logo
Threat Intel Portal
CURRENT EDITION — JULY 17, 2026

Remote File Inclusion: 83.97.78.224

The attacker IP 83.97.78.224 is conducting automated probing against the target IP, attempting to establish an encrypted HTTPS connection with various generic headers. The username "admin" was attempted in authentication requests, indicating potential brute-force login attempts. This activity has a high confidence level and may indicate a malicious actor attempting to gain unauthorized access.

READ FULL INVESTIGATION
CRITICALITY SCORE

85


PREVIOUS EDITIONS
JULY 16, 2026
Password Spray: 160.119.71.92

A malicious actor with IP address 160.119.71.92 is suspected of attempting to brute-force access to our system with repeated connection attempts, scanning for vulnerabilities. The target is an internal IP address, and the username "admin" was observed in the authentication attempts. This activity has a confidence level of high, indicating a potential security threat that requires immediate attention.

VIEW ANALYSIS
SCORE

86

JULY 15, 2026
PHP Shell: 222.170.126.219

A suspicious activity has been detected from the attacker IP 222.170.126.219, targeting the internal server with IP address [target IP redacted]. The attacker is performing automated probing on port 443, attempting to establish an HTTPS connection without any identifiable usernames involved. There is a high confidence level in identifying this as malicious due to the repeated scanning behavior.

VIEW ANALYSIS
SCORE

85

JULY 14, 2026
PHP Exploit: 31.70.71.228

The attacker IP, 31.70.71.228, is engaged in suspicious activity by scanning the target IP, attempting to identify potential vulnerabilities. This automated probing appears to be an attempt to exploit a weakness, as indicated by the high confidence level of this indicator. No specific usernames are visible during these attempts.

VIEW ANALYSIS
SCORE

95