Active Threat • MEDIUM
202.10.38.181
Country of Origin🇮🇩 Indonesia
First Detection4/22/2026
Last Activity4/22/2026
ISPCV. Rumahweb Indonesia
🎯
193
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
19
Malware
Geolocation
- Country
- 🇮🇩 Indonesia
- City
- Unknown
- ASN
- AS58487
- ISP
- CV. Rumahweb Indonesia
Attack Types
ssh_telnet_honeypot
Attacked Ports
22
Associated Malware
Attempted Credentials
🔐root/root321@
1x🔐app/app@2026
1x🔐root/zaq12wsx!@#
1x🔐root/Qazwsx321!@#
1x🔐mahdi/mahdi2025
1x🔐runner/1234
1x🔐odoo/Odoo30!
1x🔐root/6yhn@#
1x🔐root/Server12
1x🔐root/Root12345!
1x🔐root/QWER!@#$
1x🔐root/qazwsx01#
1x🔐root/XXbb000
1x🔐admin1234/admin1234
1x🔐postgres/3245gs5662d34
1xExecuted Commands
$
Enter new UNIX password:2x$
ls -lh $(which ls)1x$
cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'1x$
uname -a1x$
w1x$
cat /proc/cpuinfo | grep name | wc -l1x$
echo -e "1qaz3edc\nftQ804oEknl0\nftQ804oEknl0"|passwd|bash1x$
crontab -l1x$
cat /proc/cpuinfo | grep model | grep name | wc -l1x$
which ls1xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
22443
Hostnames
axelhandal.id
CPEs
cpe:/o:canonical:ubuntu_linuxcpe:/a:openbsd:openssh:9.6p1cpe:/a:f5:nginx
Risk Assessment
55
/100
LowMediumHighCritical