Table: Security_events
Displaying rows 120451 - 120479 of 120479 (Page 2410 / 2410)
| Entity | Type | Event time | Action taken | Ai reason | Ai confidence score | Ai details | Event id |
|---|---|---|---|---|---|---|---|
| 20.171.207.158 | ip | 2025-07-17 13:39:09 | watchlist | All requests flagged by WAF, including unusual URL patterns and obfuscated paths, indicative of aggressive or malformed crawling. | 0.699999988079071 | severity: Severity.medium | c09b7ba1-4bf9-4510-b5e4-ae0919130f83 |
| 205.169.39.130 | ip | 2025-07-17 13:39:09 | block | Triggered an IP blocking rule due to burst activity, despite a lower percentage of detected threat requests. | 0.8999999761581421 | severity: Severity.critical | 5418a678-8c19-413a-be0f-3c7d1bd2c002 |
| 2001:bc8:1f90:4:7ec2:55ff:fe9e:8476 | ip | 2025-07-17 13:39:09 | watchlist | All requests flagged by WAF, including obfuscated path indicative of suspicious activity. | 0.699999988079071 | severity: Severity.medium | 0c27ab1b-f36a-4a69-af1a-91ee50f5d6e7 |
| 2001:bc8:1201:19:46a8:42ff:fe1b:ae29 | ip | 2025-07-17 13:39:09 | watchlist | All requests flagged by WAF, including obfuscated path indicative of suspicious activity. | 0.699999988079071 | severity: Severity.medium | 13e8df7f-ea40-4e10-8ca9-425e07cf9c2f |
| 216.126.227.20 | ip | 2025-07-17 13:39:09 | block | Targeted WordPress specific attack paths like wlwmanifest.xml and xmlrpc.php, coupled with browser impersonation and IP blocking rules. | 1.0 | severity: Severity.critical | b629474e-45ee-4a2b-9bc0-5c0fd65a4911 |
| 205.169.39.4 | ip | 2025-07-17 13:39:09 | block | High percentage of flagged requests and triggered an IP blocking rule due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 932659a6-ddc3-4a82-a8c2-877e7dfa2b0c |
| 3.92.177.104 | ip | 2025-07-17 13:39:09 | block | Actively targeting WordPress wlwmanifest.xml and xmlrpc.php, directly triggering a WAF IPBLOCK rule. | 1.0 | severity: Severity.critical | 2a9ec771-e447-403f-b78c-be5f84a83dac |
| 2604:a880:400:d1:0:1:4cea:4001 | ip | 2025-07-17 13:39:09 | watchlist | All requests flagged by WAF, including obfuscated paths, warranting further monitoring. | 0.699999988079071 | severity: Severity.medium | de0ca8ad-b2f8-48e4-a8ed-5fc500584837 |
| 51.38.105.105 | ip | 2025-07-17 13:39:09 | block | Extensive scanning for sensitive configuration files, credentials, and PHP info pages, with a high threat detection rate and browser impersonation. | 0.8999999761581421 | severity: Severity.critical | 8040400c-fd0f-4bcd-980f-010ff20ccefc |
| 34.116.246.85 | ip | 2025-07-17 13:39:09 | watchlist | All requests flagged by WAF, including obfuscated paths, indicating suspicious activity that requires further observation. | 0.699999988079071 | severity: Severity.medium | a6391e5a-1a85-442b-a992-98d3a783ba5f |
| 34.116.172.61 | ip | 2025-07-17 13:39:09 | watchlist | All requests flagged by WAF, including obfuscated paths, indicating suspicious activity that requires further observation. | 0.699999988079071 | severity: Severity.medium | f94a86d6-2e88-4b10-825c-ec17200e5cf7 |
| 66.249.77.104 | ip | 2025-07-17 13:39:09 | ignore | All requests appear legitimate for a web crawler (Googlebot IP range) accessing public assets, and no critical security rules were triggered, suggesting a false positive for an aggressive but benign bot. | 0.800000011920929 | severity: Severity.low | 971fd2d0-85a4-4960-8b2c-7e592438c544 |
| AS211590 | asn | 2025-07-17 13:39:09 | block | Aggregated traffic from this ASN demonstrates a 100% threat detection rate involving widespread probing for sensitive files, credentials, and actively attempting LFI attacks, triggering multiple critical IP blocking and reputation rules. | 1.0 | severity: Severity.critical | a0215146-e8e9-4573-af18-cdcdef939dca |
| AS16276 | asn | 2025-07-17 13:39:09 | block | Aggregated traffic from this ASN shows a very high threat detection rate with diverse malicious activities, including directory scanning and sensitive file probing, consistent with multiple compromised or malicious hosts. | 1.0 | severity: Severity.critical | e9bddc2f-b140-4901-846c-bc92b232a7a8 |
