Active Threat β’ MEDIUM
198.2.193.50
Country of OriginπΊπΈ United States
First Detection3/31/2026
Last Activity3/31/2026
ISPPEG TECH INC
π―
163
Total Attacks
π
1
Ports
π‘
1
Attack Types
π¦
20
Malware
Geolocation
- Country
- πΊπΈ United States
- City
- San Jose
- ASN
- AS54600
- ISP
- PEG TECH INC
Attack Types
ssh_telnet_honeypot
Attacked Ports
22
Associated Malware
Attempted Credentials
πroot/temp1
1xπroot/ted
1xπroot/123QWEqwe@
1xπroot/Mac2025
1xπroot/P@SSw0rd
1xπroot/3245gs5662d34
1xπroot/ys123456
1xπroot/a123456?
1xπroot/1234567891011
1xπroot/yang5202414
1xπroot/zzxxcc123
1xπroot/1Qaz2Wsx3Edc
1xπroot/1qazxdr5^&*(
1xπroot/mas@2026
1xπroot/digital
1xExecuted Commands
$
lscpu | grep Model1x$
ls -lh $(which ls)1x$
cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'1x$
uname -a1x$
w1x$
cat /proc/cpuinfo | grep name | wc -l1x$
crontab -l1x$
cat /proc/cpuinfo | grep model | grep name | wc -l1x$
which ls1x$
uname1xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
2280443
Vulnerabilities
CVE-2012-2912CVE-2010-4277CVE-2011-3853CVE-2010-4630CVE-2009-4748CVE-2012-2913CVE-2016-20012CVE-2009-2299CVE-2009-4169CVE-2012-4001CVE-2025-26465CVE-2009-2852CVE-2011-3863CVE-2011-3981CVE-2008-7175CVE-2012-4360CVE-2011-3859CVE-2013-2765CVE-2007-4723CVE-2011-3854
CPEs
cpe:/a:php:php:8.3.28cpe:/a:apache:http_server:2.4.65cpe:/a:openbsd:openssh:8.7cpe:/a:wordpress:wordpress:6.8.3cpe:/a:jquery:jquerycpe:/o:debian:debian_linuxcpe:/a:mysql:mysql
Risk Assessment
55
/100
LowMediumHighCritical