SCARD

Suspicious activity by IP address 124.29.214.70

Below is a list of the last 500 suspicious interactions with this IP.

Last observed Thu, 23 Apr 2026 14:10:22 (Australia/Brisbane)

Back to main list

Summary of suspicious activity by IP address 124.29.214.70

Description	Count
ET EXPLOIT MVPower DVR Shell UCE	3
ET SCAN JAWS Webserver Unauthenticated Shell Command Execution	3
ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016)	3
ET SCAN Mirai Variant User-Agent (Inbound)	3
ET HUNTING Suspicious Chmod Usage in URI (Inbound)	3

Detailed activity by IP address 124.29.214.70

Timestamp	Description	Protocol	Destination Port
2026-04-23 14:10:22	ET SCAN JAWS Webserver Unauthenticated Shell Command Execution	TCP	80
2026-04-23 14:10:22	ET SCAN Mirai Variant User-Agent (Inbound)	TCP	80
2026-04-23 14:10:22	ET EXPLOIT MVPower DVR Shell UCE	TCP	80
2026-04-23 14:10:22	ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016)	TCP	80
2026-04-23 14:10:22	ET HUNTING Suspicious Chmod Usage in URI (Inbound)	TCP	80
2026-03-27 12:35:20	ET EXPLOIT MVPower DVR Shell UCE	TCP	80
2026-03-27 12:35:20	ET SCAN JAWS Webserver Unauthenticated Shell Command Execution	TCP	80
2026-03-27 12:35:20	ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016)	TCP	80
2026-03-27 12:35:20	ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016)	TCP	80
2026-03-27 12:35:20	ET SCAN Mirai Variant User-Agent (Inbound)	TCP	80
2026-03-27 12:35:20	ET SCAN JAWS Webserver Unauthenticated Shell Command Execution	TCP	80
2026-03-27 12:35:20	ET HUNTING Suspicious Chmod Usage in URI (Inbound)	TCP	80
2026-03-27 12:35:20	ET EXPLOIT MVPower DVR Shell UCE	TCP	80
2026-03-27 12:35:20	ET HUNTING Suspicious Chmod Usage in URI (Inbound)	TCP	80
2026-03-27 12:35:20	ET SCAN Mirai Variant User-Agent (Inbound)	TCP	80