SCARD

Suspicious activity by IP address 176.65.139.165

Below is a list of the last 500 suspicious interactions with this IP.

Last observed Mon, 18 May 2026 15:30:30 (Australia/Brisbane)

Back to main list

Summary of suspicious activity by IP address 176.65.139.165

Description Count
ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) 27
SURICATA HTTP URI terminated by non-compliant character 16
SURICATA HTTP METHOD terminated by non-compliant character 16
ET EXPLOIT TP-Link Archer AX21 Unauthenticated Command Injection Inbound (CVE-2023-1389) 3
ET WEB_SERVER WebShell Generic - wget http - POST 2

Detailed activity by IP address 176.65.139.165

Timestamp Description Protocol Destination Port
2026-05-18 15:30:30 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 15:30:29 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 14:48:58 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 14:48:57 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 14:45:52 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 14:45:52 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 14:45:52 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 14:45:52 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 13:54:26 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 13:54:26 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 13:33:11 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 13:33:11 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 13:31:04 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 13:31:04 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 13:31:04 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 13:31:04 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 13:22:37 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 13:15:24 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 13:15:23 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 13:12:37 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 13:12:37 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 13:12:37 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 13:12:37 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 12:34:04 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 12:34:03 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 12:30:53 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 12:30:53 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 12:30:53 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 12:30:53 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 11:46:44 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 11:46:44 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 11:44:32 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 11:44:32 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 11:44:32 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 11:44:32 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 11:27:40 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 11:27:40 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 11:25:14 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 11:25:14 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 11:25:00 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 11:25:00 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 11:25:00 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 11:25:00 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 11:08:42 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 11:08:42 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 11:05:23 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 11:05:23 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 11:05:23 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 11:05:23 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 10:45:24 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 10:45:23 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 09:37:42 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 09:37:40 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-18 09:34:56 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-18 09:34:56 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 09:34:56 SURICATA HTTP URI terminated by non-compliant character TCP 80
2026-05-18 09:34:56 SURICATA HTTP METHOD terminated by non-compliant character TCP 80
2026-05-15 06:41:06 ET WEB_SERVER WebShell Generic - wget http - POST TCP 8080
2026-05-15 06:41:06 ET EXPLOIT TP-Link Archer AX21 Unauthenticated Command Injection Inbound (CVE-2023-1389) TCP 8080
2026-05-15 06:41:06 ET EXPLOIT TP-Link Archer AX21 Unauthenticated Command Injection Inbound (CVE-2023-1389) TCP 8080
2026-05-15 06:41:06 ET WEB_SERVER WebShell Generic - wget http - POST TCP 8080
2026-05-15 06:22:23 ET EXPLOIT TP-Link Archer AX21 Unauthenticated Command Injection Inbound (CVE-2023-1389) TCP 8080
2026-05-07 19:27:33 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80
2026-05-07 19:27:33 ET WEB_SPECIFIC_APPS Shenzhen TVT NVMS-9000 Information Disclosure Attempt (CVE-2024-14007) TCP 80

 

Back to top