Active Threat β’ MEDIUM
49.51.251.6
Country of OriginπΊπΈ United States
First Detection4/30/2026
Last Activity4/30/2026
ISPTencent Building, Kejizhongyi Avenue
π―
219
Total Attacks
π
1
Ports
π‘
1
Attack Types
π¦
19
Malware
Geolocation
- Country
- πΊπΈ United States
- City
- Santa Clara
- ASN
- AS132203
- ISP
- Tencent Building, Kejizhongyi Avenue
Attack Types
ssh_telnet_honeypot
Attacked Ports
22
Associated Malware
Attempted Credentials
πtestadmin/P@ssw0rd
1xπuserdb/123456
1xπtesttest/testtest123
1xπtest/3245gs5662d34
1xπubuntu/superroot
1xπtester/1234
1xπwebadmin/w3b4dm1n
1xπsampserver/sampserver
1xπtest/changeme
1xπtest/88888888
1xπtestuser/123
1xπgit/2
1xπuser/qwert12345
1xπubuntu/Aa123456
1xπtest/Qwerty123
1xExecuted Commands
$
Enter new UNIX password:2x$
ls -lh $(which ls)1x$
cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'1x$
uname -a1x$
echo "88888888\nke0k5163EBC6\nke0k5163EBC6\n"|passwd1x$
w1x$
cat /proc/cpuinfo | grep name | wc -l1x$
crontab -l1x$
cat /proc/cpuinfo | grep model | grep name | wc -l1x$
which ls1xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
22
Vulnerabilities
CVE-2023-48795CVE-2023-38408CVE-2024-6387CVE-2023-51385CVE-2023-51767CVE-2025-26465CVE-2008-3844CVE-2025-32728CVE-2023-51384CVE-2007-2768
CPEs
cpe:/a:openbsd:openssh:9.3
Risk Assessment
55
/100
LowMediumHighCritical