Loading threats
FTP session where a client probes for valid users, attempts authentication, switches transfer modes (ASCII/Binary), enumerates the /scripts directory, and attempts to upload info.zip via STOR in passive mode. This sequence reflects an authenticated file placement attempt following directory discovery, consistent with efforts to deploy content onto a remotely accessible scripts path.
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 213.145.146.50 | 100% | 1,030 | 157 | 🇰🇬 KG | AS12997 | 2026-03-12 |
| 58.181.99.122 | 93% | 338 | 338 | 🇵🇰 PK | AS45595 | 2026-04-14 |
| 185.203.236.250 | 97% | 287 | 56 | 🇺🇿 UZ | AS8193 | 2026-02-23 |
| 80.72.179.223 | 94% | 286 | 55 | 🇰🇬 KG | AS12997 | 2026-02-28 |
| 45.124.146.216 | 89% | 58 | 58 | 🇮🇳 IN | AS133255 | 2026-03-11 |
| 45.120.59.157 | 95% | 41 | 41 | 🇮🇳 IN | AS59191 | 2026-03-27 |
| 217.29.24.170 | 95% | 33 | 33 | 🇰🇬 KG | AS29061 | 2026-03-14 |
| 149.40.210.91 | 94% | 25 | 21 | 🇵🇰 PK | AS45669 | 2026-02-18 |
| 195.158.22.9 | 96% | 22 | 22 | 🇺🇿 UZ | AS8193 | 2026-04-14 |
| 223.123.32.43 | 91% | 22 | 22 | 🇵🇰 PK | AS138423 | 2026-04-01 |
| 84.54.72.176 | 94% | 21 | 21 | 🇺🇿 UZ | AS8193 | 2026-04-10 |
| 91.201.111.9 | 94% | 21 | 21 | 🇺🇦 UA | AS29031 | 2026-03-26 |
| 39.32.130.40 | 94% | 21 | 21 | 🇵🇰 PK | AS17557 | 2026-04-07 |
| 77.95.57.164 | 94% | 21 | 21 | 🇰🇬 KG | AS42837 | 2026-03-25 |
| 144.124.199.206 | 94% | 21 | 21 | 🇺🇿 UZ | AS8193 | 2026-04-10 |
| 185.213.230.21 | 94% | 21 | 21 | 🇺🇿 UZ | AS64466 | 2026-03-26 |
| 39.32.174.249 | 94% | 21 | 21 | 🇵🇰 PK | AS17557 | 2026-03-26 |
| 87.192.226.226 | 94% | 21 | 21 | 🇺🇿 UZ | AS8193 | 2026-04-02 |
| 103.110.102.20 | 94% | 21 | 21 | 🇮🇳 IN | AS133001 | 2026-03-22 |
| 198.163.205.76 | 94% | 21 | 21 | 🇺🇿 UZ | AS8193 | 2026-04-14 |