Threat LevelHIGH67/1001 rule type
1 incident on record · active attack detected · seen 10h ago
| PTR | N/A |
| Org / ASN | Microsoft Azure Cloud (koreacentral) |
| Country | 🇰🇷 South Korea |
| City | Seoul, Seoul |
| Timezone | Asia/Seoul |
Attack Analysis
Webshell Upload Scan
This IP rapidly probed multiple non-existent PHP paths in under 60 seconds — a hallmark of automated webshell scanning tools hunting for previously uploaded backdoors or vulnerable file-upload endpoints. If successful, a webshell grants the attacker full remote code execution on the server.
Reports (1)
| Date | Severity | Description |
|---|---|---|
| 4 Jun 2026 - 12:20 | high | Web: Webshell scan — 3+ unknown PHP probes in 60s |
EagleEye Intelligence