City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 149.165.0.0 - 149.165.255.255
CIDR: 149.165.0.0/16
NetName: INDIANA-149-165
NetHandle: NET-149-165-0-0-1
Parent: NET149 (NET-149-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Indiana University (INDIAN-Z)
RegDate: 1991-05-06
Updated: 2018-08-03
Ref: https://rdap.arin.net/registry/ip/149.165.0.0
OrgName: Indiana University
OrgId: INDIAN-Z
Address: 2709 E 10th Street
Address: Indiana University Information Technology
Address: networks division
City: Bloomington
StateProv: IN
PostalCode: 47408
Country: US
RegDate: 2009-11-03
Updated: 2025-08-01
Ref: https://rdap.arin.net/registry/entity/INDIAN-Z
OrgRoutingHandle: IGRP-ARIN
OrgRoutingName: I-Light and GigaPOP Routing POC
OrgRoutingPhone: +1-317-278-6635
OrgRoutingEmail: routing@indiana.gigapop.net
OrgRoutingRef: https://rdap.arin.net/registry/entity/IGRP-ARIN
OrgTechHandle: DBE43-ARIN
OrgTechName: Beals, Damon
OrgTechPhone: +1-317-274-7946
OrgTechEmail: dbeals@iu.edu
OrgTechRef: https://rdap.arin.net/registry/entity/DBE43-ARIN
OrgTechHandle: SPENC364-ARIN
OrgTechName: Spencer, Mark
OrgTechPhone: +1-812-855-3098
OrgTechEmail: maespenc@iu.edu
OrgTechRef: https://rdap.arin.net/registry/entity/SPENC364-ARIN
OrgAbuseHandle: INDIA-ARIN
OrgAbuseName: IndianaUniversity-abuse
OrgAbusePhone: +1-812-855-9255
OrgAbuseEmail: abuse@iu.edu
OrgAbuseRef: https://rdap.arin.net/registry/entity/INDIA-ARIN
OrgTechHandle: GARRE238-ARIN
OrgTechName: Garrett, Caleb
OrgTechPhone: +1-812-855-4776
OrgTechEmail: ctgarret@iu.edu
OrgTechRef: https://rdap.arin.net/registry/entity/GARRE238-ARIN
OrgTechHandle: JEA98-ARIN
OrgTechName: Ambern, Jeff Edward
OrgTechPhone: +1-812-856-7520
OrgTechEmail: jambern@iu.edu
OrgTechRef: https://rdap.arin.net/registry/entity/JEA98-ARIN
RTechHandle: IUD-ORG-ARIN
RTechName: Indiana University Computing Services
RTechPhone: +1-317-274-7788
RTechEmail: dns-admin@iu.edu
RTechRef: https://rdap.arin.net/registry/entity/IUD-ORG-ARIN
# end
# start
NetRange: 149.165.128.0 - 149.165.255.255
CIDR: 149.165.128.0/17
NetName: INDIANA-GIGAPOP-17
NetHandle: NET-149-165-128-0-1
Parent: INDIANA-149-165 (NET-149-165-0-0-1)
NetType: Reallocated
OriginAS:
Organization: Indiana University (INDIAN)
RegDate: 2003-10-24
Updated: 2018-08-03
Ref: https://rdap.arin.net/registry/ip/149.165.128.0
OrgName: Indiana University
OrgId: INDIAN
Address: 2709 E 10th Street
Address: Indiana University Information Technology
Address: networks division
City: Bloomington
StateProv: IN
PostalCode: 47408
Country: US
RegDate:
Updated: 2025-08-01
Ref: https://rdap.arin.net/registry/entity/INDIAN
OrgAbuseHandle: INDIA-ARIN
OrgAbuseName: IndianaUniversity-abuse
OrgAbusePhone: +1-812-855-9255
OrgAbuseEmail: abuse@iu.edu
OrgAbuseRef: https://rdap.arin.net/registry/entity/INDIA-ARIN
OrgTechHandle: GARRE238-ARIN
OrgTechName: Garrett, Caleb
OrgTechPhone: +1-812-855-4776
OrgTechEmail: ctgarret@iu.edu
OrgTechRef: https://rdap.arin.net/registry/entity/GARRE238-ARIN
OrgTechHandle: JEA98-ARIN
OrgTechName: Ambern, Jeff Edward
OrgTechPhone: +1-812-856-7520
OrgTechEmail: jambern@iu.edu
OrgTechRef: https://rdap.arin.net/registry/entity/JEA98-ARIN
OrgTechHandle: DBE43-ARIN
OrgTechName: Beals, Damon
OrgTechPhone: +1-317-274-7946
OrgTechEmail: dbeals@iu.edu
OrgTechRef: https://rdap.arin.net/registry/entity/DBE43-ARIN
OrgTechHandle: SPENC364-ARIN
OrgTechName: Spencer, Mark
OrgTechPhone: +1-812-855-3098
OrgTechEmail: maespenc@iu.edu
OrgTechRef: https://rdap.arin.net/registry/entity/SPENC364-ARIN
OrgRoutingHandle: IGRP-ARIN
OrgRoutingName: I-Light and GigaPOP Routing POC
OrgRoutingPhone: +1-317-278-6635
OrgRoutingEmail: routing@indiana.gigapop.net
OrgRoutingRef: https://rdap.arin.net/registry/entity/IGRP-ARIN
RTechHandle: TJO40-ARIN
RTechName: Johnson, Tom
RTechPhone: +1-317-278-3747
RTechEmail: wtjohnso@globalnoc.iu.edu
RTechRef: https://rdap.arin.net/registry/entity/TJO40-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.165.153.121
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20559
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;149.165.153.121. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025120901 1800 900 604800 86400
;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 10 04:13:31 CST 2025
;; MSG SIZE rcvd: 108b'121.153.165.149.in-addr.arpa domain name pointer a-cpu-offline.phy250056.projects.jetstream-cloud.org.
