City: unknown
Region: Hyogo
Country: Japan
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 130.94.0.0 - 130.94.255.255
CIDR: 130.94.0.0/16
NetName: NTTA-130-94
NetHandle: NET-130-94-0-0-1
Parent: NET130 (NET-130-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: NTT America, Inc. (NTTAM-1)
RegDate: 1988-07-11
Updated: 2026-02-10
Comment: Geofeed https://geo.ip.gin.ntt.net/geofeeds/geofeeds.csv
Comment:
Comment: Reassignment information for this block is
Comment: available at rwhois.gin.ntt.net port 4321
Ref: https://rdap.arin.net/registry/ip/130.94.0.0
OrgName: NTT America, Inc.
OrgId: NTTAM-1
Address: 15809 Bear Creek Pkwy
Address: Suite 320
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 2005-12-08
Updated: 2024-03-04
Ref: https://rdap.arin.net/registry/entity/NTTAM-1
ReferralServer: rwhois://rwhois.gin.ntt.net:4321
OrgNOCHandle: NASC-ARIN
OrgNOCName: NTT America Support Contact
OrgNOCPhone: +1-877-688-6625
OrgNOCEmail: ce-support@gin.ntt.net
OrgNOCRef: https://rdap.arin.net/registry/entity/NASC-ARIN
OrgRoutingHandle: PEERI-ARIN
OrgRoutingName: Peering
OrgRoutingPhone: +1-877-688-6625
OrgRoutingEmail: peering@ntt.net
OrgRoutingRef: https://rdap.arin.net/registry/entity/PEERI-ARIN
OrgTechHandle: VIPAR-ARIN
OrgTechName: VIPAR
OrgTechPhone: +1-877-688-6625
OrgTechEmail: ipr@gin.ntt.net
OrgTechRef: https://rdap.arin.net/registry/entity/VIPAR-ARIN
OrgAbuseHandle: NAAC-ARIN
OrgAbuseName: NTT America Abuse Contact
OrgAbusePhone: +1-877-688-6625
OrgAbuseEmail: abuse@ntt.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/NAAC-ARIN
OrgTechHandle: CANDE70-ARIN
OrgTechName: Candela, Massimo
OrgTechPhone: +1-214-915-1366
OrgTechEmail: massimo@ntt.net
OrgTechRef: https://rdap.arin.net/registry/entity/CANDE70-ARIN
RTechHandle: VIA4-ORG-ARIN
RTechName: VIPAR
RTechPhone: +1-877-688-6625
RTechEmail: ipr@gin.ntt.net
RTechRef: https://rdap.arin.net/registry/entity/VIA4-ORG-ARIN
# end
# start
NetRange: 130.94.0.0 - 130.94.127.255
CIDR: 130.94.0.0/17
NetName: LIGHTNODE
NetHandle: NET-130-94-0-0-2
Parent: NTTA-130-94 (NET-130-94-0-0-1)
NetType: Reassigned
OriginAS:
Organization: LIGHT NODE LIMITED (LNL-107)
RegDate: 2025-09-29
Updated: 2025-10-28
Comment: https://www.lightnode.com/geofeed.csv
Ref: https://rdap.arin.net/registry/ip/130.94.0.0
OrgName: LIGHT NODE LIMITED
OrgId: LNL-107
Address: UNIT 02,8/F LT TOWER 31 CHONG YIP ST KWUN TONG HONGKONG
Address: HONGKONG ,
Address: China
City: HONG KONG
StateProv:
PostalCode:
Country: CN
RegDate: 2025-09-15
Updated: 2025-09-26
Ref: https://rdap.arin.net/registry/entity/LNL-107
OrgTechHandle: SANDY30-ARIN
OrgTechName: Sandy Zhong
OrgTechPhone: +8615280056043
OrgTechEmail: sandy@lightnode.com
OrgTechRef: https://rdap.arin.net/registry/entity/SANDY30-ARIN
OrgAbuseHandle: SANDY30-ARIN
OrgAbuseName: Sandy Zhong
OrgAbusePhone: +8615280056043
OrgAbuseEmail: sandy@lightnode.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/SANDY30-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to rwhois.gin.ntt.net:4321.; <<>> DiG 9.10.3-P4-Ubuntu <<>> 130.94.66.122
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18770
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;130.94.66.122. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026040703 1800 900 604800 86400
;; Query time: 8 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 08 09:46:41 CST 2026
;; MSG SIZE rcvd: 106b'Host 122.66.94.130.in-addr.arpa not found: 2(SERVFAIL)
'server can't find 130.94.66.122.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 222.186.52.107 | attack | 2019-10-11T04:35:51.049380abusebot-5.cloudsearch.cf sshd\[6289\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.107 user=root |
2019-10-11 12:42:42 |
| 185.127.24.190 | attackspam | slow and persistent scanner |
2019-10-11 12:57:15 |
| 112.94.2.65 | attackspambots | Oct 11 03:57:47 *** sshd[21526]: User root from 112.94.2.65 not allowed because not listed in AllowUsers |
2019-10-11 12:47:05 |
| 222.186.175.150 | attackbots | v+ssh-bruteforce |
2019-10-11 12:41:24 |
| 81.128.140.150 | attackbots | WordPress wp-login brute force :: 81.128.140.150 0.120 BYPASS [11/Oct/2019:14:58:14 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2019-10-11 12:37:00 |
