City: Tokyo
Region: Tokyo
Country: Japan
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See https://docs.db.ripe.net/terms-conditions.html
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '95.85.94.0 - 95.85.94.255'
% Abuse contact for '95.85.94.0 - 95.85.94.255' is 'abuse@gcore.lu'
inetnum: 95.85.94.0 - 95.85.94.255
descr: G-Core Labs Customer assignment
netname: GCL-CUSTOMER-JP
country: JP
geofeed: https://geofeed.gcore.lu/IP-Range.csv
admin-c: LA5122-RIPE
tech-c: LA5122-RIPE
status: ASSIGNED PA
geoloc: 35.66659 139.79302
mnt-by: GCL1-MNT
created: 2023-01-12T08:46:51Z
last-modified: 2026-02-12T14:10:53Z
source: RIPE
person: LIR Admin
address: G-Core Labs S.A.
address: 2 Rue Edmond Reuter
address: 5326 Contern
phone: +35220880507
nic-hdl: LA5122-RIPE
mnt-by: GCL1-MNT
created: 2012-12-05T15:05:34Z
last-modified: 2023-07-17T19:38:48Z
source: RIPE # Filtered
% Information related to '95.85.94.0/24AS199524'
route: 95.85.94.0/24
descr: GCL-95-85-94-0-24
origin: AS199524
mnt-by: GCL1-MNT
created: 2020-12-17T09:29:30Z
last-modified: 2020-12-17T09:29:30Z
source: RIPE
% This query was served by the RIPE Database Query Service version 1.121.2 (ABERDEEN); <<>> DiG 9.10.3-P4-Ubuntu <<>> 95.85.94.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22440
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;95.85.94.242. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026041502 1800 900 604800 86400
;; Query time: 6 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 16 07:45:23 CST 2026
;; MSG SIZE rcvd: 105Host 242.94.85.95.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 242.94.85.95.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 181.164.107.226 | attackbots | Jul 19 10:38:42 marvibiene sshd[1951]: Invalid user boomi from 181.164.107.226 port 58491 Jul 19 10:38:42 marvibiene sshd[1951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.164.107.226 Jul 19 10:38:42 marvibiene sshd[1951]: Invalid user boomi from 181.164.107.226 port 58491 Jul 19 10:38:44 marvibiene sshd[1951]: Failed password for invalid user boomi from 181.164.107.226 port 58491 ssh2 ... |
2019-07-19 21:56:41 |
| 138.197.78.121 | attackspam | 2019-07-19T09:29:45.357327lon01.zurich-datacenter.net sshd\[25296\]: Invalid user virtual from 138.197.78.121 port 57624 2019-07-19T09:29:45.361818lon01.zurich-datacenter.net sshd\[25296\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.78.121 2019-07-19T09:29:47.516771lon01.zurich-datacenter.net sshd\[25296\]: Failed password for invalid user virtual from 138.197.78.121 port 57624 ssh2 2019-07-19T09:34:17.610578lon01.zurich-datacenter.net sshd\[25444\]: Invalid user smkwon from 138.197.78.121 port 55340 2019-07-19T09:34:17.616547lon01.zurich-datacenter.net sshd\[25444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.78.121 ... |
2019-07-19 22:33:59 |
| 205.178.40.3 | attackspam | 2019-07-19T13:45:02.568677abusebot-4.cloudsearch.cf sshd\[14228\]: Invalid user eli from 205.178.40.3 port 50080 |
2019-07-19 21:52:15 |
| 196.52.43.54 | attackspambots | 3493/tcp 5060/udp 6001/tcp... [2019-05-18/07-19]101pkt,50pt.(tcp),8pt.(udp),1tp.(icmp) |
2019-07-19 22:12:06 |
| 181.40.122.2 | attack | Jul 19 12:29:38 vps647732 sshd[6033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.40.122.2 Jul 19 12:29:40 vps647732 sshd[6033]: Failed password for invalid user ftb from 181.40.122.2 port 53596 ssh2 ... |
2019-07-19 22:31:46 |
| 112.85.42.88 | attackspambots | Jul 19 15:49:40 piServer sshd\[29160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.88 user=root Jul 19 15:49:42 piServer sshd\[29160\]: Failed password for root from 112.85.42.88 port 29791 ssh2 Jul 19 15:51:21 piServer sshd\[29278\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.88 user=root Jul 19 15:51:22 piServer sshd\[29278\]: Failed password for root from 112.85.42.88 port 59542 ssh2 Jul 19 15:51:24 piServer sshd\[29278\]: Failed password for root from 112.85.42.88 port 59542 ssh2 ... |
2019-07-19 22:07:45 |
| 92.46.110.2 | attackbots | 445/tcp 445/tcp [2019-07-11/19]2pkt |
2019-07-19 22:28:25 |
| 51.38.176.147 | attackbots | Jul 19 15:46:28 localhost sshd\[22950\]: Invalid user nux from 51.38.176.147 port 46806 Jul 19 15:46:28 localhost sshd\[22950\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.176.147 Jul 19 15:46:30 localhost sshd\[22950\]: Failed password for invalid user nux from 51.38.176.147 port 46806 ssh2 |
2019-07-19 21:50:16 |
| 182.74.119.10 | attack | Unauthorised access (Jul 19) SRC=182.74.119.10 LEN=48 TTL=118 ID=8400 DF TCP DPT=445 WINDOW=8192 SYN |
2019-07-19 22:37:14 |
| 203.223.191.3 | attackbotsspam | [SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(07191040) |
2019-07-19 23:10:15 |
| 216.189.15.132 | attack | Automatic report - Banned IP Access |
2019-07-19 22:09:05 |
| 27.147.169.73 | attack | Jul 19 04:00:28 TORMINT sshd\[2627\]: Invalid user placrim from 27.147.169.73 Jul 19 04:00:28 TORMINT sshd\[2627\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.147.169.73 Jul 19 04:00:30 TORMINT sshd\[2627\]: Failed password for invalid user placrim from 27.147.169.73 port 60322 ssh2 ... |
2019-07-19 22:58:36 |
| 168.181.174.187 | attack | [Aegis] @ 2019-07-19 06:48:29 0100 -> Multiple attempts to send e-mail from invalid/unknown sender domain. |
2019-07-19 21:57:17 |
| 61.177.172.158 | attackbots | Jul 19 13:57:04 cvbmail sshd\[16836\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.158 user=root Jul 19 13:57:06 cvbmail sshd\[16836\]: Failed password for root from 61.177.172.158 port 12911 ssh2 Jul 19 14:00:58 cvbmail sshd\[16867\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.158 user=root |
2019-07-19 22:25:19 |
| 119.196.83.6 | attackbotsspam | /var/log/messages:Jul 16 04:20:09 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1563250809.836:31319): pid=32725 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha2-256 pfs=ecdh-sha2-nistp256 spid=32726 suid=74 rport=48170 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=119.196.83.6 terminal=? res=success' /var/log/messages:Jul 16 04:20:09 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1563250809.839:31320): pid=32725 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha2-256 pfs=ecdh-sha2-nistp256 spid=32726 suid=74 rport=48170 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=119.196.83.6 terminal=? res=success' /var/log/messages:Jul 16 04:20:18 sanyalnet-cloud-vps fail2ban.filter[5325]: INFO [sshd]........ ------------------------------- |
2019-07-19 21:48:44 |