City: Tokyo
Region: Tokyo
Country: Japan
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 48.192.0.0 - 48.221.255.255
CIDR: 48.208.0.0/13, 48.216.0.0/14, 48.220.0.0/15, 48.192.0.0/12
NetName: RIPE
NetHandle: NET-48-192-0-0-1
Parent: NET48 (NET-48-0-0-0-0)
NetType: Early Registrations, Transferred to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate: 2023-10-02
Updated: 2025-02-10
Comment: These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois.
Ref: https://rdap.arin.net/registry/ip/48.192.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.ripe.net
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
ReferralServer: whois.ripe.net
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: abuse@ripe.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 48.210.11.197
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 607
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;48.210.11.197. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025101201 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 13 05:30:04 CST 2025
;; MSG SIZE rcvd: 106Host 197.11.210.48.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 197.11.210.48.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 185.232.30.130 | attackbotsspam | =Multiport scan 209 ports : 1018(x5) 1111(x7) 1218(x8) 2001(x7) 2048 2222(x7) 3199(x6) 3200(x5) 3289(x7) 3300(x9) 3322(x2) 3344(x9) 3366(x8) 3370(x5) 3371(x4) 3372(x7) 3373(x6) 3374(x4) 3375(x6) 3376(x4) 3377(x10) 3378(x5) 3379(x6) 3380(x11) 3382(x13) 3385(x11) 3386(x10) 3387(x12) 3388(x26) 3391(x35) 3392(x23) 3393(x24) 3394(x20) 3395(x11) 3396(x4) 3397(x5) 3398(x4) 3399(x24) 3400(x17) 3456(x7) 3500(x7) 3501(x7) 3502(x4) 3503(x5) 3504(x5) 3505(x5) 3506(x3) 3507(x7) 3508(x6) 3509(x6) 3510(x5) 3987(x4) 3988(x5) 3989(x5) 3990(x5) 3991(x6) 3992(x7) 3993(x5) 3994(x6) 3995(x7) 3996(x4) 3997(x5) 3998(x5) 4000(x10) 4001(x11) 4002(x8) 4003(x4) 4009(x4) 4040(x5) 4096 4444(x17) 4489(x12) 5000(x10) 5001(x5) 5002(x5) 5004(x6) 5005(x8) 5006(x7) 5007(x8) 5008(x4) 5009(x5) 5010(x8) 5020(x5) 5050(x7) 5100(x7) 5111(x4) 5188(x6) 5200(x4) 5222(x5) 5300(x6) 5333(x6) 5389(x8) 5444(x7) 5555(x14) 5589(x12) 5603(x5) 5650(x5) 5656(x5) 5660(x4) 5665(x4) 5700(x7) 5705(x5) 5707(x4) 5750(x4) 5757(x6) 5775(x5) 5777(x.... |
2020-09-08 09:01:13 |
| 92.220.10.100 | attackbots | IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking. |
2020-09-08 12:08:54 |
| 45.142.120.74 | attackbots | 2020-09-08 07:01:25 auth_plain authenticator failed for (User) [45.142.120.74]: 535 Incorrect authentication data (set_id=cassia@lavrinenko.info) 2020-09-08 07:02:27 auth_plain authenticator failed for (User) [45.142.120.74]: 535 Incorrect authentication data (set_id=win-sg@lavrinenko.info) ... |
2020-09-08 12:03:15 |
| 179.57.206.66 | attackbotsspam | Sep 7 18:52:26 pl3server sshd[7544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.57.206.66 user=r.r Sep 7 18:52:27 pl3server sshd[7546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.57.206.66 user=r.r Sep 7 18:52:28 pl3server sshd[7544]: Failed password for r.r from 179.57.206.66 port 37472 ssh2 Sep 7 18:52:28 pl3server sshd[7544]: Connection closed by 179.57.206.66 port 37472 [preauth] Sep 7 18:52:28 pl3server sshd[7546]: Failed password for r.r from 179.57.206.66 port 37540 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=179.57.206.66 |
2020-09-08 08:56:14 |
| 222.186.180.147 | attackbots | Sep 8 06:10:09 theomazars sshd[21539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.147 user=root Sep 8 06:10:11 theomazars sshd[21539]: Failed password for root from 222.186.180.147 port 55796 ssh2 |
