Active Threat • CRITICAL
89.42.231.182
Country of Origin🇳🇱 Netherlands
First Detection1/4/2026
Last Activity3/26/2026
ISPAmarutu Technology Ltd
🎯
1,173
Total Attacks
🔌
100
Ports
📡
14
Attack Types
🦠
2
Malware
Geolocation
- Country
- 🇳🇱 Netherlands
- City
- Unknown
- ASN
- AS206264
- ISP
- Amarutu Technology Ltd
Attack Types
ssh_telnet_honeypot
yaml_exploit_honeypot
voip_honeypot
redis_honeypot
printer_honeypot
elasticsearch_honeypot
smtp_honeypot
adb_honeypot
Attacked Ports
212223258081161631102410251081108210831088109911001111119412001234+80
Associated Malware
Attempted Credentials
🔐User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:146.0) Gecko/20100101 Firefox/146.0/Accept: */*
7x🔐Connection: close/(empty)
5x🔐GET /..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1/Host: 146.59.94.170:23
2x🔐GET /..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1/Host: 15.235.184.72:23
2x🔐GET /..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1/Host: 51.178.49.206:23
2x🔐GET /..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1/Host: 51.222.138.43:23
1xExecuted Commands
$
Connection: close4xGreyNoise ContextGreyNoise
- Classification
- malicious
- Name
- unknown
- Last Seen
- 3/20/2026
Shodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
22
CPEs
cpe:/o:canonical:ubuntu_linuxcpe:/a:openbsd:openssh:9.6p1
Risk Assessment
90
/100
LowMediumHighCritical