| AS132203 | asn | 2025-07-17 13:39:09 | block | High volume of 100% flagged requests targeting WordPress endpoints and including multiple obfuscated paths, indicating aggressive and suspicious automated activity. | 0.8999999761581421 | severity: Severity.critical | 77bec4db-81c8-4410-ac47-3e4fd3f75af0 |
| 3%7e7bcf51bfc0d0b65f | tls | 2025-07-17 13:39:09 | block | Extensive reconnaissance for sensitive application configurations and credentials, coupled with LFI attempts and multiple IP blocking rules, associated with this TLS fingerprint. | 1.0 | severity: Severity.critical | 3b72aa1c-df45-4d38-98a9-642a9c9b3227 |
| 3%7e2faa3a9db1c111de | tls | 2025-07-17 13:39:09 | block | High volume of 100% flagged requests targeting WordPress attack vectors, sensitive configurations, and including obfuscated paths, directly triggering WAF IPBLOCK rules. | 1.0 | severity: Severity.critical | 2a66ab16-7dd9-4170-bcc1-1ed835cc964a |
| 3%7ee35ec11fcbea7346 | tls | 2025-07-17 13:39:09 | block | Very high percentage of flagged requests, including obfuscated paths, directly triggering an IP blocking rule due to burst activity. | 0.8999999761581421 | severity: Severity.critical | 5d8519a5-2878-407d-b8d7-e793d02372d2 |
| 3%7ede293936a8dc4153 | tls | 2025-07-17 13:39:09 | watchlist | High volume of 100% flagged requests targeting WordPress endpoints and including obfuscated paths, indicating suspicious automated activity. | 0.800000011920929 | severity: Severity.medium | 47fab72d-edd2-46cd-b367-4a61ac071999 |
| 3%7ebaae1457ad64ff16 | tls | 2025-07-17 13:39:09 | watchlist | All requests flagged by WAF, including obfuscated paths and aggressive crawling, indicating suspicious automated activity. | 0.800000011920929 | severity: Severity.medium | a26019f3-78bd-45b7-8244-f9072dfb48e0 |
| UNKNOWN | tls | 2025-07-17 13:39:09 | block | Comprehensive and aggressive attack patterns including sensitive file probing, WordPress exploit attempts, web shell probing, LFI, and triggering multiple critical IP blocking and reputation rules. | 1.0 | severity: Severity.critical | 739e5850-4366-4735-b5dc-70f80c8179a5 |
| 157.180.49.118 | ip | 2025-07-17 13:39:08 | watchlist | High request volume flagged by WAF, consistent with aggressive crawling or reconnaissance. | 0.6000000238418579 | severity: Severity.low | 9c8f8381-d4d1-4c84-b53b-b0a1608afcc0 |
| 123.6.49.50 | ip | 2025-07-17 13:39:08 | watchlist | All requests flagged by WAF including highly obfuscated paths. | 0.800000011920929 | severity: Severity.medium | 8c3d5298-8358-4c5e-b4e3-a91984f89193 |
| 101.55.81.36 | ip | 2025-07-17 13:39:08 | block | High volume of requests targeting sensitive application files, configuration files, and known web shell paths, indicating an active reconnaissance and exploitation attempt. | 1.0 | severity: Severity.critical | 728dad3a-57a7-4af4-bda4-fec12340da8d |
| 185.177.72.104 | ip | 2025-07-17 13:39:08 | block | Aggressive scanning for .env files, phpinfo, and .git configurations, directly hit IP blocking reputation rules. | 1.0 | severity: Severity.critical | dc1362a0-fc15-43c5-aae6-d91a180d7249 |
| 178.33.134.25 | ip | 2025-07-17 13:39:08 | block | 100% of requests flagged, actively scanning for common website directories and old/backup sites, coupled with browser impersonation. | 0.8999999761581421 | severity: Severity.critical | ce239e37-e98b-412e-b819-b9dec0da6b69 |
| 185.177.72.12 | ip | 2025-07-17 13:39:08 | block | Extensive reconnaissance for sensitive application configurations and credentials, coupled with LFI attempts and multiple IP blocking rules. | 1.0 | severity: Severity.critical | 4e338288-cfa8-4dfc-a234-cda2076b4fd7 |
| 185.177.72.11 | ip | 2025-07-17 13:39:08 | block | Targeting highly sensitive credentials, environment files, and server info pages, directly hit IP reputation deny rules. | 1.0 | severity: Severity.critical | 8b991b73-3daa-431c-b034-45d3f0716e2c |
| 185.177.72.204 | ip | 2025-07-17 13:39:08 | block | Targeted scanning for configuration files and source code repositories, triggering IP reputation deny rules. | 1.0 | severity: Severity.critical | b70ab2b3-77a6-460f-90a9-2256d9015de7 |