TROYANOSYVIRUS
Active ThreatMEDIUM

104.248.129.184

Country of Origin🇩🇪 Germany
First Detection3/17/2026
Last Activity3/28/2026
ISPDigitalOcean, LLC
🎯
67
Total Attacks
🔌
2
Ports
📡
2
Attack Types
🦠
2
Malware

Geolocation

Country
🇩🇪 Germany
City
Frankfurt am Main
ASN
AS14061
ISP
DigitalOcean, LLC

Attack Types

ssh_telnet_honeypot
tcp_trap

Attacked Ports

238086

Associated Malware

681f349b748238b3f571...e3b0c44298fc1c149afb...

Attempted Credentials

🔐OPTIONS / HTTP/1.0/(empty)
1x
🔐GET / HTTP/1.0/(empty)
1x
🔐OPTIONS / RTSP/1.0/(empty)
1x
🔐OPTIONS sip:nm SIP/2.0/Via: SIP/2.0/TCP nm;branch=foo
1x

Executed Commands

$Accept: application/sdp2x
$Call-ID: 500002x
$CSeq: 42 OPTIONS2x
$Max-Forwards: 702x
$To: < sip:nm2@nm2 >1x
$Contact: < sip:nm@nm >1x
$From: < sip:nm@nm >; tag=root1x
$Content-Length: 01x
$Contact: <sip:nm@nm>1x
$From: <sip:nm@nm>;tag=root1x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Risk Assessment

55
/100
LowMediumHighCritical