Loading threats
Represents a complete, tightly scoped PostgreSQL exploitation chain where a client initiates a transaction, fingerprints the server version, prepares a temporary table, executes an external system command via COPY FROM PROGRAM, retrieves the command output, and immediately cleans up by dropping the table. This sequence is highly characteristic of automated post-authentication exploitation tooling that abuses PostgreSQL’s trusted language and program execution features for one-shot remote command execution, output capture, and minimal on-disk footprint. The rapid execution and cleanup indicate intent to execute payloads rather than interact with the database as a datastore.
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 154.16.112.232 | 100% | 354,752 | 86,375 | 🇺🇸 US | AS14670 | 2026-04-16 |
| 208.97.53.150 | 100% | 27,926 | 4,227 | 🇺🇸 US | AS30247 | 2026-02-24 |
| 66.179.9.227 | 100% | 4,327 | 4,283 | 🇨🇦 CA | AS1100 | 2026-04-17 |
| 192.42.116.214 | 99% | 1,714 | 192 | 🇳🇱 NL | AS215125 | 2026-02-24 |
| 192.42.116.213 | 98% | 1,631 | 188 | 🇳🇱 NL | AS215125 | 2026-02-20 |
| 192.42.116.210 |
| 99% |
| 1,518 |
| 177 |
| 🇳🇱 NL |
| AS215125 |
| 2026-02-19 |
| 192.42.116.208 | 99% | 1,327 | 155 | 🇳🇱 NL | AS215125 | 2026-02-22 |
| 192.42.116.211 | 99% | 1,284 | 152 | 🇳🇱 NL | AS215125 | 2026-02-23 |
| 192.42.116.178 | 99% | 1,242 | 136 | 🇳🇱 NL | AS215125 | 2026-02-18 |
| 192.42.116.179 | 98% | 1,206 | 142 | 🇳🇱 NL | AS215125 | 2026-02-24 |
| 192.42.116.216 | 99% | 1,191 | 147 | 🇳🇱 NL | AS215125 | 2026-02-22 |
| 192.42.116.212 | 98% | 1,185 | 127 | 🇳🇱 NL | AS215125 | 2026-02-22 |
| 192.42.116.209 | 98% | 1,165 | 135 | 🇳🇱 NL | AS215125 | 2026-02-20 |
| 192.42.116.217 | 96% | 1,118 | 124 | 🇳🇱 NL | AS215125 | 2026-02-20 |
| 192.42.116.218 | 97% | 1,066 | 117 | 🇳🇱 NL | AS215125 | 2026-02-18 |
| 45.84.107.128 | 98% | 1,004 | 210 | 🇸🇪 SE | AS214503 | 2026-04-17 |
| 45.84.107.174 | 99% | 994 | 241 | 🇸🇪 SE | AS214503 | 2026-04-17 |
| 45.84.107.55 | 96% | 988 | 205 | 🇸🇪 SE | AS214503 | 2026-04-16 |
| 45.84.107.74 | 99% | 936 | 188 | 🇸🇪 SE | AS214503 | 2026-04-16 |
| 192.42.116.215 | 98% | 919 | 107 | 🇳🇱 NL | AS215125 | 2026-02-21 |