Active Threat • HIGH
94.156.221.46
🎯
331
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
22
Malware
Geolocation
- Country
- 🇧🇬 BG
- City
- Sofia
- ASN
- AS34224
- ISP
- Neterra Ltd.
Attack Types
ssh_telnet_honeypot
Attacked Ports
22
Associated Malware
Attempted Credentials
🔐345gs5662d34/345gs5662d34
2x🔐root/admin01.
1x🔐certftp/123456
1x🔐root/Qazwsx11111111@@
1x🔐root/1Qwer
1x🔐sdc/sdc
1x🔐root/root23!
1x🔐nora/norapass
1x🔐wang/1
1x🔐qiyuesuo/qiyuesuo123!
1x🔐root/QWER!
1x🔐root/Cq123456@
1x🔐root/3245gs5662d34
1x🔐root/Ly123456.
1x🔐new/New123!
1xExecuted Commands
$
cd ~; chattr -ia .ssh; lockr -ia .ssh2x$
ls -lh $(which ls)2x$
cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'2x$
uname -a2x$
w2x$
cat /proc/cpuinfo | grep name | wc -l2x$
crontab -l2x$
cat /proc/cpuinfo | grep model | grep name | wc -l2x$
which ls2x$
Enter new UNIX password:2xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
111123443330633060
Vulnerabilities
CVE-2025-50101CVE-2024-21127CVE-2024-21134CVE-2024-21129CVE-2025-50086CVE-2024-21239CVE-2024-21198CVE-2024-21125CVE-2024-21087CVE-2024-21231CVE-2024-21047CVE-2024-21193CVE-2025-50100CVE-2024-21236CVE-2024-21135CVE-2024-21160CVE-2024-21130CVE-2024-21247CVE-2024-21230CVE-2024-21102
Hostnames
pcloud.com94.156.221.46.neterra.net
CPEs
cpe:/a:jenkins:mattermostcpe:/a:ntp:ntp:3cpe:/a:oracle:mysql:8.0.36cpe:/a:f5:nginx:1.22.1cpe:/a:golang:gocpe:/a:facebook:react
Risk Assessment
65
/100
LowMediumHighCritical