Amenaza Activa • MEDIO

191.253.105.30

Pais de Origen🇧🇷 Brasil

Primera Deteccion19/4/2026

Ultima Actividad19/4/2026

ISPUNIFIQUE TELECOMUNICACOES SA

🎯

145

Ataques Totales

🔌

Puertos

📡

Tipos Ataque

🦠

Malware

Geolocalizacion

Pais: 🇧🇷 Brasil
Ciudad: Blumenau
ASN: AS28343
ISP: UNIFIQUE TELECOMUNICACOES SA

Tipos de Ataque

ssh_telnet_honeypot

Puertos Atacados

Malware Asociado

09a3e612f8cad1560057...→28720365c5e7476a011e...→28ba533b0f3c4df63d6b...→50e721e49c013f00c62c...→5c0be87ed7434d69005f...→

Credenciales Intentadas

🔐root/admin888

🔐root/Qazwsx1234567..

🔐root/Fd123456

🔐ubuntu/AAA123456

🔐root/As123456

🔐root/321321321

🔐ubuntu/a123456g

🔐ftp_client/12345678

🔐monitoring/monitoring@123

🔐yupei/yupei

🔐deleteme/deleteme

🔐root/qazwsx123456!@

🔐steam/123qweASD

🔐ftpuser/Password123

🔐claude/claude!123

Comandos Ejecutados

$lscpu | grep Model1x

$ls -lh $(which ls)1x

$uname -a1x

$w1x

$crontab -l1x

$cat /proc/cpuinfo | grep model | grep name | wc -l1x

$which ls1x

$uname1x

$whoami1x

$df -h | head -n 2 | awk 'FNR == 2 {print $2;}'1x

Exposicion segun Shodan InternetDBShodan

Datos de InternetDB, actualizacion no en tiempo real

Puertos

22229000

Vulnerabilidades

CVE-2021-33193CVE-2025-49630CVE-2024-38477CVE-2024-43394CVE-2021-26691CVE-2021-30641CVE-2022-29404CVE-2022-22719CVE-2012-3526CVE-2021-26690CVE-2024-38475CVE-2025-23048CVE-2024-38476CVE-2022-28614CVE-2024-42516CVE-2024-40898CVE-2021-32791CVE-2023-45802CVE-2012-4360CVE-2025-53020

Hostnames

191-253-105-30.unifique.net

CPEs

cpe:/o:canonical:ubuntu_linuxcpe:/a:openbsd:openssh:8.2p1cpe:/a:apache:http_server:2.4.41

Evaluacion de Riesgo

/100

BajoMedioAltoCritico