SCARD

Suspicious activity by IP address 45.41.105.253

Below is a list of the last 500 suspicious interactions with this IP.

Last observed Tue, 14 Jul 2026 04:30:59 (Australia/Brisbane)

Back to main list

Summary of suspicious activity by IP address 45.41.105.253

Description Count
ET HUNTING Suspicious Chmod Usage in URI (Inbound) 11
ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) 7
ET EXPLOIT D-Link DSL-2750B - OS Command Injection 4
SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt 4
ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) 4

Detailed activity by IP address 45.41.105.253

Timestamp Description Protocol Destination Port
2026-07-14 04:30:59 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-07-14 04:30:59 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-07-14 04:30:59 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-07-14 04:30:59 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-07-14 04:30:59 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-07-14 04:30:59 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-07-14 04:30:59 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-07-14 04:30:59 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-07-12 05:07:50 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-07-12 05:07:50 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-07-12 05:07:50 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-07-12 05:07:50 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-07-09 20:10:10 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-07-09 20:10:10 ET EXPLOIT D-Link DSL-2750B Command Injection Attempt (CVE-2016-20017) TCP 80
2026-07-09 20:10:10 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-07-09 20:10:10 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-07-09 20:10:10 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-07-09 20:10:10 ET EXPLOIT D-Link DSL-2750B - OS Command Injection TCP 80
2026-07-09 20:10:10 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-07-09 20:10:10 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-07-09 20:10:10 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-07-09 20:10:10 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-07-09 20:10:10 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-07-09 20:10:10 SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt TCP 80
2026-07-07 13:42:17 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-07-07 13:42:17 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-07-06 20:37:54 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-07-06 20:37:54 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-07-06 20:37:54 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80
2026-07-06 20:37:54 ET EXPLOIT Possible Authenticated Command Injection Inbound - Comtrend VR-3033 (CVE-2020-10173) TCP 80

 

Back to top