'b'121.153.165.149.in-addr.arpa name = a-cpu-offline.phy250056.projects.jetstream-cloud.org.
Authoritative answers can be found from:
'| IP | Type | Details | Datetime |
|---|---|---|---|
| 103.121.195.4 | attack | Jul 26 20:49:55 shared06 sshd[5771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.121.195.4 user=r.r Jul 26 20:49:57 shared06 sshd[5771]: Failed password for r.r from 103.121.195.4 port 44046 ssh2 Jul 26 20:49:58 shared06 sshd[5771]: Received disconnect from 103.121.195.4 port 44046:11: Bye Bye [preauth] Jul 26 20:49:58 shared06 sshd[5771]: Disconnected from 103.121.195.4 port 44046 [preauth] Jul 26 21:04:56 shared06 sshd[9313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.121.195.4 user=r.r Jul 26 21:04:58 shared06 sshd[9313]: Failed password for r.r from 103.121.195.4 port 33826 ssh2 Jul 26 21:04:58 shared06 sshd[9313]: Received disconnect from 103.121.195.4 port 33826:11: Bye Bye [preauth] Jul 26 21:04:58 shared06 sshd[9313]: Disconnected from 103.121.195.4 port 33826 [preauth] Jul 26 21:10:21 shared06 sshd[11307]: pam_unix(sshd:auth): authentication failure; logname= uid=........ ------------------------------- |
2019-07-29 14:33:33 |
| 107.6.169.250 | attack | port scan and connect, tcp 3128 (squid-http) |
2019-07-29 14:43:02 |
| 47.52.169.40 | attackbots | [portscan] Port scan |
2019-07-29 14:29:48 |
| 185.220.101.20 | attackbots | BURG,WP GET /wp-login.php |
2019-07-29 14:26:35 |
| 61.147.51.246 | attackspam | 20 attempts against mh-ssh on web.discountlight.com |
2019-07-29 14:38:41 |
| 158.69.217.202 | attackbotsspam | 2019/07/29 08:06:53 [error] 887#887: *5984 FastCGI sent in stderr: "PHP message: [158.69.217.202] user 9had: authentication failure for "https://nihad.dk/wp-admin/": Password Mismatch" while reading response header from upstream, client: 158.69.217.202, server: nihad.dk, request: "POST /wp-login.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm-nihad.dk.sock:", host: "nihad.dk" 2019/07/29 08:06:53 [error] 887#887: *5986 FastCGI sent in stderr: "PHP message: [158.69.217.202] user [login]: authentication failure for "https://nihad.dk/wp-admin/": Password Mismatch" while reading response header from upstream, client: 158.69.217.202, server: nihad.dk, request: "POST /xmlrpc.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm-nihad.dk.sock:", host: "nihad.dk" ... |
2019-07-29 14:25:31 |
| 51.38.186.200 | attack | Jul 29 13:45:10 lcl-usvr-01 sshd[1340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.186.200 user=root Jul 29 13:49:24 lcl-usvr-01 sshd[3061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.186.200 user=root Jul 29 13:53:31 lcl-usvr-01 sshd[4522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.186.200 user=root |
2019-07-29 15:15:18 |
| 180.249.202.17 | attack | Automatic report - Port Scan Attack |
2019-07-29 15:02:46 |
| 49.83.152.244 | attack | 20 attempts against mh-ssh on float.magehost.pro |
2019-07-29 15:06:52 |
| 23.129.64.186 | attackspam | C1,WP GET /wp-login.php |
2019-07-29 14:53:51 |
| 179.146.249.92 | attack | SSH/22 MH Probe, BF, Hack - |
2019-07-29 15:21:54 |
| 220.94.205.222 | attackbotsspam | Automatic report - Banned IP Access |
2019-07-29 14:44:35 |
| 197.251.207.20 | attackbotsspam | Jul 29 12:14:17 vibhu-HP-Z238-Microtower-Workstation sshd\[23304\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.251.207.20 user=root Jul 29 12:14:19 vibhu-HP-Z238-Microtower-Workstation sshd\[23304\]: Failed password for root from 197.251.207.20 port 53026 ssh2 Jul 29 12:19:03 vibhu-HP-Z238-Microtower-Workstation sshd\[23390\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.251.207.20 user=root Jul 29 12:19:05 vibhu-HP-Z238-Microtower-Workstation sshd\[23390\]: Failed password for root from 197.251.207.20 port 19977 ssh2 Jul 29 12:23:49 vibhu-HP-Z238-Microtower-Workstation sshd\[23483\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.251.207.20 user=root ... |
2019-07-29 15:02:14 |
| 148.251.70.179 | attackbots | 20 attempts against mh-misbehave-ban on milky.magehost.pro |
2019-07-29 14:36:09 |
| 190.109.170.105 | attackbots | proto=tcp . spt=53037 . dpt=25 . (listed on Blocklist de Jul 28) (1199) |
2019-07-29 14:45:00 |