| 2026-01-14 20:02 |
141.98.11.181 |
+3
|
Iris |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-01-14 20:02 |
| wordpress-probe |
web-exploitation |
1 |
2026-01-14 20:02 |
| crowdsecurity/http-probing |
other |
1 |
2026-01-14 20:02 |
|
| 2026-01-14 20:00 |
115.238.44.234 |
crowdsecurity/http-open-proxy |
Ares |
Fleet |
| 2026-01-14 19:54 |
202.107.226.2 |
crowdsecurity/http-open-proxy |
Ares |
Fleet |
| 2026-01-14 19:45 |
141.98.11.171 |
suspicious-probe |
Triton |
Fleet |
| 2026-01-14 19:12 |
64.227.70.157 |
protocol-mismatch |
Ares |
Fleet |
| 2026-01-14 18:50 |
4.197.236.122 |
+4
|
Multiple (2) |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| threat-engine |
other |
1 |
2026-01-14 18:50 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-01-14 07:31 |
| webshell-probe |
post-exploitation |
1 |
2026-01-14 07:31 |
| generic-backdoor-detection |
other |
1 |
2026-01-14 07:31 |
|
| 2026-01-14 18:50 |
52.178.176.146 |
+14
|
Multiple (2) |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| threat-engine |
other |
1 |
2026-01-14 18:50 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-01-14 08:37 |
| php-known-backdoor |
web-exploitation |
1 |
2026-01-14 08:37 |
| generic-backdoor-detection |
other |
1 |
2026-01-14 08:37 |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-01-14 08:37 |
| wp-obscure-nested-php |
web-exploitation |
1 |
2026-01-14 08:37 |
| wordpress-probe |
web-exploitation |
1 |
2026-01-14 08:37 |
| crowdsecurity/http-admin-interface-probing |
reconnaissance |
1 |
2026-01-14 08:36 |
| wp-obscure-path-backdoor |
web-exploitation |
1 |
2026-01-14 08:36 |
| php-obscure-path-backdoor |
web-exploitation |
1 |
2026-01-14 08:36 |
| crowdsecurity/http-backdoors-attempts |
other |
1 |
2026-01-14 08:36 |
| crowdsecurity/http-wordpress-scan |
web-exploitation |
1 |
2026-01-14 08:36 |
| crowdsecurity/http-crawl-non_statics |
other |
1 |
2026-01-14 08:36 |
| crowdsecurity/http-probing |
other |
1 |
2026-01-14 08:36 |
|
| 2026-01-14 18:50 |
4.241.184.25 |
+11
|
Multiple (2) |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| threat-engine |
other |
1 |
2026-01-14 18:50 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-01-14 14:31 |
| generic-backdoor-detection |
other |
1 |
2026-01-14 14:31 |
| wordpress-probe |
web-exploitation |
1 |
2026-01-14 14:31 |
| wp-obscure-nested-php |
web-exploitation |
1 |
2026-01-14 14:31 |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-01-14 14:31 |
| php-known-backdoor |
web-exploitation |
1 |
2026-01-14 14:31 |
| crowdsecurity/http-probing |
other |
1 |
2026-01-14 14:31 |
| crowdsecurity/http-backdoors-attempts |
other |
1 |
2026-01-14 08:44 |
| wp-nested-backdoor |
web-exploitation |
1 |
2026-01-14 08:44 |
| crowdsecurity/http-wordpress-scan |
web-exploitation |
1 |
2026-01-14 08:44 |
|
| 2026-01-14 18:50 |
4.217.197.7 |
+10
|
Multiple (3) |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| threat-engine |
other |
1 |
2026-01-14 18:50 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-01-14 10:00 |
| generic-backdoor-detection |
other |
1 |
2026-01-14 10:00 |
| php-obscure-path-backdoor |
web-exploitation |
1 |
2026-01-14 10:00 |
| crowdsecurity/http-probing |
other |
1 |
2026-01-14 10:00 |
| crowdsecurity/http-admin-interface-probing |
reconnaissance |
1 |
2026-01-14 10:00 |
| generic-backdoor-filename |
other |
1 |
2026-01-12 23:13 |
| webshell-probe |
post-exploitation |
1 |
2026-01-12 23:13 |
| php-backdoor-generic |
web-exploitation |
1 |
2026-01-12 23:13 |
| generic-php-backdoor |
web-exploitation |
1 |
2026-01-12 23:13 |
|
| 2026-01-14 18:50 |
4.194.90.21 |
+7
|
Multiple (2) |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| threat-engine |
other |
1 |
2026-01-14 18:50 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-01-14 05:45 |
| php-obscure-path-backdoor |
web-exploitation |
1 |
2026-01-14 05:45 |
| webshell-probe |
post-exploitation |
1 |
2026-01-14 05:45 |
| generic-backdoor-detection |
other |
1 |
2026-01-14 05:45 |
| php-backdoor-generic |
web-exploitation |
1 |
2026-01-14 05:45 |
| php-known-backdoor |
web-exploitation |
1 |
2026-01-13 09:23 |
|
| 2026-01-14 18:50 |
74.225.193.147 |
+8
|
Multiple (3) |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| threat-engine |
other |
1 |
2026-01-14 18:50 |
| wordpress-probe |
web-exploitation |
1 |
2026-01-14 09:24 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-01-14 09:24 |
| generic-backdoor-detection |
other |
1 |
2026-01-14 09:24 |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-01-14 09:24 |
