Active Threat • HIGH

178.63.130.241

Country of Origin🇩🇪 Germany

First Detection3/9/2026

Last Activity3/19/2026

ISPHetzner Online GmbH

🎯

112

Total Attacks

🔌

Ports

📡

Attack Types

🦠

Malware

Geolocation

Country: 🇩🇪 Germany
City: Falkenstein
ASN: AS24940
ISP: Hetzner Online GmbH

Attack Types

ssh_telnet_honeypot

Attacked Ports

Associated Malware

0e0ad569aa2563d56bc0...→1399621c1ccf32f9ba86...→28ba533b0f3c4df63d6b...→

Attempted Credentials

🔐alejandro/123456

🔐diana/diana

🔐%company%/test12345%

🔐portal/123456

🔐mac/123456

🔐mb/123456

🔐printer/Aa123456

🔐edu/123456

🔐careers/careers

🔐online/online

🔐minoxidil4you/test%123456

🔐pedro/123456

🔐miguel/miguel65.60.89.117

🔐minoxidil4you/root1234%

🔐demo/demo2014

Executed Commands

$uname -a2x

$ls -la /home/ 2>/dev/null | grep -q phil && echo 'phil_found' || echo 'ok'2x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports

22803000333360028000

Hostnames

static.241.130.63.178.clients.your-server.de

CPEs

cpe:/o:canonical:ubuntu_linuxcpe:/a:openbsd:openssh:8.9p1cpe:/a:nodejs:node.jscpe:/a:f5:nginxcpe:/a:expressjs:express

Risk Assessment

/100

LowMediumHighCritical