City: unknown
Region: unknown
Country: Portugal
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See https://docs.db.ripe.net/terms-conditions.html
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '109.105.210.0 - 109.105.210.255'
% Abuse contact for '109.105.210.0 - 109.105.210.255' is 'optout@internet-census.org'
inetnum: 109.105.210.0 - 109.105.210.255
netname: ICG-ZEN-DFW
descr: ICG-ZEN-DFW
country: US
org: ORG-NSIS5-RIPE
admin-c: AR59913-RIPE
tech-c: AR59913-RIPE
abuse-c: AR59913-RIPE
status: ASSIGNED PA
mnt-by: MNT-BST
created: 2025-07-15T18:21:51Z
last-modified: 2025-09-23T12:34:27Z
source: RIPE
remarks: https://internet-census.org
remarks: Internet Census Group seeks to measure the global Internet with non-intrusive data collection techniques in order to analyze trends and benchmark security performance across a broad range of industries
remarks: We are committed to upholding the security and privacy of the entire online community. As part of that mission, we maintain a list of entities that have contacted us and wish to prevent us from attempting to access their addresses or ports
remarks: To have your IP address added to this list, provide us with the IP addresses you wish to remove via email to: optout@internet-census.org
remarks: Please continue to update us if your IP addresses or networks change so we can continue to keep you opted out. You will receive a confirmation email when completed
organisation: ORG-NSIS5-RIPE
org-name: NSEC - Sistemas Informaticos, S.A.
country: PT
org-type: LIR
address: 111 Huntington Ave Suite 2010
address: MA 02199
address: Boston
address: UNITED STATES
phone: +351217252110
admin-c: DOT14-RIPE
tech-c: DOT14-RIPE
abuse-c: AR59913-RIPE
mnt-ref: MNT-BST
mnt-by: RIPE-NCC-HM-MNT
mnt-by: MNT-BST
created: 2020-02-21T08:44:11Z
last-modified: 2021-05-12T21:00:19Z
source: RIPE # Filtered
role: Abuse-C Role
address: Operations for Internet Census Group
address: https://internet-census.org
nic-hdl: AR59913-RIPE
abuse-mailbox: optout@internet-census.org
mnt-by: MNT-BST
created: 2020-02-21T08:44:10Z
last-modified: 2021-03-12T21:58:21Z
source: RIPE # Filtered
% Information related to '109.105.210.0/24AS21859'
route: 109.105.210.0/24
origin: AS21859
mnt-by: MNT-BST
created: 2025-08-07T21:23:18Z
last-modified: 2025-08-07T21:23:18Z
source: RIPE
% This query was served by the RIPE Database Query Service version 1.121.2 (DEXTER); <<>> DiG 9.10.3-P4-Ubuntu <<>> 109.105.210.62
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41628
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;109.105.210.62. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026040600 1800 900 604800 86400
;; Query time: 4 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 06 18:30:21 CST 2026
;; MSG SIZE rcvd: 10762.210.105.109.in-addr.arpa domain name pointer zl-dfwc-us-gp1-wk108a.internet-census.org.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
62.210.105.109.in-addr.arpa name = zl-dfwc-us-gp1-wk108a.internet-census.org.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 193.112.16.245 | attackbotsspam | Aug 16 00:04:15 OPSO sshd\[7210\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.16.245 user=root Aug 16 00:04:17 OPSO sshd\[7210\]: Failed password for root from 193.112.16.245 port 54392 ssh2 Aug 16 00:07:12 OPSO sshd\[7920\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.16.245 user=root Aug 16 00:07:15 OPSO sshd\[7920\]: Failed password for root from 193.112.16.245 port 43578 ssh2 Aug 16 00:10:12 OPSO sshd\[8939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.16.245 user=root |
2020-08-16 08:23:40 |
| 183.82.121.34 | attackspam | Aug 16 02:29:22 mintao sshd\[30921\]: Address 183.82.121.34 maps to broadband.actcorp.in, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!\ Aug 16 02:29:22 mintao sshd\[30921\]: Invalid user loguser from 183.82.121.34\ |
2020-08-16 08:33:47 |
| 122.14.228.229 | attackspam | SSH brute-force attempt |
2020-08-16 08:39:27 |
| 91.121.164.188 | attackbotsspam | Aug 16 02:21:04 buvik sshd[2340]: Failed password for root from 91.121.164.188 port 35040 ssh2 Aug 16 02:24:33 buvik sshd[2783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.164.188 user=root Aug 16 02:24:36 buvik sshd[2783]: Failed password for root from 91.121.164.188 port 45428 ssh2 ... |
2020-08-16 08:26:01 |
