City: Monte Vista
Region: Colorado
Country: United States
Internet Service Provider: RTC Communications LLC
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 205.168.0.0 - 205.171.255.255
CIDR: 205.168.0.0/14
NetName: CENTURYLINK-LEGACY-QWEST-INET-35
NetHandle: NET-205-168-0-0-1
Parent: NET205 (NET-205-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: CenturyLink Communications, LLC (CCL-534)
RegDate: 1995-03-17
Updated: 2018-02-21
Ref: https://rdap.arin.net/registry/ip/205.168.0.0
OrgName: CenturyLink Communications, LLC
OrgId: CCL-534
Address: 100 CENTURYLINK DR
City: Monroe
StateProv: LA
PostalCode: 71201
Country: US
RegDate: 2018-07-12
Updated: 2026-04-22
Comment: USAGE OF IP SPACE MUST COMPLY WITH OUR ACCEPTABLE USE POLICY:
Comment: https://www.lumen.com/en-us/about/legal/acceptable-use-policy.html
Comment:
Comment: ADDRESSES COVERED BY THIS ORG-ID ARE NON-PORTABLE ANY ISP ANNOUNCING OR TRANSITING PORTIONS WITHIN OUR RANGES SHOULD NOT RELY ON PRESENTED LOA'S OR OLD WHOIS UNLESS THOSE RANGES ARE ALSO ACTIVELY DIRECTLY ANNOUNCED TO A LUMEN ASN. WITH ALL LOA'S THESE CONDITIONS APPLY:
Comment:
Comment: 1. You are permitted to route the Lumen IP prefixes listed via Public BGP to your alternate ISP from the designated ASN. Any other ASN originating the prefix listed is forbidden.
Comment: 2. The Lumen IP prefixes listed can be routed via Public BGP to your alternate ISP as long as you remain an active customer with Lumen and continue to route the prefixes over at least one Lumen Internet circuit without significant traffic engineering.
Comment: 3. Should your Internet services with Lumen be discontinued, Lumen reserves the right to have your alternate ISP terminate the routing of the Lumen IP prefixes without advanced notification, should you fail to do so.
Comment: 4. All IP Addresses assigned or allocated by Lumen to an end-user (customer or ISP) shall be considered non-portable and will be reclaimed by Lumen upon service termination.
Comment: 5. Lumen reserves the right to conduct audits to ensure the LOA conditions are being met.
Comment: 6. Usage of IP space must comply with our AUP https://www.lumen.com/en-us/about/legal/acceptable-use-policy.html
Comment:
Comment: Our looking glass is located at: https://lookingglass.centurylink.com/
Comment:
Comment: For subpoena or court order please fax 844.254.5800 or refer to our Trust & Safety page:
Comment: https://www.lumen.com/en-us/about/legal/trust-center/trust-and-safety.html
Comment:
Comment: For abuse issues, please email abuse@aup.lumen.com
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email)
Comment: Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/CCL-534
OrgRoutingHandle: RPKIR-ARIN
OrgRoutingName: RPKI-ROA
OrgRoutingPhone: +1-877-886-6515
OrgRoutingEmail: rpki-roa@lumen.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/RPKIR-ARIN
OrgAbuseHandle: CAD54-ARIN
OrgAbuseName: Centurylink Abuse Desk
OrgAbusePhone: +1-877-886-6515
OrgAbuseEmail: abuse@aup.lumen.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/CAD54-ARIN
OrgTechHandle: QIA-ARIN
OrgTechName: Centurylink IP Admin
OrgTechPhone: +1-877-886-6515
OrgTechEmail: ipadmin@centurylink.com
OrgTechRef: https://rdap.arin.net/registry/entity/QIA-ARIN
# end
# start
NetRange: 205.169.39.0 - 205.169.39.255
CIDR: 205.169.39.0/24
NetName: LOANED-SPACE-TO-PALO-ALTO
NetHandle: NET-205-169-39-0-1
Parent: CENTURYLINK-LEGACY-QWEST-INET-35 (NET-205-168-0-0-1)
NetType: Reassigned
OriginAS:
Organization: Palo Alto Networks, Inc (PAN-22)
