Below is a list of the last 500 suspicious interactions with this IP.
Last observed Sat, 06 Jun 2026 15:08:13 (Australia/Brisbane)
| Description | Count |
|---|---|
| ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | 98 |
| ET HUNTING Suspicious Chmod Usage in URI (Inbound) | 98 |
| ET EXPLOIT ZTE Cable Modem RCE Attempt (CVE-2014-2321) | 4 |
| ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack | 3 |
| ET WEB_SERVER WebShell Generic - wget http - POST | 2 |
| Timestamp | Description | Protocol | Destination Port |
|---|---|---|---|
| 2026-06-06 15:08:13 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-06 15:08:13 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-06 15:08:13 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-06 15:08:13 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-06 14:44:42 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-06 14:44:42 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-06 14:44:42 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-06 14:44:42 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-06 14:43:44 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-06 14:43:44 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-06 05:12:19 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-06 05:12:19 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-06 05:12:19 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-06 05:12:19 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-06 04:49:55 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-06 04:49:55 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-06 04:49:55 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-06 04:49:55 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-06 04:29:15 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-06 04:29:15 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-06 04:29:15 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-06 04:29:15 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-06 04:13:44 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-06 04:13:44 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-06 04:13:44 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-06 04:13:44 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 18:53:25 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 18:53:25 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-05 18:53:25 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-05 18:53:25 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 18:37:42 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 18:37:42 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-05 18:37:42 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 18:37:42 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-05 18:20:00 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-05 18:20:00 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 18:20:00 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 18:20:00 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-05 09:19:22 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 09:19:22 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-05 09:19:22 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-05 09:19:22 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 09:03:51 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-05 09:03:51 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-05 09:03:51 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 09:03:51 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 08:32:31 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 08:32:31 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-05 08:32:31 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 08:32:31 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-05 00:06:16 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-05 00:06:16 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 00:06:16 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-05 00:06:16 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 23:31:29 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 23:31:29 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 23:31:29 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 23:31:29 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 23:15:20 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 23:15:20 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 23:15:20 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 23:15:20 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 14:46:25 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 14:46:25 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 14:46:25 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 14:46:25 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 14:44:44 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 14:44:44 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 14:25:20 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 14:25:20 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 14:25:20 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 14:25:20 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 13:50:29 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 13:50:29 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 13:50:29 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 13:50:29 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 05:52:46 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 05:52:46 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 05:52:46 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 05:52:46 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 05:21:16 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 05:21:16 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 05:20:56 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 05:20:56 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 05:20:56 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 05:20:56 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 05:01:22 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-04 05:01:22 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 05:01:22 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-04 05:01:22 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 21:32:34 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 21:32:34 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 21:32:34 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 21:32:34 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 21:16:30 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 21:16:30 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 21:16:30 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 21:16:30 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 20:45:11 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 20:45:11 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 20:45:11 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 20:45:11 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 11:56:54 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 11:56:54 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 11:56:54 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 11:56:54 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 11:29:01 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 11:29:01 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 11:29:01 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 11:29:01 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 11:11:46 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 11:11:46 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 11:11:46 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 11:11:46 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 02:44:32 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 02:44:32 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 02:44:32 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 02:44:32 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 02:17:11 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 02:17:11 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 02:17:11 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 02:17:11 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 01:51:36 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 01:51:36 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 01:50:40 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-03 01:50:40 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 01:50:40 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-03 01:50:40 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-02 17:03:51 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-02 17:03:51 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-02 17:03:51 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-02 17:03:51 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-02 16:47:29 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-02 16:47:29 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-02 16:47:29 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-02 16:47:29 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-02 16:23:12 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-02 16:23:12 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-02 16:23:12 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-02 16:23:12 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-02 07:54:53 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-02 07:54:53 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-02 07:54:53 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-02 07:54:53 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-02 07:24:39 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-02 07:24:39 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-02 07:24:39 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-02 07:24:39 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-02 07:24:14 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-02 07:24:14 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-02 07:00:38 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-02 07:00:38 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-02 07:00:38 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-02 07:00:38 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 22:17:11 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 22:17:11 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 22:17:11 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 22:17:11 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 21:37:30 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 21:37:30 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 21:20:49 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 21:20:49 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 21:20:49 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 21:20:49 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 12:48:26 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 12:48:26 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 12:48:26 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 12:48:26 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 12:28:00 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 12:28:00 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 12:16:22 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 12:16:22 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 12:16:22 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 12:16:22 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 04:13:03 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 04:13:03 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 04:13:03 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 04:13:03 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 03:26:49 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 03:26:49 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 03:26:49 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 03:26:49 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 03:11:18 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 03:11:18 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 03:08:04 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 03:08:04 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-06-01 03:08:04 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-06-01 03:08:04 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-05-31 18:58:25 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-05-31 18:58:25 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-05-31 18:58:25 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-05-31 18:58:25 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-05-31 18:42:14 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-05-31 18:42:14 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-05-31 18:42:14 | ET HUNTING Suspicious Chmod Usage in URI (Inbound) | TCP | 80 |
| 2026-05-31 18:42:14 | ET WEB_SPECIFIC_APPS TBK DVR-4104/4216 Command Injection Attempt (CVE-2024-3721) | TCP | 80 |
| 2026-03-28 16:21:56 | ET EXPLOIT ZTE Cable Modem RCE Attempt (CVE-2014-2321) | TCP | 80 |
| 2026-03-28 16:21:56 | ET WEB_SERVER WebShell Generic - wget http - POST | TCP | 80 |
| 2026-03-28 16:21:56 | ET WEB_SERVER WebShell Generic - wget http - POST | TCP | 80 |
| 2026-03-28 16:21:56 | ET EXPLOIT ZTE Cable Modem RCE Attempt (CVE-2014-2321) | TCP | 80 |
| 2026-03-28 16:21:55 | ET EXPLOIT ZTE Cable Modem RCE Attempt (CVE-2014-2321) | TCP | 80 |
| 2026-03-28 16:21:55 | ET EXPLOIT ZTE Cable Modem RCE Attempt (CVE-2014-2321) | TCP | 80 |
| 2026-03-28 13:30:42 | ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack | TCP | 22 |
| 2026-03-27 21:46:09 | ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack | TCP | 22 |
| 2026-03-26 22:39:14 | ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack | TCP | 22 |
Back to top