|
2001:4878:8216:510:dddd:b98a:3a76:296c
|
ip
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; accessed obfuscated path linked to prior critical activity.
|
0.949999988079071
|
severity: Severity.critical
|
|
20.171.207.158
|
ip
|
2025-07-21 06:12:14
|
block
|
Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths.
|
0.8500000238418579
|
severity: Severity.medium
|
|
205.169.39.130
|
ip
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; triggered IP blocking due to burst activity.
|
0.8999999761581421
|
severity: Severity.critical
|
|
2001:bc8:1f90:4:7ec2:55ff:fe9e:8476
|
ip
|
2025-07-21 06:12:14
|
block
|
Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths.
|
0.8500000238418579
|
severity: Severity.medium
|
|
2001:bc8:1201:19:46a8:42ff:fe1b:ae29
|
ip
|
2025-07-21 06:12:14
|
block
|
Persistent medium malicious activity; all requests flagged by WAF.
|
0.8500000238418579
|
severity: Severity.medium
|
|
216.126.227.20
|
ip
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation.
|
1.0
|
severity: Severity.critical
|
|
205.169.39.4
|
ip
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; high flagged requests, triggered IP blocking by burst.
|
0.8999999761581421
|
severity: Severity.critical
|
|
3.92.177.104
|
ip
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK.
|
1.0
|
severity: Severity.critical
|
|
2604:a880:400:d1:0:1:4cea:4001
|
ip
|
2025-07-21 06:12:14
|
block
|
Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths.
|
0.8500000238418579
|
severity: Severity.medium
|
|
51.38.105.105
|
ip
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation.
|
0.8999999761581421
|
severity: Severity.critical
|
|
34.116.246.85
|
ip
|
2025-07-21 06:12:14
|
block
|
Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths.
|
0.8500000238418579
|
severity: Severity.medium
|
|
34.116.172.61
|
ip
|
2025-07-21 06:12:14
|
block
|
Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths.
|
0.8500000238418579
|
severity: Severity.medium
|
|
66.249.77.104
|
ip
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; all requests flagged by WAF and security alerts.
|
0.949999988079071
|
severity: Severity.critical
|
|
66.249.68.133
|
ip
|
2025-07-21 06:12:14
|
block
|
Persistent medium malicious scanning; all requests flagged by WAF (100% threat detection).
|
0.8999999761581421
|
severity: Severity.medium
|
|
AS211590
|
asn
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; 100% threat detection targeting sensitive files/creds/LFI.
|
1.0
|
severity: Severity.critical
|
|
AS16276
|
asn
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; aggregated traffic with high threat detection, diverse malicious activities.
|
1.0
|
severity: Severity.critical
|
|
AS132203
|
asn
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; high volume 100% flagged requests targeting WordPress; obfuscated paths.
|
0.8999999761581421
|
severity: Severity.critical
|
|
3%7ea97fdb0b70d4a7b7
|
tls
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; 100% flagged; aggressive scanning for sensitive files/creds/phpinfo; browser impersonation.
|
0.9800000190734863
|
severity: Severity.critical
|
|
3%7e7bcf51bfc0d0b65f
|
tls
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; extensive reconnaissance for sensitive app configs/creds; LFI attempts.
|
1.0
|
severity: Severity.critical
|
|
3%7e2faa3a9db1c111de
|
tls
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; high volume 100% flagged requests targeting WordPress/sensitive configs/obfuscated paths.
|
1.0
|
severity: Severity.critical
|
|
3%7ede29393936a8dc4153
|
tls
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation.
