Active Threat • LOW

77.42.34.184

Country of Origin🇫🇮 FI

First Detection3/28/2026

Last Activity3/28/2026

ISPHetzner Online GmbH

🎯

Total Attacks

🔌

Ports

📡

Attack Types

🦠

Malware

Geolocation

Country: 🇫🇮 FI
City: Helsinki
ASN: AS24940
ISP: Hetzner Online GmbH

Attack Types

ssh_telnet_honeypot

Attacked Ports

Associated Malware

1b20a210fe96e5a8abc3...→a6ee2c8711434300fa8b...→

Attempted Credentials

🔐root/root

🔐admin/admin2026

🔐root/1234567890

🔐root/123

🔐root/qwerty123

🔐admin/admin

🔐admin/admin123

🔐root/root1

🔐root/admin123

🔐root/password1

🔐root/1234

Executed Commands

$cat /proc/uptime 2 > /dev/null | cut -d. -f14x

$uname -s -v -n -m 2 > /dev/null2x

$uname -m 2 > /dev/null2x

export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH; uname=$(uname -s -v -n -m 2>/dev/null); arch=$(uname -m 2>/dev/null); uptime=$(cat /proc/uptime 2>/dev/null | cut -d. -f1); cpus=$( (nproc 2>/dev/null || /usr/bin/nproc 2>/dev/null || grep -c "^processor" /proc/cpuinfo 2>/dev/null) | head -1); cpu_model=$( (grep -m1 -E "model name|Hardware" /proc/cpuinfo | cut -d: -f2- | sed 's/^ *//;s/ *$//' ; lscpu 2>/dev/null | awk -F: '/Model name/ {gsub(/^ +| +$/,"",$2); print $

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports

30008080

Hostnames

static.184.34.42.77.clients.your-server.de

CPEs

cpe:/a:expressjs:expresscpe:/a:nodejs:node.js

Risk Assessment

/100

LowMediumHighCritical