Active Threat • LOW

57.129.54.69

Country of Origin🇩🇪 Germany

First Detection4/15/2026

Last Activity4/15/2026

ISPOVH SAS

🎯

Total Attacks

🔌

Ports

📡

Attack Types

🦠

Malware

Geolocation

Country: 🇩🇪 Germany
City: Frankfurt am Main
ASN: AS16276
ISP: OVH SAS

Attack Types

ssh_telnet_honeypot

Attacked Ports

Associated Malware

12769e8c909dbd615d16...→

Attempted Credentials

🔐root/ubuntu

🔐root/debian

🔐root/centos

Executed Commands

chmod +x ./.8693076074330131308/sshd;nohup ./.8693076074330131308/sshd 106.119.154.53 16.52.77.187 88.151.34.218 103.252.92.207 89.167.124.18 172.104.96.58 51.38.187.37 117.89.254.46 161.129.211.64 134.122.155.131 45.41.207.162 16.52.75.137 77.239.112.102 153.99.92.247 213.109.202.5 185.237.14.75 77.239.108.0 213.35.127.211 88.80.103.218 58.251.255.44 52.23.239.99 1.53.110.158 16.16.77.239 116.26.5.145 46.225.191.94 13.61.18.20 147.45.158.109 176.65.132.127 139.59.94.6 43.242.225.20 93.88.205.19

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports

222553801101111434434655879939953128

Vulnerabilities

CVE-2023-44487CVE-2025-23419

Hostnames

proxcode.madardev.commail.madardev.com

CPEs

cpe:/a:f5:nginx:1.22.1

Risk Assessment

/100

LowMediumHighCritical