TROYANOSYVIRUS
Active ThreatLOW

216.238.85.54

Country of Origin🇲🇽 Mexico
First Detection5/2/2026
Last Activity5/3/2026
ISPThe Constant Company, LLC
🎯
6,482
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
0
Malware

Geolocation

Country
🇲🇽 Mexico
City
Querétaro City
ASN
AS20473
ISP
The Constant Company, LLC

Attack Types

ssh_telnet_honeypot

Attacked Ports

22

Associated Malware

No associated malware

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
2580110143993995330641908089
Vulnerabilities
CVE-2019-9639CVE-2014-8142CVE-2019-1547CVE-2017-7679CVE-2015-4644CVE-2024-47252CVE-2015-3414CVE-2015-4148CVE-2015-6835CVE-2019-1552CVE-2016-7132CVE-2021-32786CVE-2006-20001CVE-2011-2688CVE-2015-4600CVE-2015-3412CVE-2015-2331CVE-2017-7890CVE-2015-6837CVE-2013-7345
Hostnames
216.238.85.54.vultrusercontent.com
CPEs
cpe:/a:mariadb:mariadb:5.5.68-MariaDBcpe:/a:apache:http_server:2.4.6cpe:/a:php:php:5.4.16cpe:/a:openssl:openssl:1.0.2kcpe:/a:postfix:postfixcpe:/o:centos:centos

Risk Assessment

35
/100
LowMediumHighCritical