City: unknown
Region: Noord Holland
Country: The Netherlands
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See https://docs.db.ripe.net/terms-conditions.html
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '89.42.231.0 - 89.42.231.255'
% Abuse contact for '89.42.231.0 - 89.42.231.255' is 'abuse@koddos.com'
inetnum: 89.42.231.0 - 89.42.231.255
netname: SC-AMARUTU-20051129
country: NL
org: ORG-ATL58-RIPE
admin-c: RL11970-RIPE
tech-c: RL11970-RIPE
status: ALLOCATED PA
mnt-by: sc-amarutu-1-mnt
mnt-by: RIPE-NCC-HM-MNT
created: 2024-12-20T07:53:18Z
last-modified: 2024-12-20T07:53:18Z
source: RIPE
organisation: ORG-ATL58-RIPE
org-name: Amarutu Technology Ltd
country: SC
org-type: LIR
address: Level 23, One Island East, 18 Westlands Road.
address: N/A
address: Hong Kong
address: HONG KONG
phone: +2484225244
reg-nr: 189024
admin-c: RL11970-RIPE
tech-c: RL11970-RIPE
abuse-c: AR39335-RIPE
mnt-ref: sc-amarutu-1-mnt
mnt-by: RIPE-NCC-HM-MNT
mnt-by: sc-amarutu-1-mnt
created: 2017-02-20T15:55:54Z
last-modified: 2026-04-29T05:37:09Z
source: RIPE # Filtered
person: Ronald Linco
address: Level 23, One Island East, 18 Westlands Road.
address: N/A
address: Hong Kong
address: HONG KONG
phone: +2484225244
nic-hdl: RL11970-RIPE
mnt-by: sc-amarutu-1-mnt
created: 2017-02-20T15:55:54Z
last-modified: 2017-02-20T15:55:54Z
source: RIPE
% Information related to '89.42.231.0/24AS206264'
route: 89.42.231.0/24
origin: AS206264
descr: Amarutu Technology Ltd. Network
mnt-by: sc-amarutu-1-mnt
created: 2024-12-25T04:28:03Z
last-modified: 2024-12-25T04:28:03Z
source: RIPE
% This query was served by the RIPE Database Query Service version 1.122 (SHETLAND); <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.42.231.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3497
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;89.42.231.109. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026043001 1800 900 604800 86400
;; Query time: 30 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 01 00:30:02 CST 2026
;; MSG SIZE rcvd: 106Host 109.231.42.89.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 109.231.42.89.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 72.42.170.60 | attackspambots | Invalid user aleksey from 72.42.170.60 port 35284 |
2020-09-10 01:40:49 |
| 211.159.218.251 | attackspambots | ... |
2020-09-10 01:57:33 |
| 104.248.71.7 | attackbotsspam | prod8 ... |
2020-09-10 02:12:21 |
| 52.156.169.35 | attackspam | Sep 7 16:39:29 pl3server postfix/smtpd[3345]: connect from unknown[52.156.169.35] Sep 7 16:39:29 pl3server postfix/smtpd[3345]: connect from unknown[52.156.169.35] Sep 7 16:39:31 pl3server postfix/smtpd[3345]: warning: unknown[52.156.169.35]: SASL LOGIN authentication failed: authentication failure Sep 7 16:39:31 pl3server postfix/smtpd[3345]: warning: unknown[52.156.169.35]: SASL LOGIN authentication failed: authentication failure Sep 7 16:39:31 pl3server postfix/smtpd[3345]: disconnect from unknown[52.156.169.35] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Sep 7 16:39:31 pl3server postfix/smtpd[3345]: disconnect from unknown[52.156.169.35] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Sep 7 16:54:35 pl3server postfix/smtpd[16239]: connect from unknown[52.156.169.35] Sep 7 16:54:35 pl3server postfix/smtpd[16239]: connect from unknown[52.156.169.35] Sep 7 16:54:37 pl3server postfix/smtpd[16239]: warning: unknown[52.156.169.35]: SASL LOGIN authentication failed: authe........ ------------------------------- |
2020-09-10 01:38:08 |
