SCARD

Suspicious activity by IP address 100.16.2.147

Below is a list of the last 500 suspicious interactions with this IP.

Last observed Tue, 14 Apr 2026 04:05:17 (Australia/Brisbane)

Back to main list

Summary of suspicious activity by IP address 100.16.2.147

Description Count
ET HUNTING Suspicious Chmod Usage in URI (Inbound) 8
ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) 8

Detailed activity by IP address 100.16.2.147

Timestamp Description Protocol Destination Port
2026-04-14 04:05:17 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-14 04:05:17 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-14 04:05:17 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-04-14 04:05:17 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-04-14 01:50:33 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-04-14 01:50:33 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-14 01:50:33 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-14 01:50:33 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-04-11 02:48:30 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-11 02:48:30 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-04-11 02:48:30 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-11 02:48:30 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-04-10 23:25:11 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-04-10 23:25:11 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-10 23:25:11 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-10 23:25:11 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80

 

Back to top