SCARD

Suspicious activity by IP address 103.40.61.98

Below is a list of the last 1000 suspicious interactions with this IP.

Last observed Sat, 28 Mar 2026 14:54:48 (Australia/Brisbane)

Back to main list

Summary of suspicious activity by IP address 103.40.61.98

Description Count
ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt 18
SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt 18
ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 11
ET EXPLOIT Apache HTTP Server 2.4.49 - Path Traversal Attempt (CVE-2021-41773) M2 10
ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) 5

Detailed activity by IP address 103.40.61.98

Timestamp Description Protocol Destination Port
2026-03-28 14:54:48 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-28 14:54:48 ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 TCP 80
2026-03-28 14:54:48 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-28 14:54:47 ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 TCP 80
2026-03-28 14:54:47 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-28 14:54:47 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-28 14:51:54 ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 TCP 80
2026-03-28 14:51:54 ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) TCP 80
2026-03-28 13:53:47 ET EXPLOIT Apache HTTP Server 2.4.49 - Path Traversal Attempt (CVE-2021-41773) M2 TCP 80
2026-03-28 13:53:47 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-28 13:53:47 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-28 13:53:47 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-28 13:53:47 ET EXPLOIT Apache HTTP Server 2.4.49 - Path Traversal Attempt (CVE-2021-41773) M2 TCP 80
2026-03-28 13:53:47 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-28 12:34:15 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-28 12:34:15 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-28 12:34:15 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-28 12:34:15 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-28 12:34:15 ET EXPLOIT Apache HTTP Server 2.4.49 - Path Traversal Attempt (CVE-2021-41773) M2 TCP 80
2026-03-28 12:34:15 ET EXPLOIT Apache HTTP Server 2.4.49 - Path Traversal Attempt (CVE-2021-41773) M2 TCP 80
2026-03-28 08:31:26 ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) TCP 80
2026-03-28 08:31:25 ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 TCP 80
2026-03-28 08:31:25 ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) TCP 80
2026-03-28 04:56:14 ET EXPLOIT Apache HTTP Server 2.4.49 - Path Traversal Attempt (CVE-2021-41773) M2 TCP 80
2026-03-28 04:56:14 ET EXPLOIT Apache HTTP Server 2.4.49 - Path Traversal Attempt (CVE-2021-41773) M2 TCP 80
2026-03-28 04:56:14 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-28 04:56:14 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-28 04:56:14 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-28 04:56:14 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-27 21:03:36 ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 TCP 80
2026-03-27 21:03:36 ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 TCP 80
2026-03-27 21:03:36 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-27 21:03:36 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-27 21:03:36 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-27 21:03:36 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-27 21:03:35 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-27 21:03:35 ET EXPLOIT Apache HTTP Server 2.4.49 - Path Traversal Attempt (CVE-2021-41773) M2 TCP 80
2026-03-27 21:03:35 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-27 21:03:35 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-27 21:03:35 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-27 21:03:35 ET EXPLOIT Apache HTTP Server 2.4.49 - Path Traversal Attempt (CVE-2021-41773) M2 TCP 80
2026-03-27 03:39:38 ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) TCP 80
2026-03-27 03:39:37 ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) TCP 80
2026-03-27 03:39:36 ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 TCP 80
2026-03-25 23:31:14 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-25 23:31:14 ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 TCP 80
2026-03-25 23:31:14 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-25 23:31:13 ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 TCP 80
2026-03-25 23:31:13 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-25 23:31:13 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-25 22:30:13 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-25 22:30:13 ET EXPLOIT Apache HTTP Server 2.4.49 - Path Traversal Attempt (CVE-2021-41773) M2 TCP 80
2026-03-25 22:30:13 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-25 22:30:13 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-25 22:30:13 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-25 22:30:13 ET EXPLOIT Apache HTTP Server 2.4.49 - Path Traversal Attempt (CVE-2021-41773) M2 TCP 80
2026-03-25 22:06:59 ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 TCP 80
2026-03-25 22:06:59 ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 TCP 80
2026-03-25 22:06:59 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-25 22:06:59 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80
2026-03-25 22:06:59 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt TCP 80
2026-03-25 22:06:59 SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt TCP 80

 

Back to top