Active Threat • HIGH

131.255.240.10

Country of Origin🇦🇷 Argentina

First Detection3/21/2026

Last Activity4/1/2026

ISPSM COMUNICACIONES S.R.L.

🎯

803

Total Attacks

🔌

Ports

📡

Attack Types

🦠

Malware

Geolocation

Country: 🇦🇷 Argentina
City: Salta
ASN: AS269810
ISP: SM COMUNICACIONES S.R.L.

Attack Types

ssh_telnet_honeypot

Attacked Ports

Associated Malware

01ba4719c80b6fe911b0...→09a3e612f8cad1560057...→114b266a03c0feee5971...→1a42d2aaf23056b0513b...→242cd44e3a6e2b6431f3...→

Attempted Credentials

🔐345gs5662d34/345gs5662d34

🔐root/3245gs5662d34

🔐root/abc1234.

🔐michael/Michael123

🔐root/202501

🔐business/1234

🔐root/woaini@123

🔐root/Qwerty@2025

🔐root/asd@qwe123

🔐root/Adm1n!

🔐root/black

🔐root/123678

🔐root/123qwe123

🔐root/open

🔐root/LINUX

Executed Commands

$Enter new UNIX password:8x

$ls -lh $(which ls)7x

$cd ~; chattr -ia .ssh; lockr -ia .ssh7x

$w7x

$cat /proc/cpuinfo | grep name | wc -l7x

$crontab -l7x

$cat /proc/cpuinfo | grep model | grep name | wc -l7x

$which ls7x

$uname7x

$whoami7x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports

82919072908291759176

Vulnerabilities

CVE-2019-11048CVE-2020-7061CVE-2019-13224CVE-2020-7069CVE-2017-8923CVE-2019-11046CVE-2020-7060CVE-2019-11050CVE-2019-11047CVE-2020-7066CVE-2022-37454CVE-2019-11044CVE-2020-7062CVE-2020-7070CVE-2019-11045CVE-2020-7063CVE-2013-2220CVE-2020-7064CVE-2024-3566CVE-2019-11043

CPEs

cpe:/a:php:php:7.2.22

Risk Assessment

/100

LowMediumHighCritical