Active Threat • MEDIUM
77.54.41.203
Country of Origin🇵🇹 PT
First Detection4/17/2026
Last Activity4/17/2026
ISPVodafone Portugal - Communicacoes Pessoais S.A.
🎯
263
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
21
Malware
Geolocation
- Country
- 🇵🇹 PT
- City
- Porto
- ASN
- AS12353
- ISP
- Vodafone Portugal - Communicacoes Pessoais S.A.
Attack Types
ssh_telnet_honeypot
Attacked Ports
22
Associated Malware
Attempted Credentials
🔐345gs5662d34/345gs5662d34
2x🔐root/Redhat@123
1x🔐root/qazwsx2022$
1x🔐root/qazwsx12345678#
1x🔐root/qazwsx000@123
1x🔐postgres/00local22
1x🔐ubuntu/Qwer1234
1x🔐ubuntu/1qaz#EDC
1x🔐cyber/cyber
1x🔐john/changeme
1x🔐root/zxcvbnmm
1x🔐deploy/Frappe14!
1x🔐ftpuser/ftpuser25!
1x🔐root/Admin@2025
1x🔐test/test27
1xExecuted Commands
$
Enter new UNIX password:4x$
ls -lh $(which ls)2x$
cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'2x$
uname -a2x$
w2x$
cat /proc/cpuinfo | grep name | wc -l2x$
crontab -l2x$
cat /proc/cpuinfo | grep model | grep name | wc -l2x$
which ls2x$
cd ~; chattr -ia .ssh; lockr -ia .ssh2xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
2280814435353808190009443
Hostnames
203.41.54.77.rev.vodafone.pt
CPEs
cpe:/a:openresty:openrestycpe:/a:getbootstrap:bootstrap:3.4.1cpe:/a:portainer:portainer:2.33.3cpe:/a:angularjs:angular.jscpe:/a:openbsd:openssh:9.6p1cpe:/a:f5:nginxcpe:/o:canonical:ubuntu_linux
Risk Assessment
55
/100
LowMediumHighCritical