Active Threat • MEDIUM
125.227.136.193
Country of Origin🇹🇼 Taiwan
First Detection4/21/2026
Last Activity4/22/2026
ISPData Communication Business Group
🎯
233
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
21
Malware
Geolocation
- Country
- 🇹🇼 Taiwan
- City
- New Taipei City
- ASN
- AS3462
- ISP
- Data Communication Business Group
Attack Types
ssh_telnet_honeypot
Attacked Ports
22
Associated Malware
Attempted Credentials
🔐345gs5662d34/345gs5662d34
2x🔐ubuntu/linux123
1x🔐root/aa123456A
1x🔐dmdba/3245gs5662d34
1x🔐test2/1234
1x🔐nils/nils
1x🔐ftp_user/ftp_user123
1x🔐zcm/zcm
1x🔐dev/3245gs5662d34
1x🔐auditor/auditor
1x🔐root/Ctyun@2025
1x🔐ftpuser/asdf1234
1x🔐root/1q2w3e4r%T
1x🔐steam/wenjh999
1x🔐dmdba/root
1xExecuted Commands
$
Enter new UNIX password:4x$
ls -lh $(which ls)2x$
cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'2x$
cd ~; chattr -ia .ssh; lockr -ia .ssh2x$
top2x$
uname -m2x$
free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'2x$
lscpu | grep Model2x$
uname -a2x$
w2xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
80541500150021044310480
Hostnames
125-227-136-193.hinet-ip.hinet.net
CPEs
cpe:/a:openbsd:openssh:7.2p2cpe:/o:canonical:ubuntu_linuxcpe:/a:apache:http_server
Risk Assessment
55
/100
LowMediumHighCritical