| 222.128.2.60 | attackbotsspam | Oct 11 00:28:00 xtremcommunity sshd\[396893\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.128.2.60 user=root Oct 11 00:28:02 xtremcommunity sshd\[396893\]: Failed password for root from 222.128.2.60 port 63701 ssh2 Oct 11 00:31:44 xtremcommunity sshd\[396967\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.128.2.60 user=root Oct 11 00:31:46 xtremcommunity sshd\[396967\]: Failed password for root from 222.128.2.60 port 39710 ssh2 Oct 11 00:35:36 xtremcommunity sshd\[397095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.128.2.60 user=root ... |
2019-10-11 12:51:47 |
| 87.121.133.173 | attack | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/87.121.133.173/ BG - 1H : (13) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BG NAME ASN : ASN50368 IP : 87.121.133.173 CIDR : 87.121.128.0/21 PREFIX COUNT : 1 UNIQUE IP COUNT : 2048 WYKRYTE ATAKI Z ASN50368 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-11 05:59:09 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-10-11 12:24:25 |
| 1.29.148.218 | attack | Oct 11 05:59:11 host proftpd\[43969\]: 0.0.0.0 \(1.29.148.218\[1.29.148.218\]\) - USER anonymous: no such user found from 1.29.148.218 \[1.29.148.218\] to 62.210.146.38:21 ... |
2019-10-11 12:24:03 |
| 106.12.147.121 | attackbotsspam | Oct 11 05:54:48 MainVPS sshd[22712]: Invalid user Lille_123 from 106.12.147.121 port 57242 Oct 11 05:54:48 MainVPS sshd[22712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.147.121 Oct 11 05:54:48 MainVPS sshd[22712]: Invalid user Lille_123 from 106.12.147.121 port 57242 Oct 11 05:54:51 MainVPS sshd[22712]: Failed password for invalid user Lille_123 from 106.12.147.121 port 57242 ssh2 Oct 11 05:58:15 MainVPS sshd[22967]: Invalid user Huston123 from 106.12.147.121 port 57094 ... |
2019-10-11 13:02:43 |
| 222.186.173.142 | attackspambots | Oct 11 06:36:13 MainVPS sshd[26538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Oct 11 06:36:15 MainVPS sshd[26538]: Failed password for root from 222.186.173.142 port 61848 ssh2 Oct 11 06:36:32 MainVPS sshd[26538]: error: maximum authentication attempts exceeded for root from 222.186.173.142 port 61848 ssh2 [preauth] Oct 11 06:36:13 MainVPS sshd[26538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Oct 11 06:36:15 MainVPS sshd[26538]: Failed password for root from 222.186.173.142 port 61848 ssh2 Oct 11 06:36:32 MainVPS sshd[26538]: error: maximum authentication attempts exceeded for root from 222.186.173.142 port 61848 ssh2 [preauth] Oct 11 06:36:40 MainVPS sshd[26570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Oct 11 06:36:42 MainVPS sshd[26570]: Failed password for root from 222.186.173.142 port |
2019-10-11 12:42:19 |
| 175.136.220.240 | attackspambots | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/175.136.220.240/ MY - 1H : (9) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MY NAME ASN : ASN4788 IP : 175.136.220.240 CIDR : 175.136.192.0/18 PREFIX COUNT : 272 UNIQUE IP COUNT : 2955520 WYKRYTE ATAKI Z ASN4788 : 1H - 1 3H - 1 6H - 2 12H - 4 24H - 6 DateTime : 2019-10-11 05:58:34 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-10-11 12:58:25 |
| 212.64.7.134 | attackspam | Oct 11 06:49:36 site3 sshd\[170228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.7.134 user=root Oct 11 06:49:38 site3 sshd\[170228\]: Failed password for root from 212.64.7.134 port 48362 ssh2 Oct 11 06:53:50 site3 sshd\[170298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.7.134 user=root Oct 11 06:53:52 site3 sshd\[170298\]: Failed password for root from 212.64.7.134 port 56240 ssh2 Oct 11 06:58:05 site3 sshd\[170395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.7.134 user=root ... |
2019-10-11 12:44:16 |
| 210.56.20.181 | attack | Oct 11 06:43:51 mout sshd[7310]: Invalid user nscd from 210.56.20.181 port 41474 |
2019-10-11 12:52:34 |
| 222.186.175.217 | attackbotsspam | Oct 11 06:37:51 apollo sshd\[24275\]: Failed password for root from 222.186.175.217 port 37410 ssh2Oct 11 06:37:55 apollo sshd\[24275\]: Failed password for root from 222.186.175.217 port 37410 ssh2Oct 11 06:38:00 apollo sshd\[24275\]: Failed password for root from 222.186.175.217 port 37410 ssh2 ... |
2019-10-11 12:41:00 |
| 49.88.112.63 | attackspam | detected by Fail2Ban |
2019-10-11 12:19:52 |