SCARD

Suspicious activity by IP address 108.54.90.54

Below is a list of the last 500 suspicious interactions with this IP.

Last observed Thu, 28 May 2026 09:22:43 (Australia/Brisbane)

Back to main list

Summary of suspicious activity by IP address 108.54.90.54

Description Count
ET HUNTING Suspicious Chmod Usage in URI (Inbound) 36
ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) 21
ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) 15
ET EXPLOIT D-Link DSL-2750B - OS Command Injection 15
SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt 12

Detailed activity by IP address 108.54.90.54

Timestamp Description Protocol Destination Port
2026-05-28 09:22:43 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-28 09:22:43 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-05-28 09:22:43 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-05-28 09:22:43 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-27 10:07:03 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-27 10:07:03 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-05-25 12:22:09 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-05-25 12:22:09 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-05-25 12:22:09 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-25 12:22:09 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-25 12:22:09 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-05-25 12:22:09 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-05-25 12:22:09 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-05-25 12:22:09 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-05-21 10:26:28 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-21 10:26:28 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-05-21 10:26:28 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-05-21 10:26:28 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-21 03:47:22 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-05-21 03:47:22 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-21 03:47:22 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-21 03:47:22 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-05-21 01:52:21 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-05-21 01:52:21 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-21 01:52:21 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-05-20 04:55:33 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-05-20 04:55:33 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-05-20 04:55:33 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-18 21:36:01 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-05-18 21:36:01 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-18 21:36:01 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-05-18 21:36:01 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-15 09:00:50 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-05-15 09:00:50 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-05-15 09:00:50 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-15 09:00:50 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-15 09:00:50 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-05-15 09:00:50 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-05-15 09:00:50 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-05-15 09:00:50 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-05-15 07:39:41 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-05-15 07:39:41 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-15 07:39:41 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-05-15 07:39:41 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-13 04:57:58 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-13 04:57:58 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-05-13 04:57:58 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-05-13 04:57:58 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-11 06:25:54 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-05-11 06:25:54 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-05-11 06:25:54 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-11 06:25:54 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-05-11 06:25:54 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-05-11 06:25:54 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-05-11 06:25:54 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-11 06:25:54 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-05-09 23:26:38 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-05-09 23:26:38 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-05-09 23:26:38 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-02 12:54:42 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-05-02 12:54:42 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-02 12:54:42 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-05-02 12:54:42 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-05-02 12:54:40 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-05-02 12:54:40 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-02 12:54:40 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-05-02 12:54:40 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-04-24 15:46:52 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-24 15:46:52 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-04-24 15:46:52 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-24 15:46:52 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-04-21 23:50:26 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-21 23:50:26 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-21 23:50:26 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-04-21 23:50:26 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-04-14 02:47:01 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-14 02:47:01 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-04-14 02:47:01 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-04-14 02:47:01 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-04-14 02:47:01 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-04-14 02:47:01 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-04-14 02:47:01 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-14 02:47:01 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-04-12 00:36:11 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-04-12 00:36:11 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-04-12 00:36:11 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-04-12 00:36:11 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-12 00:36:11 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-12 00:36:11 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-04-12 00:36:11 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-04-12 00:36:11 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-04-07 13:39:15 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-07 13:39:15 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-07 13:39:15 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-04-07 13:39:15 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-04-05 14:40:09 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-05 14:40:09 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-04-05 14:40:09 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-04-05 14:40:09 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80

 

Back to top