City: Warsaw
Region: Mazowieckie
Country: Poland
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 149.50.0.0 - 149.50.255.255
CIDR: 149.50.0.0/16
NetName: COGENT-149-50-16
NetHandle: NET-149-50-0-0-1
Parent: NET149 (NET-149-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Cogent Communications, LLC (COGC)
RegDate: 1992-01-28
Updated: 2025-09-23
Ref: https://rdap.arin.net/registry/ip/149.50.0.0
OrgName: Cogent Communications, LLC
OrgId: COGC
Address: 2450 N Street NW
City: Washington
StateProv: DC
PostalCode: 20037
Country: US
RegDate: 2000-05-30
Updated: 2025-09-23
Comment: Geofeed https://geofeed.cogentco.com/geofeed.csv
Ref: https://rdap.arin.net/registry/entity/COGC
ReferralServer: rwhois://rwhois.cogentco.com:4321
OrgAbuseHandle: COGEN-ARIN
OrgAbuseName: Cogent Abuse
OrgAbusePhone: +1-877-875-4311
OrgAbuseEmail: abuse@cogentco.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/COGEN-ARIN
OrgTechHandle: IPALL-ARIN
OrgTechName: IP Allocation
OrgTechPhone: +1-877-875-4311
OrgTechEmail: ipalloc@cogentco.com
OrgTechRef: https://rdap.arin.net/registry/entity/IPALL-ARIN
OrgNOCHandle: ZC108-ARIN
OrgNOCName: Cogent Communications
OrgNOCPhone: +1-877-875-4311
OrgNOCEmail: noc@cogentco.com
OrgNOCRef: https://rdap.arin.net/registry/entity/ZC108-ARIN
# end
# start
NetRange: 149.50.96.0 - 149.50.127.255
CIDR: 149.50.96.0/19
NetName: MEVERYWHERE-CGNT-NET-1
NetHandle: NET-149-50-96-0-1
Parent: COGENT-149-50-16 (NET-149-50-0-0-1)
NetType: Reallocated
OriginAS:
Organization: MEVSPACE (MSZO)
RegDate: 2023-06-28
Updated: 2023-06-28
Ref: https://rdap.arin.net/registry/ip/149.50.96.0
OrgName: MEVSPACE
OrgId: MSZO
Address: ul.Augustyna Locciego 33
City: Warsaw
StateProv:
PostalCode: 02-928
Country: PL
RegDate: 2023-06-20
Updated: 2023-06-28
Ref: https://rdap.arin.net/registry/entity/MSZO
OrgTechHandle: OLEJN3-ARIN
OrgTechName: Olejnik, Sebastian
OrgTechPhone: +48 22 100 41 44
OrgTechEmail: sebastian.olejnik@mevspace.com
OrgTechRef: https://rdap.arin.net/registry/entity/OLEJN3-ARIN
OrgAbuseHandle: ABUSE8767-ARIN
OrgAbuseName: Abuse-mevspace
OrgAbusePhone: +48 22 100 41 44
OrgAbuseEmail: abuse@mevspace.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE8767-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to rwhois.cogentco.com:4321.
%rwhois V-1.5:0010b0:00 rwhois.cogentco.com (CGNT rwhoisd 1.2.1)
network:ID:NET4-9532600013
network:Network-Name:NET4-9532600013
network:IP-Network:149.50.96.0/19
network:Org-Name:Meverywhere sp.zo.o.
network:Street-Address:AL JEROZOLIMSKIE 65/79
network:City:WARSAW
network:Country:PL
network:Postal-Code:00-697
network:Tech-Contact:ZC108-ARIN
network:Updated:2024-05-13 18:30:01
%ok; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.50.97.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11625
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;149.50.97.212. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025100601 1800 900 604800 86400
;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 07 08:31:14 CST 2025
;; MSG SIZE rcvd: 106Host 212.97.50.149.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 212.97.50.149.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.148.10.116 | attack | scans once in preceeding hours on the ports (in chronological order) 9443 resulting in total of 5 scans from 45.148.10.0/24 block. |
2020-05-23 00:09:15 |
| 159.65.136.141 | attack | May 22 18:31:03 pornomens sshd\[20129\]: Invalid user ide from 159.65.136.141 port 59796 May 22 18:31:03 pornomens sshd\[20129\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.136.141 May 22 18:31:06 pornomens sshd\[20129\]: Failed password for invalid user ide from 159.65.136.141 port 59796 ssh2 ... |
2020-05-23 00:35:07 |
| 59.152.62.189 | attackspambots | May 22 13:49:48 sip sshd[361749]: Invalid user lhr from 59.152.62.189 port 52264 May 22 13:49:50 sip sshd[361749]: Failed password for invalid user lhr from 59.152.62.189 port 52264 ssh2 May 22 13:52:01 sip sshd[361773]: Invalid user zhy from 59.152.62.189 port 54956 ... |
2020-05-23 00:09:48 |
| 129.28.163.90 | attackspambots | Invalid user km from 129.28.163.90 port 49444 |
2020-05-23 00:47:01 |
| 37.49.226.245 | attack | MultiHost/MultiPort Probe, Scan, Hack - |
2020-05-23 00:38:37 |
| 195.9.250.138 | attackspam | Helo |
2020-05-23 00:37:36 |
| 182.148.178.236 | attackbots | May 22 16:27:50 xeon sshd[20698]: Failed password for invalid user ulg from 182.148.178.236 port 54714 ssh2 |
2020-05-23 00:34:44 |
| 185.220.101.194 | attackbotsspam | WordPress fake user registration, known IP range |
2020-05-23 00:25:26 |
| 188.169.89.150 | attackspam | Unauthorised access (May 22) SRC=188.169.89.150 LEN=52 TTL=119 ID=3868 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (May 18) SRC=188.169.89.150 LEN=52 TTL=119 ID=10908 DF TCP DPT=445 WINDOW=8192 SYN |
2020-05-23 00:12:21 |
| 97.74.24.136 | attackbotsspam | Automatic report - XMLRPC Attack |
2020-05-23 00:15:51 |
| 185.220.102.6 | attackspambots | /posting.php?mode=post&f=4 |
2020-05-23 00:23:41 |
| 190.196.36.14 | attackbots | 2020-05-22T17:50:24.751559struts4.enskede.local sshd\[5604\]: Invalid user qag from 190.196.36.14 port 50048 2020-05-22T17:50:24.759175struts4.enskede.local sshd\[5604\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.196.36.14 2020-05-22T17:50:28.162627struts4.enskede.local sshd\[5604\]: Failed password for invalid user qag from 190.196.36.14 port 50048 ssh2 2020-05-22T17:57:51.670511struts4.enskede.local sshd\[5614\]: Invalid user bhc from 190.196.36.14 port 60936 2020-05-22T17:57:51.685860struts4.enskede.local sshd\[5614\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.196.36.14 ... |
2020-05-23 00:16:20 |
| 89.163.131.51 | attackspam | (sshd) Failed SSH login from 89.163.131.51 (DE/Germany/srv81052.dus2.fastwebserver.de): 5 in the last 3600 secs |
2020-05-23 00:20:46 |
| 103.85.8.241 | attackspambots | SS5,WP GET /wp-login.php |
2020-05-23 00:37:50 |
| 36.133.121.2 | attack | SSH Bruteforce Attempt (failed auth) |
2020-05-23 00:47:37 |