| 2026-03-07 23:46 |
20.89.58.13 |
+13
|
Triton |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-07 23:46 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-07 23:46 |
| wordpress-probe |
web-exploitation |
1 |
2026-03-07 23:46 |
| wp-obscure-nested-php |
web-exploitation |
1 |
2026-03-07 23:46 |
| webshell-probe |
post-exploitation |
1 |
2026-03-07 23:46 |
| php-backdoor-generic |
web-exploitation |
1 |
2026-03-07 23:46 |
| generic-backdoor-detection |
other |
1 |
2026-03-07 23:46 |
| wp-nested-backdoor |
web-exploitation |
1 |
2026-03-07 23:46 |
| crowdsecurity/http-wordpress-scan |
web-exploitation |
1 |
2026-03-07 23:46 |
| crowdsecurity/http-probing |
other |
1 |
2026-03-07 23:46 |
| php-obscure-path-backdoor |
web-exploitation |
1 |
2026-03-07 09:51 |
| wp-obscure-path-backdoor |
web-exploitation |
1 |
2026-03-07 09:51 |
| php-known-backdoor |
web-exploitation |
1 |
2026-03-07 09:50 |
|
| 2026-03-07 23:32 |
167.172.116.219 |
protocol-mismatch |
Ares |
Fleet |
| 2026-03-07 23:01 |
20.92.234.66 |
+9
|
Multiple (2) |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-07 23:01 |
| webshell-probe |
post-exploitation |
1 |
2026-03-07 23:01 |
| php-known-backdoor |
web-exploitation |
1 |
2026-03-07 23:01 |
| generic-backdoor-detection |
other |
1 |
2026-03-07 23:01 |
| crowdsecurity/http-probing |
other |
1 |
2026-03-07 23:01 |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-04 10:32 |
| wordpress-probe |
web-exploitation |
1 |
2026-03-04 10:32 |
| crowdsecurity/http-wordpress-scan |
web-exploitation |
1 |
2026-03-04 10:32 |
| crowdsecurity/http-admin-interface-probing |
reconnaissance |
1 |
2026-03-04 10:32 |
|
| 2026-03-07 23:00 |
45.142.154.100 |
protocol-mismatch |
Ares |
Fleet |
| 2026-03-07 22:19 |
146.190.63.248 |
+2
|
Argus |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| crowdsecurity/jira_cve-2021-26086 |
cve-exploit |
1 |
2026-03-07 22:19 |
| suspicious-probe |
reconnaissance |
1 |
2026-03-07 22:19 |
|
| 2026-03-07 22:19 |
139.59.143.102 |
+4
|
Argus |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| crowdsecurity/jira_cve-2021-26086 |
cve-exploit |
1 |
2026-03-07 22:19 |
| mgmt-path-probe |
reconnaissance |
1 |
2026-03-07 22:19 |
| suspicious-probe |
reconnaissance |
1 |
2026-03-07 22:19 |
| crowdsecurity/http-probing |
other |
1 |
2026-03-07 22:19 |
|
| 2026-03-07 22:19 |
96.41.38.202 |
+2
|
Triton |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| mgmt-path-probe |
reconnaissance |
1 |
2026-03-07 22:19 |
| suspicious-probe |
reconnaissance |
1 |
2026-03-07 22:19 |
|
| 2026-03-07 21:23 |
199.45.154.137 |
protocol-mismatch |
Ares |
Fleet |
| 2026-03-07 20:53 |
74.243.251.125 |
+8
|
Multiple (2) |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-07 20:53 |
| webshell-probe |
post-exploitation |
1 |
2026-03-07 20:53 |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-07 20:53 |
| wp-obscure-path-backdoor |
web-exploitation |
1 |
2026-03-06 13:31 |
| wordpress-probe |
web-exploitation |
1 |
2026-03-06 13:31 |
| wp-obscure-nested-php |
web-exploitation |
1 |
2026-03-06 13:31 |
| php-obscure-path-backdoor |
web-exploitation |
1 |
2026-03-06 13:30 |
| wp-nested-backdoor |
web-exploitation |
1 |
2026-03-06 13:30 |
|
| 2026-03-07 20:29 |
93.123.109.62 |
crowdsecurity/http-open-proxy |
Ares |
Fleet |
| 2026-03-07 19:17 |
51.68.107.138 |
crowdsecurity/http-bad-user-agent |
Triton |
Fleet |
| 2026-03-07 18:33 |
169.150.203.195 |
+3
|
Iris |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-07 18:33 |
| wordpress-probe |
web-exploitation |
1 |
2026-03-07 18:33 |
| crowdsecurity/http-probing |
other |
1 |
2026-03-07 18:33 |
|
| 2026-03-07 18:17 |