2020-09-08 12:11:33 |
| 218.60.41.136 | attackbots | Sep 7 18:55:38 |
2020-09-08 12:07:11 |
| 106.51.80.198 | attack | 2020-09-07T20:43:59.7649351495-001 sshd[53765]: Invalid user bow from 106.51.80.198 port 44932 2020-09-07T20:44:01.3813731495-001 sshd[53765]: Failed password for invalid user bow from 106.51.80.198 port 44932 ssh2 2020-09-07T20:47:07.7704781495-001 sshd[53886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.80.198 user=root 2020-09-07T20:47:09.8603251495-001 sshd[53886]: Failed password for root from 106.51.80.198 port 34268 ssh2 2020-09-07T20:50:09.0169771495-001 sshd[53999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.80.198 user=root 2020-09-07T20:50:11.2868301495-001 sshd[53999]: Failed password for root from 106.51.80.198 port 51826 ssh2 ... |
2020-09-08 12:05:52 |
| 112.85.42.174 | attackbotsspam | $f2bV_matches |
2020-09-08 12:05:23 |
| 192.241.231.22 | attack | [Sun Sep 06 17:44:43 2020] - DDoS Attack From IP: 192.241.231.22 Port: 34852 |
2020-09-08 08:56:44 |
| 163.172.42.123 | attack | 163.172.42.123 - - [07/Sep/2020:18:50:19 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 163.172.42.123 - - [07/Sep/2020:18:50:24 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 163.172.42.123 - - [07/Sep/2020:18:50:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-09-08 08:59:41 |
| 218.92.0.133 | attackbotsspam | Sep 8 02:51:01 vps1 sshd[11091]: Failed none for invalid user root from 218.92.0.133 port 44447 ssh2 Sep 8 02:51:01 vps1 sshd[11091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.133 user=root Sep 8 02:51:03 vps1 sshd[11091]: Failed password for invalid user root from 218.92.0.133 port 44447 ssh2 Sep 8 02:51:07 vps1 sshd[11091]: Failed password for invalid user root from 218.92.0.133 port 44447 ssh2 Sep 8 02:51:11 vps1 sshd[11091]: Failed password for invalid user root from 218.92.0.133 port 44447 ssh2 Sep 8 02:51:15 vps1 sshd[11091]: Failed password for invalid user root from 218.92.0.133 port 44447 ssh2 Sep 8 02:51:18 vps1 sshd[11091]: Failed password for invalid user root from 218.92.0.133 port 44447 ssh2 Sep 8 02:51:19 vps1 sshd[11091]: error: maximum authentication attempts exceeded for invalid user root from 218.92.0.133 port 44447 ssh2 [preauth] ... |
2020-09-08 08:53:38 |
| 147.135.203.181 | attackspambots | 2020-09-08T00:50:00.440202shield sshd\[25042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip181.ip-147-135-203.eu user=root 2020-09-08T00:50:02.288047shield sshd\[25042\]: Failed password for root from 147.135.203.181 port 35230 ssh2 2020-09-08T00:53:25.111980shield sshd\[25256\]: Invalid user zabbix from 147.135.203.181 port 41174 2020-09-08T00:53:25.122601shield sshd\[25256\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip181.ip-147-135-203.eu 2020-09-08T00:53:27.448580shield sshd\[25256\]: Failed password for invalid user zabbix from 147.135.203.181 port 41174 ssh2 |
2020-09-08 08:57:30 |
| 148.72.208.210 | attackbotsspam | Sep 8 06:02:21 vpn01 sshd[16461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.208.210 Sep 8 06:02:23 vpn01 sshd[16461]: Failed password for invalid user biz from 148.72.208.210 port 49432 ssh2 ... |
2020-09-08 12:02:46 |
| 111.241.109.183 | attackspambots | Honeypot attack, port: 445, PTR: 111-241-109-183.dynamic-ip.hinet.net. |
2020-09-08 09:05:52 |
| 116.118.238.18 | attackbotsspam | Automatic report - XMLRPC Attack |
2020-09-08 08:55:46 |