Active Threat β’ MEDIUM
24.249.245.61
Country of OriginπΊπΈ United States
First Detection3/30/2026
Last Activity3/30/2026
ISPCox Communications Inc.
π―
236
Total Attacks
π
1
Ports
π‘
1
Attack Types
π¦
21
Malware
Geolocation
- Country
- πΊπΈ United States
- City
- Rancho Santa Margarita
- ASN
- AS22773
- ISP
- Cox Communications Inc.
Attack Types
ssh_telnet_honeypot
Attacked Ports
22
Associated Malware
Attempted Credentials
π345gs5662d34/345gs5662d34
2xπroot/3245gs5662d34
2xπroot/System1!
1xπroot/a;sldkfj
1xπroot/C3nt0s@2026
1xπroot/P4ssw0rd2025
1xπroot/qwerty98
1xπroot/ray123
1xπroot/root@123456789
1xπroot/haojie
1xπroot/kl123456
1xπroot/abccba
1xπroot/Qwe2025
1xπroot/zenalyn
1xπroot/qwe`123
1xExecuted Commands
$
cd ~; chattr -ia .ssh; lockr -ia .ssh2x$
ls -lh $(which ls)2x$
cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'2x$
uname -a2x$
free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'2x$
lscpu | grep Model2x$
w2x$
cat /proc/cpuinfo | grep name | wc -l2x$
crontab -l2x$
cat /proc/cpuinfo | grep model | grep name | wc -l2xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
22
Hostnames
wsip-24-249-245-61.oc.oc.cox.net
CPEs
cpe:/a:openbsd:openssh:8.9p1cpe:/o:canonical:ubuntu_linux
Risk Assessment
55
/100
LowMediumHighCritical