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7ede293936a8dc4153
|
tls
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; all requests flagged by WAF; targeting WordPress endpoints; obfuscated paths; browser impersonation.
|
0.949999988079071
|
severity: Severity.critical
|
|
3%7ebaae1457ad64ff16
|
tls
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; all requests flagged by WAF; obfuscated paths; reconnaissance.
|
0.8999999761581421
|
severity: Severity.critical
|
|
UNKNOWN
|
tls
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; comprehensive/aggressive attacks: sensitive file probing, WordPress exploits, web shell probing, LFI.
|
1.0
|
severity: Severity.critical
|
|
3%7ee35ec11fcbea7346
|
tls
|
2025-07-21 06:12:14
|
block
|
Critical malicious activity; very high flagged requests, obfuscated paths; triggered IP blocking by burst.
|
0.8999999761581421
|
severity: Severity.critical
|
|
157.180.49.118
|
ip
|
2025-07-21 05:27:10
|
block
|
Persistent medium malicious probing; all requests flagged by WAF.
|
0.8500000238418579
|
severity: Severity.medium
|
|
123.6.49.50
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; all requests flagged by WAF with multiple rule hits.
|
0.8999999761581421
|
severity: Severity.critical
|
|
103.207.148.148
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious probing for sensitive config/env files; browser impersonation detected.
|
0.949999988079071
|
severity: Severity.critical
|
|
101.55.81.36
|
ip
|
2025-07-21 05:27:10
|
block
|
Persistent critical activity targeting sensitive files and web shell paths, indicating exploitation.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.104
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; aggressive scanning for .env, phpinfo, .git files.
|
1.0
|
severity: Severity.critical
|
|
178.33.134.25
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; scanning common directories with browser impersonation.
|
0.8999999761581421
|
severity: Severity.critical
|
|
185.177.72.144
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; widespread probing for sensitive files/LFI; AS211590 related.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.12
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious reconnaissance for sensitive app configs/creds; LFI attempts.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.11
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; targeting sensitive credentials, env files, server info.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.3
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; targeting sensitive creds/config files; LFI anomalies; AS211590 related.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.205
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; attempting cloud creds, env files, config access; LFI.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.204
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; scanning for config files and source code repos.
|
1.0
|
severity: Severity.critical
|
|
185.177.72.2
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; targeting sensitive config files; browser impersonation; AS211590 related.
|
1.0
|
severity: Severity.critical
|
|
195.178.110.161
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; scanning for sensitive JS config, JSON creds, env vars; browser impersonation.
|
0.8999999761581421
|
severity: Severity.critical
|
|
194.50.16.252
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; targeting Spring Boot Actuator with command injection attempts.
|
1.0
|
severity: Severity.critical
|
|
2001:4878:8216:510:dddd:b98a:3a76:296c
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; accessed obfuscated path linked to prior critical activity.
|
0.949999988079071
|
severity: Severity.critical
|
|
20.171.207.158
|
ip
|
2025-07-21 05:27:10
|
block
|
Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths.
|
0.8500000238418579
|
severity: Severity.medium
|
|
205.169.39.130
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; triggered IP blocking due to burst activity.
|
0.8999999761581421
|
severity: Severity.critical
|
|
2001:bc8:1f90:4:7ec2:55ff:fe9e:8476
|
ip
|
2025-07-21 05:27:10
|
block
|
Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths.
|
0.8500000238418579
|
severity: Severity.medium
|
|
2001:bc8:1201:19:46a8:42ff:fe1b:ae29
|
ip
|
2025-07-21 05:27:10
|
block
|
Persistent medium malicious activity; all requests flagged by WAF.
|
0.8500000238418579
|
severity: Severity.medium
|
|
216.126.227.20
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; targeted WordPress paths (wlwmanifest.xml, xmlrpc.php); browser impersonation.
|
1.0
|
severity: Severity.critical
|
|
205.169.39.4
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; high flagged requests, triggered IP blocking by burst.
|
0.8999999761581421
|
severity: Severity.critical
|
|
3.92.177.104
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; targeting WordPress wlwmanifest.xml and xmlrpc.php; WAF IPBLOCK.
|
1.0
|
severity: Severity.critical
|
|
2604:a880:400:d1:0:1:4cea:4001
|
ip
|
2025-07-21 05:27:10
|
block
|
Persistent medium malicious activity; all requests flagged by WAF; obfuscated paths.
|
0.8500000238418579
|
severity: Severity.medium
|
|
51.38.105.105
|
ip
|
2025-07-21 05:27:10
|
block
|
Critical malicious activity; extensive scanning for sensitive files/PHP info; browser impersonation.
|
0.8999999761581421
|
severity: Severity.critical
|