Active Threat • HIGH
165.154.22.195
Country of Origin🇭🇰 Hong Kong
First Detection3/18/2026
Last Activity4/11/2026
ISPUCLOUD INFORMATION TECHNOLOGY HK LIMITED
🎯
748
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
28
Malware
Geolocation
- Country
- 🇭🇰 Hong Kong
- City
- Hong Kong
- ASN
- AS135377
- ISP
- UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Attack Types
ssh_telnet_honeypot
Attacked Ports
22
Associated Malware
Attempted Credentials
🔐345gs5662d34/345gs5662d34
7x🔐root/3245gs5662d34
5x🔐user8/user8123
1x🔐root/La123456
1x🔐teamspeak/Teamspeak3
1x🔐user1/qweasd
1x🔐root/ABA123123
1x🔐cardano/cardano1234
1x🔐root/Pa55w0rd
1x🔐root/standard
1x🔐root/showmethemoney
1x🔐root/Aa147258@
1x🔐git/git666
1x🔐root/A123123a
1x🔐root/1qaz!QAZ@
1xExecuted Commands
$
df -h | head -n 2 | awk 'FNR == 2 {print $2;}'6x$
cat /proc/cpuinfo | grep model | grep name | wc -l6x$
free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'6x$
lscpu | grep Model6x$
uname6x$
lockr -ia .ssh6x$
whoami6x$
uname -m6x$
ls -lh $(which ls)6x$
cd ~; chattr -ia .ssh; lockr -ia .ssh6xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
2211112311288
Vulnerabilities
CVE-2019-6111CVE-2021-41617CVE-2023-38408CVE-2023-51385CVE-2019-6110CVE-2016-20012CVE-2020-15778CVE-2019-6109CVE-2021-36368CVE-2023-48795CVE-2023-51767CVE-2018-15919CVE-2008-3844CVE-2025-32728CVE-2020-14145CVE-2007-2768CVE-2018-20685CVE-2018-15473CVE-2017-15906CVE-2025-26465
CPEs
cpe:/a:ntp:ntp:3cpe:/a:openbsd:openssh:7.4
Risk Assessment
65
/100
LowMediumHighCritical