Active Threat • HIGH

34.0.13.61

Country of Origin🇮🇳 India

First Detection3/18/2026

Last Activity4/1/2026

ISPGoogle LLC

🎯

708

Total Attacks

🔌

Ports

📡

Attack Types

🦠

Malware

Geolocation

Country: 🇮🇳 India
City: New Delhi
ASN: AS19527
ISP: Google LLC

Attack Types

ssh_telnet_honeypot

Attacked Ports

Associated Malware

01ba4719c80b6fe911b0...→09a3e612f8cad1560057...→0d2a55d61784302419b1...→179afd17378a99b2ce74...→28720365c5e7476a011e...→

Attempted Credentials

🔐345gs5662d34/345gs5662d34

🔐root/3245gs5662d34

🔐usuarioftp/Usuarioftp123

🔐root/Q1w2e3r4t5y6

🔐grid/123456

🔐root/00..112233

🔐root/Zn123456

🔐root/qweQWE123!@#zxcZXC

🔐matic/Matic123

🔐viewtinet/1234

🔐exx/exxpass

🔐kjh/1234

🔐root/admin123456*

🔐ftb/password

🔐root/ireland

Executed Commands

$Enter new UNIX password:9x

$lscpu | grep Model7x

$top7x

$cat /proc/cpuinfo | grep model | grep name | wc -l7x

$df -h | head -n 2 | awk 'FNR == 2 {print $2;}'7x

$cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'7x

$uname -a7x

$uname7x

$w7x

$crontab -l7x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports

Hostnames

61.13.0.34.bc.googleusercontent.com

CPEs

cpe:/o:linux:linux_kernelcpe:/a:openbsd:openssh:9.2p1cpe:/o:debian:debian_linux

Risk Assessment

/100

LowMediumHighCritical