城市(city): unknown
省份(region): Colorado
国家(country): United States
运营商(isp): RTC Communications LLC
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 205.168.0.0 - 205.171.255.255
CIDR: 205.168.0.0/14
NetName: CENTURYLINK-LEGACY-QWEST-INET-35
NetHandle: NET-205-168-0-0-1
Parent: NET205 (NET-205-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: CenturyLink Communications, LLC (CCL-534)
RegDate: 1995-03-17
Updated: 2018-02-21
Ref: https://rdap.arin.net/registry/ip/205.168.0.0
OrgName: CenturyLink Communications, LLC
OrgId: CCL-534
Address: 100 CENTURYLINK DR
City: Monroe
StateProv: LA
PostalCode: 71201
Country: US
RegDate: 2018-07-12
Updated: 2024-06-17
Comment: USAGE OF IP SPACE MUST COMPLY WITH OUR ACCEPTABLE USE POLICY:
Comment: https://www.lumen.com/en-us/about/legal/acceptable-use-policy.html
Comment:
Comment: ADDRESSES COVERED BY THIS ORG-ID ARE NON-PORTABLE ANY ISP ANNOUNCING OR TRANSITING PORTIONS WITHIN OUR RANGES SHOULD NOT RELY ON PRESENTED LOA'S OR OLD WHOIS UNLESS THOSE RANGES ARE ALSO ACTIVELY DIRECTLY ANNOUNCED TO A LUMEN ASN. WITH ALL LOA'S THESE CONDITIONS APPLY:
Comment:
Comment: 1. You are permitted to route the Lumen IP prefixes listed via Public BGP to your alternate ISP from the designated ASN. Any other ASN originating the prefix listed is forbidden.
Comment: 2. The Lumen IP prefixes listed can be routed via Public BGP to your alternate ISP as long as you remain an active customer with Lumen and continue to route the prefixes over at least one Lumen Internet circuit without significant traffic engineering.
Comment: 3. Should your Internet services with Lumen be discontinued, Lumen reserves the right to have your alternate ISP terminate the routing of the Lumen IP prefixes without advanced notification, should you fail to do so.
Comment: 4. All IP Addresses assigned or allocated by Lumen to an end-user (customer or ISP) shall be considered non-portable and will be reclaimed by Lumen upon service termination.
Comment: 5. Lumen reserves the right to conduct audits to ensure the LOA conditions are being met.
Comment: 6. Usage of IP space must comply with our AUP https://www.lumen.com/en-us/about/legal/acceptable-use-policy.html
Comment:
Comment: Our looking glass is located at: https://lookingglass.centurylink.com/
Comment:
Comment: For subpoena or court order please fax 844.254.5800 or refer to our Trust & Safety page:
Comment: https://www.lumen.com/en-us/about/legal/trust-center/trust-and-safety.html
Comment:
Comment: For abuse issues, please email abuse@aup.lumen.com
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email)
Comment: Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/CCL-534
OrgTechHandle: QIA-ARIN
OrgTechName: Centurylink IP Admin
OrgTechPhone: +1-877-886-6515
OrgTechEmail: ipadmin@centurylink.com
OrgTechRef: https://rdap.arin.net/registry/entity/QIA-ARIN
OrgAbuseHandle: CAD54-ARIN
OrgAbuseName: Centurylink Abuse Desk
OrgAbusePhone: +1-877-886-6515
OrgAbuseEmail: abuse@aup.lumen.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/CAD54-ARIN
OrgRoutingHandle: RPKIR-ARIN
OrgRoutingName: RPKI-ROA
OrgRoutingPhone: +1-877-886-6515
OrgRoutingEmail: rpki-roa@lumen.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/RPKIR-ARIN
# end
# start
NetRange: 205.169.39.0 - 205.169.39.255
CIDR: 205.169.39.0/24
NetName: LOANED-SPACE-TO-PALO-ALTO
NetHandle: NET-205-169-39-0-1
Parent: CENTURYLINK-LEGACY-QWEST-INET-35 (NET-205-168-0-0-1)
NetType: Reassigned
OriginAS:
Organization: Palo Alto Networks, Inc (PAN-22)
RegDate: 2025-12-01
Updated: 2025-12-01
Ref: https://rdap.arin.net/registry/ip/205.169.39.0
OrgName: Palo Alto Networks, Inc
OrgId: PAN-22
Address: Palo Alto Networks
Address: 3000 Tannery Way
Address: Santa Clara, CA 95054
City: Santa Clara
StateProv: CA
PostalCode: 95054
Country: US
RegDate: 2017-11-22
Updated: 2024-11-25
Ref: https://rdap.arin.net/registry/entity/PAN-22
OrgTechHandle: GNS20-ARIN
OrgTechName: Global Network Services
OrgTechPhone: +1-408-753-4000
OrgTechEmail: gns-prod@paloaltonetworks.com
OrgTechRef: https://rdap.arin.net/registry/entity/GNS20-ARIN
OrgAbuseHandle: IPABU42-ARIN
OrgAbuseName: IP Abuse
OrgAbusePhone: +1-408-753-4000
OrgAbuseEmail: dl-ipabuse@paloaltonetworks.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/IPABU42-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 205.169.39.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30151
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;205.169.39.0. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025121000 1800 900 604800 86400
;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 10 22:31:18 CST 2025
;; MSG SIZE rcvd: 105Host 0.39.169.205.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 0.39.169.205.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 220.178.75.153 | attackspam | Invalid user ghost from 220.178.75.153 port 31460 |
2020-04-03 09:11:46 |
