City: unknown
Region: unknown
Country: United States
Internet Service Provider: RTC Communications LLC
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 205.138.0.0 - 205.140.175.255
CIDR: 205.140.0.0/17, 205.140.160.0/20, 205.140.128.0/19, 205.138.0.0/15
NetName: CENTURYLINK-LEGACY-SAVVIS-BLK182
NetHandle: NET-205-138-0-0-1
Parent: NET205 (NET-205-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: CenturyLink Communications, LLC (CCL-534)
RegDate: 1995-02-15
Updated: 2018-11-15
Ref: https://rdap.arin.net/registry/ip/205.138.0.0
OrgName: CenturyLink Communications, LLC
OrgId: CCL-534
Address: 100 CENTURYLINK DR
City: Monroe
StateProv: LA
PostalCode: 71201
Country: US
RegDate: 2018-07-12
Updated: 2024-06-17
Comment: USAGE OF IP SPACE MUST COMPLY WITH OUR ACCEPTABLE USE POLICY:
Comment: https://www.lumen.com/en-us/about/legal/acceptable-use-policy.html
Comment:
Comment: ADDRESSES COVERED BY THIS ORG-ID ARE NON-PORTABLE ANY ISP ANNOUNCING OR TRANSITING PORTIONS WITHIN OUR RANGES SHOULD NOT RELY ON PRESENTED LOA'S OR OLD WHOIS UNLESS THOSE RANGES ARE ALSO ACTIVELY DIRECTLY ANNOUNCED TO A LUMEN ASN. WITH ALL LOA'S THESE CONDITIONS APPLY:
Comment:
Comment: 1. You are permitted to route the Lumen IP prefixes listed via Public BGP to your alternate ISP from the designated ASN. Any other ASN originating the prefix listed is forbidden.
Comment: 2. The Lumen IP prefixes listed can be routed via Public BGP to your alternate ISP as long as you remain an active customer with Lumen and continue to route the prefixes over at least one Lumen Internet circuit without significant traffic engineering.
Comment: 3. Should your Internet services with Lumen be discontinued, Lumen reserves the right to have your alternate ISP terminate the routing of the Lumen IP prefixes without advanced notification, should you fail to do so.
Comment: 4. All IP Addresses assigned or allocated by Lumen to an end-user (customer or ISP) shall be considered non-portable and will be reclaimed by Lumen upon service termination.
Comment: 5. Lumen reserves the right to conduct audits to ensure the LOA conditions are being met.
Comment: 6. Usage of IP space must comply with our AUP https://www.lumen.com/en-us/about/legal/acceptable-use-policy.html
Comment:
Comment: Our looking glass is located at: https://lookingglass.centurylink.com/
Comment:
Comment: For subpoena or court order please fax 844.254.5800 or refer to our Trust & Safety page:
Comment: https://www.lumen.com/en-us/about/legal/trust-center/trust-and-safety.html
Comment:
Comment: For abuse issues, please email abuse@aup.lumen.com
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email)
Comment: Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/CCL-534
OrgRoutingHandle: RPKIR-ARIN
OrgRoutingName: RPKI-ROA
OrgRoutingPhone: +1-877-886-6515
OrgRoutingEmail: rpki-roa@lumen.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/RPKIR-ARIN
OrgAbuseHandle: CAD54-ARIN
OrgAbuseName: Centurylink Abuse Desk
OrgAbusePhone: +1-877-886-6515
OrgAbuseEmail: abuse@aup.lumen.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/CAD54-ARIN
OrgTechHandle: QIA-ARIN
OrgTechName: Centurylink IP Admin
OrgTechPhone: +1-877-886-6515
OrgTechEmail: ipadmin@centurylink.com
OrgTechRef: https://rdap.arin.net/registry/entity/QIA-ARIN
# end
# start
NetRange: 205.139.120.64 - 205.139.120.71
CIDR: 205.139.120.64/29
NetName: SAVV-S616038-0
NetHandle: NET-205-139-120-64-1
Parent: CENTURYLINK-LEGACY-SAVVIS-BLK182 (NET-205-138-0-0-1)
NetType: Reassigned
OriginAS:
Organization: Chick-fil-A, Inc. (CHICK-29)
RegDate: 2019-03-25
Updated: 2019-03-25
Ref: https://rdap.arin.net/registry/ip/205.139.120.64
OrgName: Chick-fil-A, Inc.