20.100.177.179 |
+3
|
Triton |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-07 18:17 |
| webshell-probe |
post-exploitation |
1 |
2026-03-07 18:17 |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-07 18:17 |
|
| 2026-03-07 16:59 |
114.232.36.39 |
crowdsecurity/http-cve-2021-41773 |
Ares |
Fleet |
| 2026-03-07 16:51 |
4.204.200.32 |
+18
|
Multiple (3) |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-07 16:51 |
| php-known-backdoor |
web-exploitation |
1 |
2026-03-07 16:51 |
| wordpress-probe |
web-exploitation |
1 |
2026-03-07 16:51 |
| wp-obscure-path-backdoor |
web-exploitation |
1 |
2026-03-07 16:51 |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-07 16:51 |
| wp-obscure-nested-php |
web-exploitation |
1 |
2026-03-07 16:51 |
| wp-nested-backdoor |
web-exploitation |
1 |
2026-03-07 16:51 |
| crowdsecurity/http-admin-interface-probing |
reconnaissance |
1 |
2026-03-07 16:51 |
| crowdsecurity/http-probing |
other |
1 |
2026-03-07 16:51 |
| php-obscure-path-backdoor |
web-exploitation |
1 |
2026-03-07 16:51 |
| crowdsecurity/http-wordpress-scan |
web-exploitation |
1 |
2026-03-07 16:51 |
| webshell-probe |
post-exploitation |
1 |
2026-03-07 05:57 |
| php-backdoor-generic |
web-exploitation |
1 |
2026-03-07 05:57 |
| generic-backdoor-detection |
other |
1 |
2026-03-07 05:57 |
| php-suspicious-name |
web-exploitation |
1 |
2026-03-07 05:57 |
| php-any-suspicious |
web-exploitation |
1 |
2026-03-07 05:57 |
| crowdsecurity/http-crawl-non_statics |
other |
1 |
2026-03-07 05:57 |
| mgmt-path-probe |
reconnaissance |
1 |
2026-03-06 12:25 |
|
| 2026-03-07 16:46 |
51.68.107.154 |
crowdsecurity/http-bad-user-agent |
Iris |
Fleet |
| 2026-03-07 16:29 |
204.76.203.25 |
suspicious-probe |
Argus |
Fleet |
| 2026-03-07 16:07 |
20.205.120.43 |
+10
|
Triton |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-07 16:07 |
| wordpress-probe |
web-exploitation |
1 |
2026-03-07 16:07 |
| webshell-probe |
post-exploitation |
1 |
2026-03-07 16:07 |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-07 16:07 |
| php-known-backdoor |
web-exploitation |
1 |
2026-03-07 16:07 |
| wp-obscure-nested-php |
web-exploitation |
1 |
2026-03-07 16:07 |
| php-backdoor-generic |
web-exploitation |
1 |
2026-03-07 16:07 |
| wp-nested-backdoor |
web-exploitation |
1 |
2026-03-07 16:07 |
| wp-obscure-path-backdoor |
web-exploitation |
1 |
2026-03-07 16:07 |
| php-obscure-path-backdoor |
web-exploitation |
1 |
2026-03-07 16:07 |
|
| 2026-03-07 15:31 |
185.93.89.110 |
suspicious-probe |
Zephyrus |
Fleet |
| 2026-03-07 15:31 |
20.214.142.73 |
+8
|
Triton |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-07 15:31 |
| wordpress-probe |
web-exploitation |
1 |
2026-03-07 15:31 |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-07 15:31 |
| wp-obscure-nested-php |
web-exploitation |
1 |
2026-03-07 15:31 |
| webshell-probe |
post-exploitation |
1 |
2026-03-07 15:31 |
| php-backdoor-generic |
web-exploitation |
1 |
2026-03-07 15:31 |
| generic-backdoor-detection |
other |
1 |
2026-03-07 15:31 |
| wp-nested-backdoor |
web-exploitation |
1 |
2026-03-07 15:31 |
|
| 2026-03-07 15:13 |
176.65.148.74 |
crowdsecurity/http-open-proxy |
Ares |
Fleet |
| 2026-03-07 15:10 |
158.94.211.102 |
protocol-mismatch |
Ares |
Fleet |
| 2026-03-07 14:48 |
2602:80d:1006::6e |
protocol-mismatch |
Ares |
Fleet |
| 2026-03-07 14:26 |
205.210.31.197 |
protocol-mismatch |
Ares |
Fleet |
| 2026-03-07 13:23 |
167.172.76.200 |
+2
|
Triton |
Fleet |
| Scenario |
Category |
Hits |
Last Seen |
| webshell-high-confidence |
post-exploitation |
1 |
2026-03-07 13:23 |
| wp-sensitive-paths |
web-exploitation |
1 |
2026-03-07 13:23 |
|