TROYANOSYVIRUS
Active ThreatHIGH

206.189.63.131

Country of Origin🇩🇪 Germany
First Detection5/3/2026
Last Activity5/4/2026
ISPDigitalOcean, LLC
🎯
89
Total Attacks
🔌
4
Ports
📡
4
Attack Types
🦠
1
Malware

Geolocation

Country
🇩🇪 Germany
City
Frankfurt am Main
ASN
AS14061
ISP
DigitalOcean, LLC

Attack Types

tcp_trap
ssh_telnet_honeypot
printer_honeypot
web_honeypot

Attacked Ports

2380443631

Associated Malware

9d1e0e2d9459d06523ad...

Attempted Credentials

🔐User-Agent: Go-http-client/1.1/Connection: close
12x
🔐GET /v2/_catalog HTTP/1.1/Host: 146.59.94.170:23
3x
🔐GET /query?q=SHOW+DIAGNOSTICS HTTP/1.1/Host: 146.59.94.170:23
3x
🔐GET /solr/admin/cores?action=STATUS&wt=json HTTP/1.1/Host: 146.59.94.170:23
3x
🔐GET /solr/admin/info/system HTTP/1.1/Host: 146.59.94.170:23
3x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
2280443
Hostnames
s-af75493732b5e0eb.de.vpnshieldapp.com
CPEs
cpe:/a:caddyserver:caddycpe:/a:openbsd:openssh:9.6p1cpe:/o:canonical:ubuntu_linuxcpe:/a:golang:go

Risk Assessment

60
/100
LowMediumHighCritical