OrgId: CHICK-29
Address: 5200 Buffington Rd
City: Atlanta
StateProv: GA
PostalCode: 30349
Country: US
RegDate: 2019-03-25
Updated: 2019-03-25
Ref: https://rdap.arin.net/registry/entity/CHICK-29
OrgTechHandle: FRANK623-ARIN
OrgTechName: Frank, Matt
OrgTechPhone: +1-404-305-7765
OrgTechEmail: matt.frank@cfacorp.com
OrgTechRef: https://rdap.arin.net/registry/entity/FRANK623-ARIN
OrgAbuseHandle: FRANK623-ARIN
OrgAbuseName: Frank, Matt
OrgAbusePhone: +1-404-305-7765
OrgAbuseEmail: matt.frank@cfacorp.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/FRANK623-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 205.139.120.65
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63497
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;205.139.120.65. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026032300 1800 900 604800 86400
;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 23 19:37:02 CST 2026
;; MSG SIZE rcvd: 107Host 65.120.139.205.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 65.120.139.205.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 218.3.44.195 | attackspam | WordPress XMLRPC scan :: 218.3.44.195 0.048 BYPASS [30/Aug/2019:15:49:03 1000] [censored_4] "POST /xmlrpc.php HTTP/1.1" 200 413 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2019-08-30 14:46:05 |
| 115.84.121.80 | attack | Brute force attempt |
2019-08-30 14:39:08 |
| 49.88.112.78 | attackbots | 2019-08-30T06:17:30.399124Z d18f098b49cc New connection: 49.88.112.78:16212 (172.17.0.2:2222) [session: d18f098b49cc] 2019-08-30T06:34:07.850250Z fef11db2652e New connection: 49.88.112.78:57456 (172.17.0.2:2222) [session: fef11db2652e] |
2019-08-30 14:35:12 |
| 142.4.204.122 | attack | Reported by AbuseIPDB proxy server. |
2019-08-30 14:33:03 |
| 165.227.200.253 | attackspam | 2019-08-30T06:21:32.149039abusebot-6.cloudsearch.cf sshd\[13751\]: Invalid user odroid from 165.227.200.253 port 33336 |
2019-08-30 14:35:57 |
| 185.12.227.227 | attackspam | [portscan] Port scan |
2019-08-30 14:45:05 |
| 162.216.16.234 | attackspam | FW: Kontakt. Nachricht |
2019-08-30 14:48:31 |
| 61.136.81.234 | attackbots | Automatic report - Banned IP Access |
2019-08-30 14:21:59 |
| 117.149.2.142 | attackspam | Automatic report - Banned IP Access |
2019-08-30 14:55:44 |
| 159.203.122.149 | attackbotsspam | Aug 29 20:35:12 php1 sshd\[20422\]: Invalid user mikem from 159.203.122.149 Aug 29 20:35:12 php1 sshd\[20422\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.122.149 Aug 29 20:35:15 php1 sshd\[20422\]: Failed password for invalid user mikem from 159.203.122.149 port 38683 ssh2 Aug 29 20:38:44 php1 sshd\[20715\]: Invalid user serv_pv from 159.203.122.149 Aug 29 20:38:44 php1 sshd\[20715\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.122.149 |
2019-08-30 14:53:12 |
| 14.140.167.238 | attack | Unauthorised access (Aug 30) SRC=14.140.167.238 LEN=52 PREC=0x20 TTL=113 ID=1922 DF TCP DPT=445 WINDOW=8192 SYN |
2019-08-30 15:09:24 |
| 62.234.156.120 | attackspambots | Aug 30 07:44:18 icinga sshd[18484]: Failed password for root from 62.234.156.120 port 56741 ssh2 ... |
2019-08-30 14:23:41 |
| 35.0.127.52 | attackspam | Automated report - ssh fail2ban: Aug 30 07:49:20 wrong password, user=root, port=56094, ssh2 Aug 30 07:49:24 wrong password, user=root, port=56094, ssh2 Aug 30 07:49:28 wrong password, user=root, port=56094, ssh2 Aug 30 07:49:33 wrong password, user=root, port=56094, ssh2 |
2019-08-30 14:24:12 |
| 138.68.212.163 | attackbotsspam | 1567144162 - 08/30/2019 07:49:22 Host: zg-0829b-13.stretchoid.com/138.68.212.163 Port: 5353 UDP Blocked |
2019-08-30 14:30:54 |
| 151.80.144.39 | attackbots | Aug 30 01:04:35 aat-srv002 sshd[1749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.144.39 Aug 30 01:04:37 aat-srv002 sshd[1749]: Failed password for invalid user go from 151.80.144.39 port 49176 ssh2 Aug 30 01:08:20 aat-srv002 sshd[1821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.144.39 Aug 30 01:08:22 aat-srv002 sshd[1821]: Failed password for invalid user yu from 151.80.144.39 port 35808 ssh2 ... |
2019-08-30 14:54:34 |