RegDate: 2025-12-01
Updated: 2025-12-01
Ref: https://rdap.arin.net/registry/ip/205.169.39.0
OrgName: Palo Alto Networks, Inc
OrgId: PAN-22
Address: Palo Alto Networks
Address: 3000 Tannery Way
Address: Santa Clara, CA 95054
City: Santa Clara
StateProv: CA
PostalCode: 95054
Country: US
RegDate: 2017-11-22
Updated: 2024-11-25
Ref: https://rdap.arin.net/registry/entity/PAN-22
OrgTechHandle: GNS20-ARIN
OrgTechName: Global Network Services
OrgTechPhone: +1-408-753-4000
OrgTechEmail: gns-prod@paloaltonetworks.com
OrgTechRef: https://rdap.arin.net/registry/entity/GNS20-ARIN
OrgAbuseHandle: IPABU42-ARIN
OrgAbuseName: IP Abuse
OrgAbusePhone: +1-408-753-4000
OrgAbuseEmail: dl-ipabuse@paloaltonetworks.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/IPABU42-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 205.169.39.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44363
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;205.169.39.3. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026062000 1800 900 604800 86400
;; Query time: 9 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 20 22:31:18 CST 2026
;; MSG SIZE rcvd: 105Host 3.39.169.205.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 3.39.169.205.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 201.161.58.200 | attack | 2020-01-01T07:47:11.681839-07:00 suse-nuc sshd[7771]: Invalid user karolien from 201.161.58.200 port 45124 ... |
2020-01-02 03:06:44 |
| 182.61.42.224 | attack | Jan 1 15:24:19 vps46666688 sshd[12357]: Failed password for root from 182.61.42.224 port 59428 ssh2 Jan 1 15:32:33 vps46666688 sshd[12410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.42.224 ... |
2020-01-02 03:21:45 |
| 128.199.233.188 | attackbotsspam | 2020-01-01T14:41:18.955370abusebot-3.cloudsearch.cf sshd[20783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.233.188 user=root 2020-01-01T14:41:21.162453abusebot-3.cloudsearch.cf sshd[20783]: Failed password for root from 128.199.233.188 port 38690 ssh2 2020-01-01T14:44:51.143994abusebot-3.cloudsearch.cf sshd[20995]: Invalid user occ0724 from 128.199.233.188 port 39512 2020-01-01T14:44:51.158202abusebot-3.cloudsearch.cf sshd[20995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.233.188 2020-01-01T14:44:51.143994abusebot-3.cloudsearch.cf sshd[20995]: Invalid user occ0724 from 128.199.233.188 port 39512 2020-01-01T14:44:52.938906abusebot-3.cloudsearch.cf sshd[20995]: Failed password for invalid user occ0724 from 128.199.233.188 port 39512 ssh2 2020-01-01T14:47:42.404465abusebot-3.cloudsearch.cf sshd[21140]: Invalid user admin from 128.199.233.188 port 37296 ... |
2020-01-02 02:49:01 |
| 79.59.247.163 | attack | Dec 31 08:45:21 cumulus sshd[24721]: Invalid user rpc from 79.59.247.163 port 61817 Dec 31 08:45:21 cumulus sshd[24721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.59.247.163 Dec 31 08:45:23 cumulus sshd[24721]: Failed password for invalid user rpc from 79.59.247.163 port 61817 ssh2 Dec 31 08:45:23 cumulus sshd[24721]: Received disconnect from 79.59.247.163 port 61817:11: Bye Bye [preauth] Dec 31 08:45:23 cumulus sshd[24721]: Disconnected from 79.59.247.163 port 61817 [preauth] Dec 31 09:08:27 cumulus sshd[25442]: Invalid user comforts from 79.59.247.163 port 52434 Dec 31 09:08:27 cumulus sshd[25442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.59.247.163 Dec 31 09:08:30 cumulus sshd[25442]: Failed password for invalid user comforts from 79.59.247.163 port 52434 ssh2 Dec 31 09:08:30 cumulus sshd[25442]: Received disconnect from 79.59.247.163 port 52434:11: Bye Bye [preauth] De........ ------------------------------- |
