TROYANOSYVIRUS
Active ThreatLOW

89.248.173.137

Country of Origin🇳🇱 Netherlands
First Detection5/1/2026
Last Activity5/1/2026
ISPIP Volume inc
🎯
1,308
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
0
Malware

Geolocation

Country
🇳🇱 Netherlands
City
Amsterdam
ASN
AS202425
ISP
IP Volume inc

Attack Types

ssh_telnet_honeypot

Attacked Ports

23

Associated Malware

No associated malware

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
225380110111143587993995208220832086208720963306
Vulnerabilities
CVE-2022-3620CVE-2023-51767CVE-2018-15919CVE-2023-51385CVE-2021-41617CVE-2021-36368CVE-2023-38408CVE-2017-15906CVE-2025-30232CVE-2007-2768CVE-2022-3559CVE-2025-32728CVE-2023-48795CVE-2025-67896CVE-2023-51766CVE-2024-39929CVE-2026-35414CVE-2020-14145CVE-2019-6109CVE-2019-6111
Hostnames
www.server.apkserver2.comserver.apkserver2.comno-reverse-dns-configured.comcpanel.server.apkserver2.comcpcalendars.server.apkserver2.comautodiscover.server.apkserver2.comwebmail.server.apkserver2.commail.server.apkserver2.comipv6.server.apkserver2.comwhm.server.apkserver2.comcpcontacts.server.apkserver2.comautoconfig.server.apkserver2.comwebdisk.server.apkserver2.com
CPEs
cpe:/a:cpanel:whmcpe:/a:cpanel:cpanelcpe:/a:exim:exim:4.96.2cpe:/a:openbsd:openssh:7.4cpe:/a:oracle:mysql

Risk Assessment

35
/100
LowMediumHighCritical