb86 |
| 185.177.72.144 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related. | 1.0 | severity: Severity.critical | 6164b857-2afb-49dd-8022-68756a234a51 |
| 185.177.72.12 | ip | 2025-07-22 10:50:24 | block | Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 3c16b545-1629-47d2-9c92-3edf10491ac4 |
| 185.177.72.11 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; targeting sensitive credentials, env files, server info. | 1.0 | severity: Severity.critical | 78ed8cc4-8a89-4094-9f59-0f4378992f48 |
| 185.177.72.3 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related. | 1.0 | severity: Severity.critical | 24a41280-8228-4cb1-a0e3-55922485fd2f |
| 185.177.72.205 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; attempting cloud creds, env files, config access; LFI. | 1.0 | severity: Severity.critical | b516920f-a2e7-4ae4-9c08-779e5261fdf1 |
| 185.177.72.204 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; scanning for config files and source code repos. | 1.0 | severity: Severity.critical | 78870664-3471-492d-8c21-c59908c86ff5 |
| 185.177.72.2 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related. | 1.0 | severity: Severity.critical | 5d553386-bbc0-400b-8e98-18ebd1c12f08 |
| 195.178.110.161 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | ca4899bf-6009-43b0-b3e1-16f79607b13c |
| 194.50.16.252 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; targeting Spring Boot Actuator with command injection attempts. | 1.0 | severity: Severity.critical | 0938c191-8623-4627-8e25-bba5c4d37699 |
| 2001:4878:8216:510:dddd:b98a:3a76:296c | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; accessed obfuscated path linked to prior critical activity. | 0.949999988079071 | severity: Severity.critical | e7481a94-6c6e-4b1c-b1fc-02f0b031352a |
| 20.171.207.158 | ip | 2025-07-22 10:50:24 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 0330f61b-1a65-4d1b-b8ad-d7ceccf7ec71 |
| 205.169.39.130 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; triggered IP blocking due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 1cc643c2-79f8-422c-ae2b-e73b8621c1e0 |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-22 10:50:24 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | d943c44f-1763-42e7-bde3-147d46644f6d |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-22 10:50:24 | block | Persistent medium malicious activity; all requests flagged by WAF. | 0.8500000238418579 | severity: Severity.medium | 164fbdf3-2255-405d-8491-8ecb55994ef7 |
| 216.126.227.20 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation. | 1.0 | severity: Severity.critical | 483cf8eb-5371-4bd2-8be0-a12374840ce9 |
| 205.169.39.4 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; high flagged requests, triggered IP blocking by burst. | 0.8999999761581421 | severity: Severity.critical | 61f614bf-4213-473f-88f9-e3c3cddc5497 |
| 3.92.177.104 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK. | 1.0 | severity: Severity.critical | 30d3271d-7dca-4910-89e6-ee037ffb33a6 |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-22 10:50:24 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | c5b3b4e0-2a48-4294-9445-6dfc64d3b4a1 |
| 51.38.105.105 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 5e3a166c-9cfc-4fc2-8fb1-37ffd24c0c5f |
| 34.116.246.85 | ip | 2025-07-22 10:50:24 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | e7b40a46-d3f7-41e5-991a-534e501edb2d |
| 34.116.172.61 | ip | 2025-07-22 10:50:24 | block | Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths. | 0.8500000238418579 | severity: Severity.medium | 7726ea7f-3f21-42a7-b308-8b947fea41d2 |
| 66.249.77.104 | ip | 2025-07-22 10:50:24 | block | Critical malicious activity; all requests flagged by WAF and security alerts. | 0.949999988079071 | severity: Severity.critical | 65c03a90-06f0-4fba-8e46-1675d0c91903 |
| 66.249.68.133 | ip | 2025-07-22 10:50:24 | block | Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection). | 0.8999999761581421 | severity: Severity.medium | ad592ee1-cf59-4c7c-876d-f935097994ee |
| AS211590 | asn | 2025-07-22 10:50:24 | block | Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI. | 1.0 | severity: Severity.critical | 3a944bf9-9b3d-4ea5-b7fe-b39098a35f83 |
| AS16276 | asn | 2025-07-22 10:50:24 | block | Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities. | 1.0 | severity: Severity.critical | 3d0e1cdb-d482-47f0-97fe-ae0e3087b9df |
| AS132203 | asn | 2025-07-22 10:50:24 | block | Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths. | 0.8999999761581421 | severity: Severity.critical | baea8983-5cd9-47f4-b3a4-6b12a783579d |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-22 10:50:24 | block | Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts. | 1.0 | severity: Severity.critical | 3706d869-75a5-42e3-9f5d-d42226e8de49 |