2020-01-02 02:53:41 |
| 173.219.87.131 | attack | Jan 1 17:27:45 srv206 sshd[7926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.219.87.131 user=root Jan 1 17:27:47 srv206 sshd[7926]: Failed password for root from 173.219.87.131 port 42875 ssh2 ... |
2020-01-02 02:57:52 |
| 20.39.232.37 | attackspambots | "Test Inject ma'a=0" |
2020-01-02 03:14:57 |
| 60.191.82.80 | attack | Jan 1 09:11:48 penfold sshd[32447]: Invalid user kuxhausen from 60.191.82.80 port 40644 Jan 1 09:11:48 penfold sshd[32447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.191.82.80 Jan 1 09:11:50 penfold sshd[32447]: Failed password for invalid user kuxhausen from 60.191.82.80 port 40644 ssh2 Jan 1 09:11:50 penfold sshd[32447]: Received disconnect from 60.191.82.80 port 40644:11: Bye Bye [preauth] Jan 1 09:11:50 penfold sshd[32447]: Disconnected from 60.191.82.80 port 40644 [preauth] Jan 1 09:27:38 penfold sshd[601]: Invalid user boogie from 60.191.82.80 port 46786 Jan 1 09:27:38 penfold sshd[601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.191.82.80 Jan 1 09:27:40 penfold sshd[601]: Failed password for invalid user boogie from 60.191.82.80 port 46786 ssh2 Jan 1 09:27:40 penfold sshd[601]: Received disconnect from 60.191.82.80 port 46786:11: Bye Bye [preauth] Jan 1 09........ ------------------------------- |
2020-01-02 03:15:54 |
| 193.31.24.113 | attack | 01/01/2020-20:05:03.000426 193.31.24.113 Protocol: 17 ET INFO Session Traversal Utilities for NAT (STUN Binding Request) |
2020-01-02 03:11:23 |
| 185.126.217.121 | attackspam | Jan 1 18:44:49 MK-Soft-VM7 sshd[20620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.126.217.121 Jan 1 18:44:50 MK-Soft-VM7 sshd[20620]: Failed password for invalid user jama from 185.126.217.121 port 44818 ssh2 ... |
2020-01-02 02:55:57 |
| 106.51.137.113 | attackbotsspam | Jan 1 17:37:27 server sshd\[23984\]: Invalid user nfs from 106.51.137.113 Jan 1 17:37:27 server sshd\[23984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.137.113 Jan 1 17:37:29 server sshd\[23984\]: Failed password for invalid user nfs from 106.51.137.113 port 34554 ssh2 Jan 1 17:47:37 server sshd\[26053\]: Invalid user nfs from 106.51.137.113 Jan 1 17:47:37 server sshd\[26053\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.137.113 ... |
2020-01-02 02:52:28 |
| 222.186.173.142 | attack | Jan 1 20:03:37 icinga sshd[3265]: Failed password for root from 222.186.173.142 port 44688 ssh2 Jan 1 20:03:50 icinga sshd[3265]: error: maximum authentication attempts exceeded for root from 222.186.173.142 port 44688 ssh2 [preauth] ... |
2020-01-02 03:05:11 |
| 206.189.239.103 | attackbots | Jan 1 18:24:22 cavern sshd[10794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.239.103 |
2020-01-02 02:47:35 |
| 95.10.58.97 | attackbots | Automatic report - Port Scan Attack |
2020-01-02 03:18:06 |
| 114.67.70.94 | attack | Jan 1 14:43:33 powerpi2 sshd[21713]: Invalid user sabalini from 114.67.70.94 port 53318 Jan 1 14:43:36 powerpi2 sshd[21713]: Failed password for invalid user sabalini from 114.67.70.94 port 53318 ssh2 Jan 1 14:47:35 powerpi2 sshd[21913]: Invalid user egg from 114.67.70.94 port 45172 ... |
2020-01-02 02:53:09 |
| 151.80.42.234 | attack | Jan 1 19:42:02 haigwepa sshd[19477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.42.234 Jan 1 19:42:03 haigwepa sshd[19477]: Failed password for invalid user smmsp from 151.80.42.234 port 38990 ssh2 ... |
2020-01-02 02:43:27 |