Active Threat • MEDIUM
188.138.28.122
Country of Origin🇫🇷 France
First Detection3/25/2026
Last Activity3/25/2026
ISPvelia.net Internetdienste GmbH
🎯
163
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
21
Malware
Geolocation
- Country
- 🇫🇷 France
- City
- Strasbourg
- ASN
- AS29066
- ISP
- velia.net Internetdienste GmbH
Attack Types
ssh_telnet_honeypot
Attacked Ports
22
Associated Malware
Attempted Credentials
🔐345gs5662d34/345gs5662d34
2x🔐storage/123456
1x🔐zhouxin/123
1x🔐spike/123
1x🔐spam/spam
1x🔐rollup/3245gs5662d34
1x🔐zhouxin/3245gs5662d34
1x🔐rollup/Rollup123!
1xExecuted Commands
$
Enter new UNIX password:4x$
free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'2x$
cd ~; chattr -ia .ssh; lockr -ia .ssh2x$
cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'2x$
uname -a2x$
w2x$
cat /proc/cpuinfo | grep name | wc -l2x$
crontab -l2x$
cat /proc/cpuinfo | grep model | grep name | wc -l2x$
which ls2xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
222580
Vulnerabilities
CVE-2022-2068CVE-2011-2688CVE-2020-1934CVE-2009-3767CVE-2024-38472CVE-2022-2097CVE-2025-23048CVE-2025-49812CVE-2021-36160CVE-2021-33193CVE-2021-32791CVE-2023-2650CVE-2023-31122CVE-2025-68160CVE-2023-0464CVE-2013-4365CVE-2019-17567CVE-2022-28615CVE-2022-22721CVE-2025-55753
Hostnames
superoceanuae.com
CPEs
cpe:/a:openbsd:openssh:8.0cpe:/a:apache:http_server:2.4.37cpe:/a:php:php:8.1.34cpe:/a:openssl:openssl:1.1.1kcpe:/a:jquery:jquery
Risk Assessment
55
/100
LowMediumHighCritical