| 217.182.169.183 | attackbots | Apr 3 01:48:20 ns382633 sshd\[15462\]: Invalid user ci from 217.182.169.183 port 54302 Apr 3 01:48:20 ns382633 sshd\[15462\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.169.183 Apr 3 01:48:23 ns382633 sshd\[15462\]: Failed password for invalid user ci from 217.182.169.183 port 54302 ssh2 Apr 3 01:56:36 ns382633 sshd\[17130\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.169.183 user=root Apr 3 01:56:38 ns382633 sshd\[17130\]: Failed password for root from 217.182.169.183 port 58390 ssh2 |
2020-04-03 09:07:53 |
| 106.75.176.189 | attackbotsspam | 2020-04-02T23:04:27.249587abusebot-8.cloudsearch.cf sshd[30487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.176.189 user=root 2020-04-02T23:04:29.342455abusebot-8.cloudsearch.cf sshd[30487]: Failed password for root from 106.75.176.189 port 52206 ssh2 2020-04-02T23:07:47.853987abusebot-8.cloudsearch.cf sshd[30852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.176.189 user=root 2020-04-02T23:07:49.736173abusebot-8.cloudsearch.cf sshd[30852]: Failed password for root from 106.75.176.189 port 37226 ssh2 2020-04-02T23:10:32.625290abusebot-8.cloudsearch.cf sshd[31043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.176.189 user=root 2020-04-02T23:10:35.159906abusebot-8.cloudsearch.cf sshd[31043]: Failed password for root from 106.75.176.189 port 50476 ssh2 2020-04-02T23:13:00.946866abusebot-8.cloudsearch.cf sshd[31217]: pam_unix(sshd:auth): ... |
2020-04-03 09:39:05 |
| 185.176.27.174 | attackbots | 04/02/2020-21:26:52.352071 185.176.27.174 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-04-03 09:47:35 |
| 193.183.187.252 | attackbots | 193.183.187.252 - - \[02/Apr/2020:23:44:43 +0200\] "GET / HTTP/1.1" 301 832 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" 193.183.187.252 - - \[02/Apr/2020:23:44:43 +0200\] "GET / HTTP/1.1" 301 4535 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" 193.183.187.252 - - \[02/Apr/2020:23:44:43 +0200\] "GET /de/ HTTP/1.1" 200 17092 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" ... |
2020-04-03 09:21:06 |
| 120.29.84.25 | attack | Apr 2 21:49:10 system,error,critical: login failure for user admin from 120.29.84.25 via telnet Apr 2 21:49:11 system,error,critical: login failure for user admin from 120.29.84.25 via telnet Apr 2 21:49:12 system,error,critical: login failure for user root from 120.29.84.25 via telnet Apr 2 21:49:13 system,error,critical: login failure for user root from 120.29.84.25 via telnet Apr 2 21:49:15 system,error,critical: login failure for user root from 120.29.84.25 via telnet Apr 2 21:49:16 system,error,critical: login failure for user admin1 from 120.29.84.25 via telnet Apr 2 21:49:17 system,error,critical: login failure for user root from 120.29.84.25 via telnet Apr 2 21:49:18 system,error,critical: login failure for user admin from 120.29.84.25 via telnet Apr 2 21:49:20 system,error,critical: login failure for user root from 120.29.84.25 via telnet Apr 2 21:49:21 system,error,critical: login failure for user admin from 120.29.84.25 via telnet |
2020-04-03 08:53:26 |
| 112.250.85.252 | attack | port scan and connect, tcp 23 (telnet) |
2020-04-03 09:05:56 |
| 83.36.48.61 | attack | 5x Failed Password |
2020-04-03 09:24:41 |
| 109.197.192.18 | attack | Fail2Ban Ban Triggered |
2020-04-03 09:03:12 |
| 193.234.222.31 | attack | 193.234.222.31 - - \[02/Apr/2020:23:41:52 +0200\] "GET / HTTP/1.1" 301 902 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" 193.234.222.31 - - \[02/Apr/2020:23:41:53 +0200\] "GET / HTTP/1.1" 200 17148 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" ... |
2020-04-03 09:35:41 |
| 193.183.102.168 | attackbots | 193.183.102.168 - - \[02/Apr/2020:23:43:03 +0200\] "GET / HTTP/1.1" 301 832 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" 193.183.102.168 - - \[02/Apr/2020:23:43:03 +0200\] "GET / HTTP/1.1" 301 4535 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" 193.183.102.168 - - \[02/Apr/2020:23:43:03 +0200\] "GET /de/ HTTP/1.1" 200 17092 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" ... |
2020-04-03 09:31:48 |
| 194.14.85.127 | attackspam | 194.14.85.127 - - \[02/Apr/2020:23:46:32 +0200\] "GET / HTTP/1.1" 301 832 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" 194.14.85.127 - - \[02/Apr/2020:23:46:32 +0200\] "GET / HTTP/1.1" 301 4535 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" 194.14.85.127 - - \[02/Apr/2020:23:46:33 +0200\] "GET /de/ HTTP/1.1" 200 17091 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" ... |
2020-04-03 09:27:21 |
| 183.82.108.224 | attackspambots | Apr 3 01:01:39 localhost sshd\[6432\]: Invalid user ge from 183.82.108.224 port 40014 Apr 3 01:01:39 localhost sshd\[6432\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.108.224 Apr 3 01:01:40 localhost sshd\[6432\]: Failed password for invalid user ge from 183.82.108.224 port 40014 ssh2 ... |
2020-04-03 09:42:03 |
| 185.234.217.95 | attackbots | Unauthorized connection attempt detected from IP address 185.234.217.95 to port 4848 |
2020-04-03 09:20:01 |
| 90.162.244.87 | attackspam | Invalid user bwc from 90.162.244.87 port 44680 |
2020-04-03 09:10:37 |