Investigation Workspace

Entity: 195.24.236.78 (Ip)

Entity Details
Type
Ip
ASN
AS60223 - Netiface
Threat Intelligence
IP attempted to access highly suspicious paths like 'plugins/content/apismtp/apismtp.php.suspected' and 'wp-content/plugins/apikey/apikey.php.suspected', strongly indicating web shell upload or exploitation attempts, despite no immediate WAF flags.
Linked Entities
TLS Fingerprints (1)
Hostnames Targeted
Hostname Request Count
www.darcherif.fr 15
Paths Targeted (with Hostname Counts)
Path Distinct Hostnames
plugins/content/apismtp/apismtp.php.suspected 1
wp-content/plugins/apikey/apikey.php 1
wp-content/plugins/apikey/apikey.php.suspected 1
plugins/content/apismtp/apismtp.php 1
🚫

Block

IP attempted to access highly suspicious paths like 'plugins/content/apismtp/apismtp.php.suspected' and 'wp-content/plugins/apikey/apikey.php.suspected', strongly indicating web shell upload or exploitation attempts, despite no immediate WAF flags.

2026-01-09 17:22:03