TROYANOSYVIRUS
Active ThreatLOW

116.204.110.245

Country of Origin🇨🇳 China
First Detection4/28/2026
Last Activity4/28/2026
ISPHuawei Cloud Service data center
🎯
30
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
1
Malware

Geolocation

Country
🇨🇳 China
City
Beijing
ASN
AS55990
ISP
Huawei Cloud Service data center

Attack Types

ssh_telnet_honeypot

Attacked Ports

22

Associated Malware

6fa4c8ac58e7a1d947dc...

Attempted Credentials

🔐root/---fuck_you----
2x
🔐root/root123456
1x
🔐root/h3c.com!
1x

Executed Commands

$uname -s -m1x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
224433306637990009001
Vulnerabilities
CVE-2021-2180CVE-2020-14790CVE-2021-35643CVE-2024-21137CVE-2024-21166CVE-2021-2304CVE-2021-2022CVE-2021-2193CVE-2021-2002CVE-2020-14893CVE-2024-21162CVE-2023-22068CVE-2022-21265CVE-2024-20985CVE-2022-21287CVE-2022-21286CVE-2021-35632CVE-2021-35546CVE-2022-21355CVE-2022-21284
Hostnames
www.jinli8.commail.fnrmitx.cnjinli8.com
CPEs
cpe:/a:minio:miniocpe:/a:oracle:mysql:8.0.21cpe:/a:redislabs:rediscpe:/a:openbsd:openssh:7.4cpe:/a:f5:nginx:1.25.5

Risk Assessment

25
/100
LowMediumHighCritical