| 2026-03-02 02:50 |
4.232.90.96 |
+3
|
Zephyrus |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-02 02:50 |
| crowdsecurity/http-generic-bf |
other |
1 |
2026-03-02 02:50 |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-02 02:50 |
|
| 2026-03-02 02:12 |
66.132.153.117 |
crowdsecurity/http-bad-user-agent |
Argus |
Fleet |
| 2026-03-02 01:59 |
20.240.42.45 |
+8
|
Triton |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-02 01:59 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-02 01:59 |
| webshell-probe |
post-exploitation |
1 |
2026-03-02 01:59 |
| php-backdoor-generic |
web-exploitation |
1 |
2026-03-02 01:59 |
| php-known-backdoor |
web-exploitation |
1 |
2026-03-02 01:59 |
| wp-obscure-nested-php |
web-exploitation |
1 |
2026-03-02 01:59 |
| wordpress-probe |
web-exploitation |
1 |
2026-03-02 01:59 |
| crowdsecurity/http-probing |
other |
1 |
2026-03-02 01:59 |
|
| 2026-03-02 01:49 |
20.63.41.168 |
+8
|
Triton |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-02 01:49 |
| webshell-probe |
post-exploitation |
1 |
2026-03-02 01:49 |
| php-known-backdoor |
web-exploitation |
1 |
2026-03-02 01:49 |
| php-backdoor-generic |
web-exploitation |
1 |
2026-03-02 01:49 |
| crowdsecurity/http-probing |
other |
1 |
2026-03-02 01:49 |
| wp-obscure-nested-php |
web-exploitation |
1 |
2026-03-02 01:49 |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-02 01:49 |
| wordpress-probe |
web-exploitation |
1 |
2026-03-02 01:49 |
|
| 2026-03-02 00:52 |
194.85.235.99 |
crowdsecurity/http-cve-2021-41773 |
Ares |
Fleet |
| 2026-03-02 00:46 |
20.215.209.82 |
+4
|
Iris |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-02 00:46 |
| wordpress-probe |
web-exploitation |
1 |
2026-03-02 00:45 |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-02 00:45 |
| crowdsecurity/http-probing |
other |
1 |
2026-03-02 00:45 |
|
| 2026-03-02 00:39 |
47.253.5.130 |
+2
|
Ares |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| crowdsecurity/http-cve-2021-42013 |
cve-exploit |
1 |
2026-03-02 00:39 |
| crowdsecurity/http-cve-2021-41773 |
cve-exploit |
1 |
2026-03-02 00:39 |
|
| 2026-03-02 00:19 |
204.76.203.25 |
suspicious-probe |
Argus |
Fleet |
| 2026-03-01 23:41 |
46.105.42.96 |
crowdsecurity/http-bad-user-agent |
Iris |
Fleet |
| 2026-03-01 22:50 |
45.82.78.104 |
protocol-mismatch |
Ares |
Fleet |
| 2026-03-01 22:16 |
185.177.72.22 |
+7
|
Multiple (2) |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| mgmt-path-probe |
reconnaissance |
1 |
2026-03-01 22:16 |
| suspicious-probe |
reconnaissance |
1 |
2026-03-01 07:17 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-01 07:17 |
| crowdsecurity/http-sensitive-files |
other |
1 |
2026-03-01 07:17 |
| crowdsecurity/http-admin-interface-probing |
reconnaissance |
1 |
2026-03-01 07:17 |
| crowdsecurity/http-probing |
other |
1 |
2026-03-01 07:17 |
| crowdsecurity/http-generic-bf |
other |
1 |
2026-02-27 10:47 |
|
| 2026-03-01 22:13 |
20.104.206.150 |
+4
|
Iris |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-01 22:13 |
| crowdsecurity/http-probing |
other |
1 |
2026-03-01 22:13 |
| crowdsecurity/http-wordpress-scan |
web-exploitation |
1 |
2026-03-01 22:13 |
| wordpress-probe |
web-exploitation |
1 |
2026-03-01 22:13 |
|
| 2026-03-01 21:41 |
206.168.34.34 |
crowdsecurity/http-bad-user-agent |
Zephyrus |
Fleet |
| 2026-03-01 21:09 |
77.90.185.115 |
suspicious-probe |
Argus |
Fleet |
| 2026-03-01 20:50 |
206.81.24.74 |
+2
|
Zephyrus |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| crowdsecurity/jira_cve-2021-26086 |
cve-exploit |
1 |
2026-03-01 20:50 |
| suspicious-probe |
reconnaissance |
1 |
2026-03-01 20:50 |
|
| 2026-03-01 20:35 |
34.158.168.101 |
protocol-mismatch |
Ares |
Fleet |
| 2026-03-01 20:35 |
8.219.40.251 |
+2
|
Ares |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| crowdsecurity/http-cve-2021-42013 |
cve-exploit |
1 |
2026-03-01 20:35 |
| crowdsecurity/http-cve-2021-41773 |
cve-exploit |
1 |
2026-03-01 20:35 |
|
| 2026-03-01 19:05 |
101.36.104.242 |
crowdsecurity/http-cve-2021-41773 |
Ares |
Fleet |
| 2026-03-01 18:43 |
20.214.137.177 |
+9
|
Iris |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-01 18:43 |
| wordpress-probe |
web-exploitation |
1 |
2026-03-01 18:43 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-01 18:43 |
| wp-nested-backdoor |
web-exploitation |
1 |
2026-03-01 18:43 |
| wp-obscure-nested-php |
web-exploitation |
1 |
2026-03-01 18:43 |
| crowdsecurity/http-admin-interface-probing |
reconnaissance |
1 |
2026-03-01 18:42 |
| generic-backdoor-detection |
other |
1 |
2026-03-01 18:42 |
| crowdsecurity/http-wordpress-scan |
web-exploitation |
1 |
2026-03-01 18:42 |
| crowdsecurity/http-probing |
other |
1 |
2026-03-01 18:42 |
|
| 2026-03-01 17:45 |
137.184.207.222 |
protocol-mismatch |
Ares |
Fleet |
| 2026-03-01 17:36 |
77.90.185.116 |
suspicious-probe |
Triton |
Fleet |
| 2026-03-01 16:47 |
204.76.203.233 |
crowdsecurity/http-open-proxy |
Ares |
Fleet |
| 2026-03-01 16:14 |
130.12.180.52 |
crowdsecurity/http-open-proxy |
Ares |
Fleet |
| 2026-03-01 15:15 |
20.53.243.118 |
+8
|
Triton |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-01 15:15 |
| wordpress-probe |
web-exploitation |
1 |
2026-03-01 15:15 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-01 15:15 |
| wp-nested-backdoor |
web-exploitation |
1 |
2026-03-01 15:15 |
| wp-obscure-nested-php |
web-exploitation |
1 |
2026-03-01 15:15 |
| webshell-probe |
post-exploitation |
1 |
2026-03-01 15:15 |
| php-backdoor-generic |
web-exploitation |
1 |
2026-03-01 15:15 |
| generic-backdoor-detection |
other |
1 |
2026-03-01 15:14 |
|
| 2026-03-01 14:59 |
46.105.38.210 |
crowdsecurity/http-bad-user-agent |
Triton |
Fleet |