Active Threat β’ CRITICAL
38.110.46.239
Country of OriginπΊπΈ United States
First Detection1/23/2026
Last Activity1/26/2026
ISPGeorgia Institute of Technology
π―
342
Total Attacks
π
12
Ports
π‘
6
Attack Types
π¦
2
Malware
Geolocation
- Country
- πΊπΈ United States
- City
- Atlanta
- ASN
- AS2637
- ISP
- Georgia Institute of Technology
Attack Types
dionaea
ipphoney
tanner
honeytrap
cowrie
h0neytr4p
Attacked Ports
188363164438023214434567223000575471723
Associated Malware
Attempted Credentials
πAccept-Encoding: gzip/(empty)
4xπAccept: */*/Content-Type: application/ipp
3xπUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.3/Accept: */*
3xπfox.version=s:1.0/id=i:1
3xπfox a 1 -1 fox hello/{
3xπhostName=s:xpvm-0omdc01xmy/hostAddress=s:192.168.1.125
2xπ*1/$4
2xπbrandId=s:vykon/};;
2xπapp.name=s:Workbench/app.version=s:3.7.44
2xπhostId=s:Win-99CB-D49D-5442-07BB/vmUuid=s:8b530bc8-76c5-4139-a2ea-0fabd394d305
2xπlang=s:en/timeZone=s:America/Los_Angeles;-28800000;3600000;0
2xπos.name=s:Windows XP/os.version=s:5.1
2xπvm.name=s:Java HotSpot(TM) Server VM/vm.version=s:20.4-b02
2xπUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.3/Content-Length: 145
2xπPOST /ipp HTTP/1.1/Host: 15.235.184.72:23
1xExecuted Commands
$
Accept-Encoding: gzip4x$
os.name=s:Windows XP2x$
vm.name=s:Java HotSpot(TM) Server VM2x$
os.version=s:5.11x$
36000001x$
brandId=s:vykon1x$
vm.version=s:20.4-b021x$
02:00:00.000,wall,march,8,on or after,sunday,undefined1x$
-288000001x$
hostName=s:xpvm-0omdc01xmy1xRisk Assessment
85
/100
LowMediumHighCritical