TROYANOSYVIRUS
Active Threat β€’ LOW

47.253.138.43

First Detection4/30/2026
Last Activity4/30/2026
ISPAlibaba US Technology Co., Ltd.
🎯
100
Total Attacks
πŸ”Œ
1
Ports
πŸ“‘
1
Attack Types
🦠
1
Malware

Geolocation

Country
πŸ‡ΊπŸ‡Έ United States
City
Unknown
ASN
AS45102
ISP
Alibaba US Technology Co., Ltd.

Attack Types

ssh_telnet_honeypot

Attacked Ports

22

Associated Malware

7ab552f01de999cb1209...β†’

Attempted Credentials

πŸ”amir/123456
1x
πŸ”elasticsearch/elasticsearch@1234
1x
πŸ”data/data
1x
πŸ”root/abcd@1234
1x
πŸ”admin2/admin2
1x
πŸ”init/init
1x
πŸ”frappe/frappe
1x
πŸ”frappe/frappe@123
1x
πŸ”adminuser/adminuser
1x
πŸ”playground/playground
1x
πŸ”backup/backup
1x
πŸ”azureuser/azureuser
1x
πŸ”nginx/nginx123
1x
πŸ”sonar/123456
1x
πŸ”esroot/esroot
1x

Executed Commands

$uname -s -v -n -r -m2x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
22443
Hostnames
www.test-laban.cleandefuse.comtest-laban.cleandefuse.com
CPEs
cpe:/a:openbsd:openssh:9.2p1cpe:/o:debian:debian_linuxcpe:/o:linux:linux_kernel

Risk Assessment

35
/100
LowMediumHighCritical
IP 47.253.138.43 - Detected Threat | TroyanosYVirus.com | TroyanosYVirus.com