| 137.27.187.66 | attackspambots | Aug 15 14:25:46 castrum sshd[10643]: Invalid user admin from 137.27.187.66 Aug 15 14:25:49 castrum sshd[10643]: Failed password for invalid user admin from 137.27.187.66 port 38294 ssh2 Aug 15 14:25:49 castrum sshd[10643]: Received disconnect from 137.27.187.66: 11: Bye Bye [preauth] Aug 15 14:25:49 castrum sshd[10645]: Invalid user admin from 137.27.187.66 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=137.27.187.66 |
2020-08-16 08:29:47 |
| 181.75.75.227 | attackbots | Lines containing failures of 181.75.75.227 Aug 15 22:31:18 own sshd[19362]: Did not receive identification string from 181.75.75.227 port 58137 Aug 15 22:31:23 own sshd[19372]: Invalid user sniffer from 181.75.75.227 port 58637 Aug 15 22:31:23 own sshd[19372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.75.75.227 Aug 15 22:31:26 own sshd[19372]: Failed password for invalid user sniffer from 181.75.75.227 port 58637 ssh2 Aug 15 22:31:26 own sshd[19372]: Connection closed by invalid user sniffer 181.75.75.227 port 58637 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=181.75.75.227 |
2020-08-16 08:47:57 |
| 36.91.76.171 | attack | Aug 15 14:17:25 mockhub sshd[29834]: Failed password for root from 36.91.76.171 port 59524 ssh2 ... |
2020-08-16 08:16:50 |
| 222.186.190.2 | attackspambots | Aug 15 17:19:58 dignus sshd[2938]: Failed password for root from 222.186.190.2 port 52204 ssh2 Aug 15 17:20:01 dignus sshd[2938]: Failed password for root from 222.186.190.2 port 52204 ssh2 Aug 15 17:20:05 dignus sshd[2938]: Failed password for root from 222.186.190.2 port 52204 ssh2 Aug 15 17:20:08 dignus sshd[2938]: Failed password for root from 222.186.190.2 port 52204 ssh2 Aug 15 17:20:12 dignus sshd[2938]: Failed password for root from 222.186.190.2 port 52204 ssh2 ... |
2020-08-16 08:22:26 |
| 185.86.77.163 | attackbotsspam | 185.86.77.163 - - [16/Aug/2020:00:55:07 +0100] "POST /wp-login.php HTTP/1.1" 200 2046 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.86.77.163 - - [16/Aug/2020:00:55:08 +0100] "POST /wp-login.php HTTP/1.1" 200 2040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.86.77.163 - - [16/Aug/2020:00:55:10 +0100] "POST /wp-login.php HTTP/1.1" 200 2037 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-08-16 08:39:03 |
| 159.65.185.253 | attack | Automatic report generated by Wazuh |
2020-08-16 08:27:33 |
| 218.92.0.168 | attack | 2020-08-16T07:00:29.185617afi-git.jinr.ru sshd[21116]: Failed password for root from 218.92.0.168 port 51601 ssh2 2020-08-16T07:00:32.626257afi-git.jinr.ru sshd[21116]: Failed password for root from 218.92.0.168 port 51601 ssh2 2020-08-16T07:00:35.984755afi-git.jinr.ru sshd[21116]: Failed password for root from 218.92.0.168 port 51601 ssh2 2020-08-16T07:00:35.984882afi-git.jinr.ru sshd[21116]: error: maximum authentication attempts exceeded for root from 218.92.0.168 port 51601 ssh2 [preauth] 2020-08-16T07:00:35.984897afi-git.jinr.ru sshd[21116]: Disconnecting: Too many authentication failures [preauth] ... |
2020-08-16 12:04:03 |
| 74.102.28.162 | attackbotsspam | ET CINS Active Threat Intelligence Poor Reputation IP group 69 - port: 23 proto: tcp cat: Misc Attackbytes: 60 |
2020-08-16 08:18:44 |
| 181.210.19.228 | attack | 2020-08-16T05:51:30.404631ns386461 sshd\[17853\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.210.19.228 user=root 2020-08-16T05:51:31.634570ns386461 sshd\[17853\]: Failed password for root from 181.210.19.228 port 55348 ssh2 2020-08-16T05:54:46.872284ns386461 sshd\[21036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.210.19.228 user=root 2020-08-16T05:54:49.343150ns386461 sshd\[21036\]: Failed password for root from 181.210.19.228 port 54786 ssh2 2020-08-16T05:57:00.287498ns386461 sshd\[23173\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.210.19.228 user=root ... |
2020-08-16 12:08:35 |
| 159.65.146.72 | attackspambots | 159.65.146.72 - - [15/Aug/2020:21:42:18 +0100] "POST /wp-login.php HTTP/1.1" 200 1772 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.65.146.72 - - [15/Aug/2020:21:42:19 +0100] "POST /wp-login.php HTTP/1.1" 200 1775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.65.146.72 - - [15/Aug/2020:21:42:20 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-08-16 08:42:22 |
| 222.186.175.183 | attackbotsspam | Aug 16 05:59:50 ip106 sshd[3531]: Failed password for root from 222.186.175.183 port 56404 ssh2 Aug 16 05:59:53 ip106 sshd[3531]: Failed password for root from 222.186.175.183 port 56404 ssh2 ... |
2020-08-16 12:02:05 |