TROYANOSYVIRUS
Active ThreatMEDIUM

185.93.89.152

Country of Origin🇮🇷 Iran
First Detection4/6/2026
Last Activity4/9/2026
ISPLimited Network LTD
🎯
2,676
Total Attacks
🔌
2
Ports
📡
2
Attack Types
🦠
0
Malware

Geolocation

Country
🇮🇷 Iran
City
Unknown
ASN
AS213790
ISP
Limited Network LTD

Attack Types

tcp_trap
credential_capture

Attacked Ports

10803128

Associated Malware

No associated malware

Attempted Credentials

🔐administrator/password
4x
🔐admin/password
4x
🔐cisco/cisco
4x
🔐vagrant/vagrant
3x
🔐admin/786
3x
🔐user/password
3x
🔐backup/B@ckup!
2x
🔐administrator/abc123$
2x
🔐workflow/workflow
2x
🔐auduser/SUNRISE
2x
🔐finance/Password1!
2x
🔐jennifer/Password!
2x
🔐reception/Reception
2x
🔐ntsec_admin/Qine4O3nY
2x
🔐john/Pa55w0rd
2x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
13513744344533895985
Vulnerabilities
CVE-2020-0796
Hostnames
hostikslu.is
CPEs
cpe:/a:f5:nginx:1.29.7

Risk Assessment

50
/100
LowMediumHighCritical