Active Threat • MEDIUM

144.79.187.30

Country of Origin🇮🇩 Indonesia

First Detection5/7/2026

Last Activity5/7/2026

ISPPT Antar Fiber Optik

🎯

217

Total Attacks

🔌

Ports

📡

Attack Types

🦠

Malware

Geolocation

Country: 🇮🇩 Indonesia
City: Unknown
ASN: AS138000
ISP: PT Antar Fiber Optik

Attack Types

ssh_telnet_honeypot

Attacked Ports

Associated Malware

09a3e612f8cad1560057...→23a15752c00b32015b84...→28720365c5e7476a011e...→28ba533b0f3c4df63d6b...→2937fb44b8054720360e...→

Attempted Credentials

🔐odoo/odoo2015

🔐ubuntu/changethis

🔐hduser/3245gs5662d34

🔐ubuntu/P@ssword1

🔐tester/passw0rd

🔐oracle/0000

🔐tsuser/tsuser

🔐dockeradmin/abc123

🔐developer/12345678

🔐admin/PASSWORD

🔐ubuntu/123qwe@

🔐test/987654321

🔐hduser/hduser

🔐user/password!

🔐ubuntu/M3gaP33!

Executed Commands

$Enter new UNIX password:2x

$ls -lh $(which ls)1x

$cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'1x

$uname -a1x

$w1x

$cat /proc/cpuinfo | grep name | wc -l1x

$crontab -l1x

$cat /proc/cpuinfo | grep model | grep name | wc -l1x

$echo "hduser\n1nalzlEl8vfZ\n1nalzlEl8vfZ\n"|passwd1x

$which ls1x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports

23238085

Risk Assessment

/100

LowMediumHighCritical