Ameaca Ativa • CRITICO
121.40.44.5
Pais de Origem🇨🇳 China
Primeira Deteccao31/12/2025
Ultima Atividade27/03/2026
ISPHangzhou Alibaba Advertising Co.,Ltd.
🎯
223
Ataques Totais
🔌
40
Portas
📡
6
Tipos de Ataque
🦠
1
Malware
Geolocalizacao
- Pais
- 🇨🇳 China
- Cidade
- Hangzhou
- ASN
- AS37963
- ISP
- Hangzhou Alibaba Advertising Co.,Ltd.
Tipos de Ataque
ssh_telnet_honeypot
voip_honeypot
elasticsearch_honeypot
malware_capture
web_honeypot
tcp_trap
Portas Atacadas
212223808144510571060110018812021202222522253369144215060750180278211+20
Malware Associado
Credenciais Tentadas
🔐Call-ID: 50000/CSeq: 42 OPTIONS
1x🔐Contact: <sip:ad@ba>/Accept: application/sdp
1x🔐Max-Forwards: 70/Content-Length: 0
1x🔐b'0\x84\x00\x00\x00-\x02\x01\x07c\x84\x00\x00\x00$\x04\x00'/
1x🔐OPTIONS / HTTP/1.0/(vazio)
1x🔐GET /temp%20files%2C/Def%61ult.txt%2etxt HTTP/1.0/(vazio)
1x🔐GET / HTTP/1.0/(vazio)
1x🔐OPTIONS / RTSP/1.0/(vazio)
1x🔐From: <sip:ad@ba>;tag=root/To: <sip:ad3@ba1>
1x🔐OPTIONS sip:ks SIP/2.0/Via: SIP/2.0/TCP ks;branch=foo
1xExposicao Shodan InternetDBShodan
Dados InternetDB, nao em tempo real
Portas
1719235395104119221264311389465503513548554636853873943992109911191177123413441414144314551515
Vulnerabilidades
CVE-2019-6111CVE-2021-41617CVE-2023-38408CVE-2023-51385CVE-2019-6110CVE-2025-23419CVE-2016-20012CVE-2019-16905CVE-2020-15778CVE-2019-6109CVE-2021-36368CVE-2023-48795CVE-2023-51767CVE-2018-15919CVE-2008-3844CVE-2025-32728CVE-2024-6387CVE-2020-14145CVE-2007-2768CVE-2023-44487
CPEs
cpe:/o:canonical:ubuntu_linuxcpe:/a:f5:nginx:1.22.1cpe:/a:openbsd:openssh:7.9cpe:/a:openbsd:openssh:7.4cpe:/a:realvnc:realvnc:::enterprisecpe:/o:hp:hp-uxcpe:/a:openbsd:openssh:7.5cpe:/a:mysql:mysql:5.7.44-logcpe:/a:openbsd:openssh:8.2p1cpe:/a:openbsd:openssh:8.6cpe:/a:openbsd:openssh:6.6.1cpe:/a:openbsd:openssh:X.Xcpe:/o:microsoft:windows
Avaliacao de Risco
90
/100
BaixoMedioAltoCritico