SCARD

Suspicious activity by IP address 206.135.161.94

Below is a list of the last 500 suspicious interactions with this IP.

Last observed Tue, 14 Apr 2026 05:06:20 (Australia/Brisbane)

Back to main list

Summary of suspicious activity by IP address 206.135.161.94

Description Count
ET WEB_SERVER WebShell Generic - wget http - POST 2
ET EXPLOIT HackingTrio UA (Hello, World) 2
SERVER-WEBAPP Netgear DGN1000 series routers authentication bypass attempt 2
ET EXPLOIT Netgear DGN Remote Command Execution 2
ET SCAN Mirai Variant User-Agent (Inbound) 2

Detailed activity by IP address 206.135.161.94

Timestamp Description Protocol Destination Port
2026-04-14 05:06:20 SERVER-WEBAPP Netgear DGN1000 series routers authentication bypass attempt TCP 80
2026-04-14 05:06:20 ET EXPLOIT Netgear DGN Remote Command Execution TCP 80
2026-04-14 05:06:20 SERVER-WEBAPP Netgear DGN1000 series routers authentication bypass attempt TCP 80
2026-04-14 05:06:20 ET EXPLOIT Netgear DGN Remote Command Execution TCP 80
2026-03-28 20:38:00 ET WEB_SERVER WebShell Generic - wget http - POST TCP 80
2026-03-28 20:38:00 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80
2026-03-28 20:38:00 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-03-28 20:38:00 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-03-28 20:38:00 ET WEB_SERVER WebShell Generic - wget http - POST TCP 80
2026-03-28 20:38:00 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80

 

Back to top