| php-known-backdoor |
web-exploitation |
1 |
2026-01-14 09:24 |
| crowdsecurity/http-probing |
other |
1 |
2026-01-14 09:24 |
| webshell-probe |
post-exploitation |
1 |
2026-01-13 18:49 |
|
| 2026-01-14 18:50 |
52.169.206.229 |
+15
|
Multiple (2) |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| threat-engine |
other |
1 |
2026-01-14 18:50 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-01-14 11:51 |
| webshell-probe |
post-exploitation |
1 |
2026-01-14 11:51 |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-01-14 11:51 |
| php-obscure-path-backdoor |
web-exploitation |
1 |
2026-01-14 11:51 |
| generic-backdoor-detection |
other |
1 |
2026-01-14 11:51 |
| wp-obscure-path-backdoor |
web-exploitation |
1 |
2026-01-14 11:51 |
| wp-obscure-nested-php |
web-exploitation |
1 |
2026-01-14 11:51 |
| wordpress-probe |
web-exploitation |
1 |
2026-01-14 11:51 |
| crowdsecurity/http-backdoors-attempts |
other |
1 |
2026-01-14 11:51 |
| php-known-backdoor |
web-exploitation |
1 |
2026-01-14 11:51 |
| wp-nested-backdoor |
web-exploitation |
1 |
2026-01-14 11:51 |
| php-backdoor-generic |
web-exploitation |
1 |
2026-01-14 11:51 |
| php-suspicious-name |
web-exploitation |
1 |
2026-01-14 11:51 |
| php-any-suspicious |
web-exploitation |
1 |
2026-01-14 11:51 |
|
| 2026-01-14 18:36 |
199.45.154.150 |
crowdsecurity/http-bad-user-agent |
Triton |
Fleet |
| 2026-01-14 17:53 |
51.68.111.216 |
crowdsecurity/http-bad-user-agent |
Iris |
Fleet |
| 2026-01-14 17:43 |
94.26.106.103 |
+3
|
Iris |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-01-14 17:43 |
| wordpress-probe |
web-exploitation |
1 |
2026-01-14 17:43 |
| generic-backdoor-detection |
other |
1 |
2026-01-14 17:43 |
|
| 2026-01-14 17:23 |
213.209.159.181 |
+9
|
Multiple (2) |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| threat-engine |
other |
1 |
2026-01-14 17:23 |
| mgmt-path-probe |
reconnaissance |
1 |
2026-01-14 04:12 |
| suspicious-probe |
reconnaissance |
1 |
2026-01-14 04:12 |
| generic-backdoor-detection |
other |
1 |
2026-01-14 04:11 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-01-14 04:11 |
| webshell-probe |
post-exploitation |
1 |
2026-01-14 04:11 |
| php-backdoor-generic |
web-exploitation |
1 |
2026-01-14 04:11 |
| php-known-backdoor |
web-exploitation |
1 |
2026-01-14 04:11 |
| crowdsecurity/http-crawl-non_statics |
other |
1 |
2026-01-14 04:11 |
|
| 2026-01-14 17:14 |
4.189.120.245 |
+14
|
Multiple (3) |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| threat-engine |
other |
1 |
2026-01-14 17:14 |
| generic-backdoor-detection |
other |
1 |
2026-01-14 04:48 |
| php-known-backdoor |
web-exploitation |
1 |
2026-01-14 04:48 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-01-14 04:48 |
| php-backdoor-generic |
web-exploitation |
1 |
2026-01-14 04:48 |
| webshell-probe |
post-exploitation |
1 |
2026-01-14 04:48 |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-01-13 15:06 |
| wp-nested-backdoor |
web-exploitation |
1 |
2026-01-13 15:06 |
| wordpress-probe |
web-exploitation |
1 |
2026-01-13 15:06 |
| wp-obscure-nested-php |
web-exploitation |
1 |
2026-01-13 15:06 |
| wp-obscure-path-backdoor |
web-exploitation |
1 |
2026-01-13 15:06 |
| php-obscure-path-backdoor |
web-exploitation |
1 |
2026-01-13 15:06 |
| crowdsecurity/http-wordpress-scan |
web-exploitation |
1 |
2026-01-13 15:06 |
| crowdsecurity/http-probing |
other |
1 |
2026-01-13 15:06 |
|
| 2026-01-14 17:02 |
1.2.3.9 |
threat-engine |
Argus |
Fleet |
| 2026-01-14 16:43 |
1.2.3.6 |
threat-engine |
Argus |
Fleet |
| 2026-01-14 14:47 |
47.81.9.210 |
crowdsecurity/http-cve-2021-41773 |
Ares |
Fleet |
| 2026-01-14 13:45 |
38.248.14.48 |
+2
|
Ares |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| crowdsecurity/http-cve-2021-42013 |
cve-exploit |
1 |
2026-01-14 13:45 |
| crowdsecurity/http-cve-2021-41773 |
cve-exploit |
1 |
2026-01-14 13:45 |
|
| 2026-01-14 13:28 |
199.45.155.99 |
crowdsecurity/http-bad-user-agent |
Argus |
Fleet |
| 2026-01-14 13:06 |
35.233.231.149 |
+3
|
Iris |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-01-14 13:06 |
| wordpress-probe |
web-exploitation |
1 |
2026-01-14 13:06 |
| crowdsecurity/http-probing |
other |
1 |
2026-01-14 13:06 |
|
| 2026-01-14 12:44 |
13.229.210.206 |
+2
|
Argus |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| suspicious-probe |
reconnaissance |
1 |
2026-01-14 12:44 |
| crowdsecurity/http-sensitive-files |
other |
1 |
2026-01-14 12:44 |
|
| 2026-01-14 10:57 |
66.132.153.128 |
crowdsecurity/http-bad-user-agent |
Iris |
Fleet |