| 93.137.173.177 | attack | 93.137.173.177 (HR/Croatia/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 9 00:28:23 server5 sshd[15555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.86.120 user=root Sep 9 00:28:25 server5 sshd[15555]: Failed password for root from 122.51.86.120 port 60622 ssh2 Sep 9 00:31:58 server5 sshd[17168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.148.38.26 user=root Sep 9 00:23:23 server5 sshd[13452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.144.48.34 user=root Sep 9 00:23:25 server5 sshd[13452]: Failed password for root from 59.144.48.34 port 39103 ssh2 Sep 9 00:21:25 server5 sshd[12582]: Failed password for root from 93.137.173.177 port 53810 ssh2 IP Addresses Blocked: 122.51.86.120 (CN/China/-) 185.148.38.26 (RU/Russia/-) 59.144.48.34 (IN/India/-) |
2020-09-10 02:12:54 |
| 186.146.1.186 | attackspambots | k+ssh-bruteforce |
2020-09-10 02:00:13 |
| 51.91.159.46 | attackbots | ... |
2020-09-10 01:46:26 |
| 37.187.142.169 | attackbots | Sep 9 19:06:03 lavrea sshd[135521]: Invalid user ubicatu from 37.187.142.169 port 50740 ... |
2020-09-10 01:29:00 |
| 23.129.64.216 | attack | Sep 9 23:35:50 itv-usvr-01 sshd[32583]: Invalid user admin from 23.129.64.216 Sep 9 23:35:51 itv-usvr-01 sshd[32583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.216 Sep 9 23:35:50 itv-usvr-01 sshd[32583]: Invalid user admin from 23.129.64.216 Sep 9 23:35:53 itv-usvr-01 sshd[32583]: Failed password for invalid user admin from 23.129.64.216 port 45940 ssh2 Sep 9 23:35:56 itv-usvr-01 sshd[32585]: Invalid user admin from 23.129.64.216 |
2020-09-10 02:02:09 |
| 103.19.58.23 | attackspambots | SSH invalid-user multiple login try |
2020-09-10 02:05:27 |
| 175.24.74.188 | attackbotsspam | Sep 9 10:58:57 root sshd[31760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.74.188 Sep 9 10:58:59 root sshd[31760]: Failed password for invalid user panda from 175.24.74.188 port 34050 ssh2 ... |
2020-09-10 02:00:47 |
| 188.152.100.60 | attack | 188.152.100.60 (IT/Italy/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 9 12:32:28 server2 sshd[6986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.227.196 user=root Sep 9 12:32:30 server2 sshd[6986]: Failed password for root from 68.183.227.196 port 39044 ssh2 Sep 9 12:34:31 server2 sshd[7985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.27.90 user=root Sep 9 12:32:23 server2 sshd[6933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.254.135.76 user=root Sep 9 12:32:24 server2 sshd[6933]: Failed password for root from 195.254.135.76 port 37273 ssh2 Sep 9 12:33:50 server2 sshd[7581]: Failed password for root from 188.152.100.60 port 45106 ssh2 IP Addresses Blocked: 68.183.227.196 (SG/Singapore/-) 49.234.27.90 (CN/China/-) 195.254.135.76 (RO/Romania/-) |
2020-09-10 01:49:16 |
| 45.19.106.95 | attackspambots | port scan and connect, tcp 443 (https) |
2020-09-10 01:53:51 |
| 122.51.211.131 | attackspam | Sep 9 07:15:51 ns382633 sshd\[17969\]: Invalid user temp1 from 122.51.211.131 port 41456 Sep 9 07:15:51 ns382633 sshd\[17969\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.211.131 Sep 9 07:15:53 ns382633 sshd\[17969\]: Failed password for invalid user temp1 from 122.51.211.131 port 41456 ssh2 Sep 9 07:25:15 ns382633 sshd\[19436\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.211.131 user=root Sep 9 07:25:16 ns382633 sshd\[19436\]: Failed password for root from 122.51.211.131 port 54336 ssh2 |
2020-09-10 01:56:30 |
| 128.199.30.219 | attack | Brute Force |
2020-09-10 02:01:26 |