Loading threats
Identifies Redis configuration abuse where an attacker modifies dir and dbfilename to write a malicious cron job to system cron directories, disables write protections, saves the database to disk, and achieves persistence via scheduled command execution (often using wget/curl pipe-to-sh patterns).
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 114.80.35.241 | 100% | 795 | 450 | 🇨🇳 CN | AS4811 | 2026-04-19 |
| 106.227.11.236 | 99% | 568 | 180 | 🇨🇳 CN | AS134238 | 2026-03-26 |
| 106.75.241.127 | 99% | 261 | 93 | 🇨🇳 CN | AS17621 | 2026-04-18 |
| 39.107.103.199 | 97% | 227 | 77 | 🇨🇳 CN | AS37963 | 2026-04-20 |
| 123.56.141.52 | 95% | 190 | 48 | 🇨🇳 CN | AS37963 | 2026-02-26 |
| 8.142.178.14 | 98% | 166 | 60 | 🇨🇳 CN | AS37963 | 2026-04-17 |
| 47.236.24.189 | 97% | 148 | 124 | 🇸🇬 SG | AS45102 | 2026-04-19 |
| 106.15.64.156 | 89% | 147 | 49 | 🇨🇳 CN | AS37963 | 2026-03-29 |
| 39.107.95.100 | 96% | 131 | 70 | 🇨🇳 CN | AS37963 | 2026-04-17 |
| 8.140.150.7 | 95% | 124 | 66 | 🇨🇳 CN | AS37963 | 2026-03-25 |
| 36.135.17.52 | 77% | 58 | 24 | 🇨🇳 CN | AS134810 | 2026-04-14 |
| 47.97.229.80 | 83% | 46 | 40 | 🇨🇳 CN | AS37963 | 2026-03-29 |