Loading threats
FTP session where a client probes for valid users, attempts authentication, switches transfer modes (ASCII/Binary), enumerates the /scripts directory, and attempts to upload info.zip via STOR in passive mode. This sequence reflects an authenticated file placement attempt following directory discovery, consistent with efforts to deploy content onto a remotely accessible scripts path.
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 213.145.146.50 | 98% | 991 | 118 | 🇰🇬 KG | AS12997 | 2026-03-02 |
| 185.203.236.250 | 97% | 287 | 56 | 🇺🇿 UZ | AS8193 | 2026-02-23 |
| 80.72.179.223 | 94% | 286 | 55 | 🇰🇬 KG | AS12997 | 2026-02-28 |
| 45.124.146.216 | 89% | 45 | 45 | 🇮🇳 IN | AS133255 | 2026-03-02 |
| 149.40.210.91 | 94% | 25 | 21 | 🇵🇰 PK | AS45669 | 2026-02-18 |
| 116.113.133.242 | 94% | 21 | 21 | 🇨🇳 CN | AS139007 | 2026-03-05 |
| 80.67.220.240 | 95% | 20 | 20 | 🇷🇺 RU | AS33871 | 2026-02-22 |
| 45.120.59.157 | 94% | 20 | 20 | 🇮🇳 IN | AS59191 | 2026-03-03 |
| 178.121.74.35 | 89% | 19 | 19 | 🇧🇾 BY | AS6697 | 2026-02-21 |
| 182.177.52.49 | 94% | 19 | 19 | 🇵🇰 PK | AS17557 | 2026-02-23 |
| 37.215.8.205 | 94% | 19 | 19 | 🇧🇾 BY | AS6697 | 2026-03-03 |
| 194.93.24.187 | 94% | 19 | 19 | 🇺🇿 UZ | AS8193 | 2026-02-18 |
| 94.158.59.4 | 94% | 19 | 19 | 🇺🇿 UZ | AS43060 | 2026-03-02 |
| 109.248.159.191 | 94% | 19 | 19 | 🇰🇿 KZ | AS8200 | 2026-02-25 |
| 212.97.2.183 | 94% | 18 | 18 | 🇰🇬 KG | AS12997 | 2026-03-03 |
| 195.82.14.1 | 94% | 18 | 18 | 🇰🇿 KZ | AS9198 | 2026-03-02 |
| 185.139.138.75 | 94% | 18 | 18 | 🇺🇿 UZ | AS201767 | 2026-02-19 |
| 150.129.236.141 | 89% | 18 | 18 | 🇮🇳 IN | AS132453 | 2026-02-26 |
| 217.29.24.170 | 94% | 18 | 18 | 🇰🇬 KG | AS29061 | 2026-03-03 |
| 39.60.120.62 | 94% | 18 | 18 | 🇵🇰 PK | AS17557 | 2026-02-25 |