SCARD

Suspicious activity by IP address 45.230.66.114

Below is a list of the last 500 suspicious interactions with this IP.

Last observed Thu, 14 May 2026 14:31:10 (Australia/Brisbane)

Back to main list

Summary of suspicious activity by IP address 45.230.66.114

Description Count
ET SCAN Mirai Variant User-Agent (Inbound) 13
ET EXPLOIT HackingTrio UA (Hello, World) 7
ET EXPLOIT MVPower DVR Shell UCE 6
ET HUNTING Suspicious Chmod Usage in URI (Inbound) 6
ET WEB_SERVER WebShell Generic - wget http - POST 6
ET SCAN JAWS Webserver Unauthenticated Shell Command Execution 6
ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) 6
ET INFO Netlink GPON Login Attempt (GET) 4
ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution 3
ET WEB_SERVER WGET Command Specifying Output in HTTP Headers 3

Detailed activity by IP address 45.230.66.114

Timestamp Description Protocol Destination Port
2026-05-14 14:31:10 ET SCAN JAWS Webserver Unauthenticated Shell Command Execution TCP 80
2026-05-14 14:31:10 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-14 14:31:10 ET EXPLOIT MVPower DVR Shell UCE TCP 80
2026-05-14 14:31:10 ET EXPLOIT MVPower DVR Shell UCE TCP 80
2026-05-14 14:31:10 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-14 14:31:10 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-14 14:31:10 ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) TCP 80
2026-05-14 14:31:10 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-14 14:31:10 ET SCAN JAWS Webserver Unauthenticated Shell Command Execution TCP 80
2026-05-14 14:31:10 ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) TCP 80
2026-05-13 14:50:05 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-13 14:50:05 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-13 14:50:05 ET WEB_SERVER WebShell Generic - wget http - POST TCP 80
2026-05-13 14:50:05 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80
2026-05-13 14:50:05 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80
2026-05-13 14:50:05 ET WEB_SERVER WebShell Generic - wget http - POST TCP 80
2026-05-06 09:28:22 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-06 09:28:22 ET SCAN JAWS Webserver Unauthenticated Shell Command Execution TCP 80
2026-05-06 09:28:22 ET EXPLOIT MVPower DVR Shell UCE TCP 80
2026-05-06 09:28:22 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-06 09:28:22 ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) TCP 80
2026-05-06 09:28:22 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-06 09:28:22 ET EXPLOIT MVPower DVR Shell UCE TCP 80
2026-05-06 09:28:22 ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) TCP 80
2026-05-06 09:28:22 ET SCAN JAWS Webserver Unauthenticated Shell Command Execution TCP 80
2026-05-06 09:28:22 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-06 02:20:15 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-06 02:20:15 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80
2026-05-05 06:33:14 ET WEB_SERVER WGET Command Specifying Output in HTTP Headers TCP 80
2026-05-05 06:33:14 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution TCP 80
2026-05-05 02:15:25 ET EXPLOIT MVPower DVR Shell UCE TCP 80
2026-05-05 02:15:25 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-05 02:15:25 ET SCAN JAWS Webserver Unauthenticated Shell Command Execution TCP 80
2026-05-05 02:15:25 ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) TCP 80
2026-05-05 02:15:25 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-05 02:15:25 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-05 02:15:25 ET EXPLOIT MVPower DVR Shell UCE TCP 80
2026-05-05 02:15:25 ET HUNTING Suspicious Chmod Usage in URI (Inbound) TCP 80
2026-05-05 02:15:25 ET SCAN JAWS Webserver Unauthenticated Shell Command Execution TCP 80
2026-05-05 02:15:25 ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) TCP 80
2026-05-02 11:30:11 ET WEB_SERVER WebShell Generic - wget http - POST TCP 80
2026-05-02 11:30:11 ET WEB_SERVER WebShell Generic - wget http - POST TCP 80
2026-05-02 11:30:10 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80
2026-05-02 11:30:10 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-02 11:30:10 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-05-02 11:30:10 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80
2026-04-27 07:34:15 ET INFO Netlink GPON Login Attempt (GET) TCP 80
2026-04-27 07:34:14 ET INFO Netlink GPON Login Attempt (GET) TCP 80
2026-04-18 09:40:07 ET INFO Netlink GPON Login Attempt (GET) TCP 80
2026-04-18 09:40:07 ET INFO Netlink GPON Login Attempt (GET) TCP 80
2026-04-13 05:06:16 ET WEB_SERVER WGET Command Specifying Output in HTTP Headers TCP 80
2026-04-13 05:06:16 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution TCP 80
2026-04-13 05:06:15 ET EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution TCP 80
2026-04-13 05:06:15 ET WEB_SERVER WGET Command Specifying Output in HTTP Headers TCP 80
2026-03-29 22:31:43 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-03-29 22:31:43 ET SCAN Mirai Variant User-Agent (Inbound) TCP 80
2026-03-29 22:31:43 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80
2026-03-29 22:31:43 ET WEB_SERVER WebShell Generic - wget http - POST TCP 80
2026-03-29 22:31:43 ET WEB_SERVER WebShell Generic - wget http - POST TCP 80
2026-03-29 22:31:43 ET EXPLOIT HackingTrio UA (Hello, World) TCP 80

 

Back to top