SCARD

Suspicious activity by IP address 206.189.209.165

Below is a list of the last 500 suspicious interactions with this IP.

Last observed Sat, 30 May 2026 13:57:01 (Australia/Brisbane)

Back to main list

Summary of suspicious activity by IP address 206.189.209.165

Description Count
ET EXPLOIT Cisco ASA/Firepower Unauthenticated File Read (CVE-2020-3452) M2 2
SURICATA HTTP METHOD terminated by non-compliant character 2
ET EXPLOIT Cisco ASA/Firepower Unauthenticated File Read (CVE-2020-3452) M3 2
SURICATA HTTP request field missing colon 2
SURICATA HTTP invalid request field folding 2
ET EXPLOIT Cisco ASA and Firepower Path Traversal Vulnerability M2 (CVE-2020-3452) 2

Detailed activity by IP address 206.189.209.165

Timestamp Description Protocol Destination Port
2026-05-30 13:57:01 ET EXPLOIT Cisco ASA/Firepower Unauthenticated File Read (CVE-2020-3452) M2 TCP 80
2026-05-30 13:57:01 ET EXPLOIT Cisco ASA/Firepower Unauthenticated File Read (CVE-2020-3452) M3 TCP 80
2026-05-30 13:57:01 ET EXPLOIT Cisco ASA/Firepower Unauthenticated File Read (CVE-2020-3452) M2 TCP 80
2026-05-30 13:57:01 ET EXPLOIT Cisco ASA and Firepower Path Traversal Vulnerability M2 (CVE-2020-3452) TCP 80
2026-05-30 13:57:01 ET EXPLOIT Cisco ASA/Firepower Unauthenticated File Read (CVE-2020-3452) M3 TCP 80
2026-05-30 13:57:01 ET EXPLOIT Cisco ASA and Firepower Path Traversal Vulnerability M2 (CVE-2020-3452) TCP 80
2026-05-16 17:55:20 SURICATA HTTP METHOD terminated by non-compliant character TCP 2082
2026-05-16 17:55:20 SURICATA HTTP request field missing colon TCP 2082
2026-05-16 17:55:20 SURICATA HTTP invalid request field folding TCP 2082
2026-05-16 17:55:20 SURICATA HTTP METHOD terminated by non-compliant character TCP 2082
2026-05-16 17:55:20 SURICATA HTTP invalid request field folding TCP 2082
2026-05-16 17:55:20 SURICATA HTTP request field missing colon TCP 2082

 

Back to top