Active Threat • MEDIUM
201.217.67.183
Country of Origin🇪🇨 EC
First Detection4/6/2026
Last Activity4/6/2026
ISPSERVICIOS DE TELECOMUNICACIONES SETEL S.A. XTRIM EC
🎯
193
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
18
Malware
Geolocation
- Country
- 🇪🇨 EC
- City
- Guayaquil
- ASN
- AS14522
- ISP
- SERVICIOS DE TELECOMUNICACIONES SETEL S.A. XTRIM EC
Attack Types
ssh_telnet_honeypot
Attacked Ports
22
Associated Malware
Attempted Credentials
🔐deploy/deploy2026
1x🔐sa/password
1x🔐rustserver/rustserver
1x🔐root/Abcd12345678!
1x🔐root/1234567890Aa
1x🔐teamspeak/teamspeak9
1x🔐mongo/test123
1x🔐root/linux2026
1x🔐steam/asdfghjkl
1x🔐sa/sa123
1x🔐root/Root2022#$
1x🔐user/!qaz@wsx
1x🔐ubuntu/ubuntu_2026
1x🔐root/temp1234
1x🔐ubuntu/Password123
1xExecuted Commands
$
Enter new UNIX password:2x$
echo -e "sa123\nd9IJ14U53jPe\nd9IJ14U53jPe"|passwd|bash1x$
ls -lh $(which ls)1x$
cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'1x$
uname -a1x$
w1x$
echo "sa123\nd9IJ14U53jPe\nd9IJ14U53jPe\n"|passwd1x$
cat /proc/cpuinfo | grep name | wc -l1x$
crontab -l1x$
cat /proc/cpuinfo | grep model | grep name | wc -l1xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
2280
Hostnames
183.satnet-67-217.gye.satnet.net
CPEs
cpe:/o:debian:debian_linuxcpe:/a:openbsd:openssh:9.2p1cpe:/o:linux:linux_kernel
Risk Assessment
55
/100
LowMediumHighCritical