SCARD

Suspicious activity by IP address 45.230.66.114

Below is a list of the last 500 suspicious interactions with this IP.

Last observed Sun, 14 Jun 2026 06:22:41 (Australia/Brisbane)

Back to main list

Summary of suspicious activity by IP address 45.230.66.114

Description Count
ET SCAN Mirai Variant User-Agent (Inbound) 15
ET EXPLOIT MVPower DVR Shell UCE 8
ET HUNTING Suspicious Chmod Usage in URI (Inbound) 8
ET SCAN JAWS Webserver Unauthenticated Shell Command Execution 8
ET INFO Netlink GPON Login Attempt (GET) 8
ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) 8
ET EXPLOIT HackingTrio UA (Hello, World) 7
ET WEB_SERVER WebShell Generic - wget http - POST 6
ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 3
ET EXPLOIT Netgear DGN Remote Command Execution 3
ET WEB_SERVER WGET Command Specifying Output in HTTP Headers 3
SERVER-WEBAPP Netgear DGN1000 series routers authentication bypass attempt 2

Detailed activity by IP address 45.230.66.114

Timestamp Description Protocol Destination Port
2026-06-14 06:22:41 ET EXPLOIT Netgear DGN Remote Command Execution TCP 80
2026-06-14 06:22:41 SERVER-WEBAPP Netgear DGN1000 series routers authentication bypass attempt TCP 80
2026-06-14 06:22:41 ET EXPLOIT Netgear DGN Remote Command Execution TCP 80
2026-06-14 06:22:41 SERVER-WEBAPP Netgear DGN1000 series routers authentication bypass attempt TCP 80
2026-06-11 14:21:34 ET INFO Netlink GPON Login Attempt (GET) TCP 80
2026-06-11 14:21:33 ET INFO Netlink GPON Login Attempt (GET) TCP 80
2026-06-07 09:37:10 ET EXPLOIT Netgear DGN Remote Command Execution TCP 80
2026-06-03 02:27:48 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-06-03 02:27:48 ET SCAN JAWS Webserver Unauthenticated Shell Command Execution TCP 80
2026-06-03 02:27:48 ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) TCP 80
2026-06-03 02:27:48 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-06-03 02:27:48 ET EXPLOIT MVPower DVR Shell UCE TCP 80
2026-06-03 02:27:47 ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) TCP 80
2026-06-03 02:27:47 ET EXPLOIT MVPower DVR Shell UCE TCP 80
2026-06-03 02:27:47 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-06-03 02:27:47 ET SCAN JAWS Webserver Unauthenticated Shell Command Execution TCP 80
2026-06-03 02:27:47 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-06-01 07:55:28 ET INFO Netlink GPON Login Attempt (GET) TCP 80
2026-06-01 07:55:27 ET INFO Netlink GPON Login Attempt (GET) TCP 80
2026-05-14 14:31:10 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-14 14:31:10 ET SCAN JAWS Webserver Unauthenticated Shell Command Execution TCP 80
2026-05-14 14:31:10 ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) TCP 80
2026-05-14 14:31:10 ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) TCP 80
2026-05-14 14:31:10 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-14 14:31:10 ET SCAN JAWS Webserver Unauthenticated Shell Command Execution TCP 80
2026-05-14 14:31:10 ET EXPLOIT MVPower DVR Shell UCE TCP 80
2026-05-14 14:31:10 ET EXPLOIT MVPower DVR Shell UCE TCP 80
2026-05-14 14:31:10 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-14 14:31:10 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-13 14:50:05 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80
2026-05-13 14:50:05 ET WEB_SERVER WebShell Generic - wget http - POST TCP 80
2026-05-13 14:50:05 ET WEB_SERVER WebShell Generic - wget http - POST TCP 80
2026-05-13 14:50:05 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-13 14:50:05 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-13 14:50:05 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80
2026-05-06 09:28:22 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-06 09:28:22 ET EXPLOIT MVPower DVR Shell UCE TCP 80
2026-05-06 09:28:22 ET SCAN JAWS Webserver Unauthenticated Shell Command Execution TCP 80
2026-05-06 09:28:22 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-06 09:28:22 ET EXPLOIT MVPower DVR Shell UCE TCP 80
2026-05-06 09:28:22 ET SCAN JAWS Webserver Unauthenticated Shell Command Execution TCP 80
2026-05-06 09:28:22 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-06 09:28:22 ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) TCP 80
2026-05-06 09:28:22 ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) TCP 80
2026-05-06 09:28:22 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-06 02:20:15 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80
2026-05-06 02:20:15 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-05 06:33:14 ET WEB_SERVER WGET Command Specifying Output in HTTP Headers TCP 80
2026-05-05 06:33:14 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution TCP 80
2026-05-05 02:15:25 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-05 02:15:25 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-05 02:15:25 ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) TCP 80
2026-05-05 02:15:25 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-05 02:15:25 ET EXPLOIT MVPower DVR Shell UCE TCP 80
2026-05-05 02:15:25 ET SCAN JAWS Webserver Unauthenticated Shell Command Execution TCP 80
2026-05-05 02:15:25 ET EXPLOIT MVPower DVR Shell UCE TCP 80
2026-05-05 02:15:25 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-05 02:15:25 ET SCAN JAWS Webserver Unauthenticated Shell Command Execution TCP 80
2026-05-05 02:15:25 ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) TCP 80
2026-05-02 11:30:11 ET WEB_SERVER WebShell Generic - wget http - POST TCP 80
2026-05-02 11:30:11 ET WEB_SERVER WebShell Generic - wget http - POST TCP 80
2026-05-02 11:30:10 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80
2026-05-02 11:30:10 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-02 11:30:10 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80
2026-05-02 11:30:10 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-04-27 07:34:15 ET INFO Netlink GPON Login Attempt (GET) TCP 80
2026-04-27 07:34:14 ET INFO Netlink GPON Login Attempt (GET) TCP 80
2026-04-18 09:40:07 ET INFO Netlink GPON Login Attempt (GET) TCP 80
2026-04-18 09:40:07 ET INFO Netlink GPON Login Attempt (GET) TCP 80
2026-04-13 05:06:16 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution TCP 80
2026-04-13 05:06:16 ET WEB_SERVER WGET Command Specifying Output in HTTP Headers TCP 80
2026-04-13 05:06:15 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution TCP 80
2026-04-13 05:06:15 ET WEB_SERVER WGET Command Specifying Output in HTTP Headers TCP 80
2026-03-29 22:31:43 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-03-29 22:31:43 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-03-29 22:31:43 ET WEB_SERVER WebShell Generic - wget http - POST TCP 80
2026-03-29 22:31:43 ET WEB_SERVER WebShell Generic - wget http - POST TCP 80
2026-03-29 22:31:43 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80
2026-03-29 22:31:43 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80

 

Back to top