Loading threats
FTP session where a client probes for valid usernames, attempts authentication, enters passive mode, negotiates transfer modes (ASCII/Binary), enumerates the /pub/vendor directory, and attempts to upload info.zip. This sequence reflects authenticated directory reconnaissance followed by file placement into a publicly accessible path, consistent with staged content deployment.
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 213.145.146.50 | 100% | 1,030 | 157 | 🇰🇬 KG | AS12997 | 2026-03-12 |
| 58.181.99.122 | 93% | 342 | 342 | 🇵🇰 PK | AS45595 | 2026-04-17 |
| 185.203.236.250 | 97% | 287 | 56 | 🇺🇿 UZ | AS8193 | 2026-02-23 |
| 80.72.179.223 | 94% | 286 | 55 | 🇰🇬 KG | AS12997 | 2026-02-28 |
| 31.192.250.1 | 78% | 252 | 22 | 🇰🇬 KG | AS8449 | 2026-03-12 |
| 45.120.59.157 | 95% | 41 | 41 | 🇮🇳 IN | AS59191 | 2026-03-27 |
| 217.29.24.170 | 95% | 33 | 33 | 🇰🇬 KG | AS29061 | 2026-03-14 |
| 149.40.210.91 | 94% | 25 | 21 | 🇵🇰 PK | AS45669 | 2026-02-18 |
| 84.54.70.61 | 90% | 23 | 17 | 🇺🇿 UZ | AS8193 | 2026-02-18 |
| 195.158.22.9 | 96% | 22 | 22 | 🇺🇿 UZ | AS8193 | 2026-04-14 |
| 223.123.32.43 | 91% | 22 | 22 | 🇵🇰 PK | AS138423 | 2026-04-01 |
| 198.163.205.76 | 94% | 21 | 21 | 🇺🇿 UZ | AS8193 | 2026-04-14 |
| 178.122.65.24 | 94% | 21 | 21 | 🇧🇾 BY | AS6697 | 2026-03-28 |
| 84.54.72.176 | 94% | 21 | 21 | 🇺🇿 UZ | AS8193 | 2026-04-10 |
| 49.156.87.181 | 94% | 21 | 21 | 🇮🇳 IN | AS17917 | 2026-04-16 |
| 77.95.57.164 | 94% | 21 | 21 | 🇰🇬 KG | AS42837 | 2026-03-25 |
| 182.184.192.160 | 94% | 21 | 21 | 🇵🇰 PK | AS17557 | 2026-03-27 |
| 116.113.133.242 | 94% | 21 | 21 | 🇨🇳 CN | AS139007 | 2026-03-05 |
| 39.32.130.40 | 94% | 21 | 21 | 🇵🇰 PK | AS17557 | 2026-04-07 |
| 185.213.230.21 | 94% | 21 | 21 | 🇺🇿 UZ | AS64466 | 2026-03-26 |