Active Threat β’ HIGH
104.218.166.62
Country of OriginπΊπΈ United States
First Detection3/14/2026
Last Activity4/4/2026
ISPUCLOUD INFORMATION TECHNOLOGY HK LIMITED
π―
1,217
Total Attacks
π
1
Ports
π‘
1
Attack Types
π¦
37
Malware
Geolocation
- Country
- πΊπΈ United States
- City
- Unknown
- ASN
- AS135377
- ISP
- UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Attack Types
ssh_telnet_honeypot
Attacked Ports
22
Associated Malware
Attempted Credentials
π345gs5662d34/345gs5662d34
10xπroot/ASD!@#123
1xπgustavo/12345
1xπroot/Azerty1
1xπjeff/Jeff123!
1xπroot/xiaokang
1xπwikijs/3245gs5662d34
1xπwhmcs/whmcs
1xπbitwarden/bitwardenpass
1xπyzh/3245gs5662d34
1xπsimone/simonepass
1xπroot/Qwerty!@34
1xπroot/ZAQ!2wsx321@@
1xπjboss/password
1xπroot/nginx123456
1xExecuted Commands
$
Enter new UNIX password:16x$
cd ~; chattr -ia .ssh; lockr -ia .ssh10x$
cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'10x$
w10x$
crontab -l10x$
cat /proc/cpuinfo | grep model | grep name | wc -l10x$
which ls10x$
uname10x$
whoami10x$
lockr -ia .ssh10xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
33066379
Vulnerabilities
CVE-2025-50084CVE-2024-21236CVE-2024-21203CVE-2024-21198CVE-2024-21193CVE-2024-21238CVE-2024-21213CVE-2024-21197CVE-2024-21196CVE-2025-50085CVE-2026-21964CVE-2025-50092CVE-2024-21199CVE-2025-50087CVE-2025-50079CVE-2025-50099CVE-2025-50102CVE-2025-50088CVE-2025-50078CVE-2024-21231
CPEs
cpe:/a:redislabs:rediscpe:/a:oracle:mysql:8.0.39
Risk Assessment
65
/100
LowMediumHighCritical