City: unknown
Region: unknown
Country: United States
Internet Service Provider: RTC Communications LLC
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 208.132.128.0 - 208.138.15.255
CIDR: 208.138.0.0/20, 208.136.0.0/15, 208.134.0.0/15, 208.133.0.0/16, 208.132.128.0/17
NetName: CENTURYLINK-LEGACY-SAVVIS-BLK93
NetHandle: NET-208-132-128-0-1
Parent: NET208 (NET-208-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: CenturyLink Communications, LLC (CCL-534)
RegDate: 1996-03-27
Updated: 2018-11-15
Ref: https://rdap.arin.net/registry/ip/208.132.128.0
OrgName: CenturyLink Communications, LLC
OrgId: CCL-534
Address: 100 CENTURYLINK DR
City: Monroe
StateProv: LA
PostalCode: 71201
Country: US
RegDate: 2018-07-12
Updated: 2024-06-17
Comment: USAGE OF IP SPACE MUST COMPLY WITH OUR ACCEPTABLE USE POLICY:
Comment: https://www.lumen.com/en-us/about/legal/acceptable-use-policy.html
Comment:
Comment: ADDRESSES COVERED BY THIS ORG-ID ARE NON-PORTABLE ANY ISP ANNOUNCING OR TRANSITING PORTIONS WITHIN OUR RANGES SHOULD NOT RELY ON PRESENTED LOA'S OR OLD WHOIS UNLESS THOSE RANGES ARE ALSO ACTIVELY DIRECTLY ANNOUNCED TO A LUMEN ASN. WITH ALL LOA'S THESE CONDITIONS APPLY:
Comment:
Comment: 1. You are permitted to route the Lumen IP prefixes listed via Public BGP to your alternate ISP from the designated ASN. Any other ASN originating the prefix listed is forbidden.
Comment: 2. The Lumen IP prefixes listed can be routed via Public BGP to your alternate ISP as long as you remain an active customer with Lumen and continue to route the prefixes over at least one Lumen Internet circuit without significant traffic engineering.
Comment: 3. Should your Internet services with Lumen be discontinued, Lumen reserves the right to have your alternate ISP terminate the routing of the Lumen IP prefixes without advanced notification, should you fail to do so.
Comment: 4. All IP Addresses assigned or allocated by Lumen to an end-user (customer or ISP) shall be considered non-portable and will be reclaimed by Lumen upon service termination.
Comment: 5. Lumen reserves the right to conduct audits to ensure the LOA conditions are being met.
Comment: 6. Usage of IP space must comply with our AUP https://www.lumen.com/en-us/about/legal/acceptable-use-policy.html
Comment:
Comment: Our looking glass is located at: https://lookingglass.centurylink.com/
Comment:
Comment: For subpoena or court order please fax 844.254.5800 or refer to our Trust & Safety page:
Comment: https://www.lumen.com/en-us/about/legal/trust-center/trust-and-safety.html
Comment:
Comment: For abuse issues, please email abuse@aup.lumen.com
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email)
Comment: Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/CCL-534
OrgRoutingHandle: RPKIR-ARIN
OrgRoutingName: RPKI-ROA
OrgRoutingPhone: +1-877-886-6515
OrgRoutingEmail: rpki-roa@lumen.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/RPKIR-ARIN
OrgTechHandle: QIA-ARIN
OrgTechName: Centurylink IP Admin
OrgTechPhone: +1-877-886-6515
OrgTechEmail: ipadmin@centurylink.com
OrgTechRef: https://rdap.arin.net/registry/entity/QIA-ARIN
OrgAbuseHandle: CAD54-ARIN
OrgAbuseName: Centurylink Abuse Desk
OrgAbusePhone: +1-877-886-6515
OrgAbuseEmail: abuse@aup.lumen.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/CAD54-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 208.137.20.190
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42158
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;208.137.20.190. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025111000 1800 900 604800 86400
;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 10 23:57:46 CST 2025
;; MSG SIZE rcvd: 107Host 190.20.137.208.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 190.20.137.208.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 204.48.21.47 | attackspambots | WordPress login Brute force / Web App Attack on client site. |
2019-11-22 03:41:07 |
| 217.182.74.125 | attack | Nov 21 08:28:38 tdfoods sshd\[21906\]: Invalid user julia2695 from 217.182.74.125 Nov 21 08:28:38 tdfoods sshd\[21906\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.ip-217-182-74.eu Nov 21 08:28:40 tdfoods sshd\[21906\]: Failed password for invalid user julia2695 from 217.182.74.125 port 33726 ssh2 Nov 21 08:32:24 tdfoods sshd\[22170\]: Invalid user test from 217.182.74.125 Nov 21 08:32:24 tdfoods sshd\[22170\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.ip-217-182-74.eu |
2019-11-22 03:34:33 |
| 88.10.1.12 | attackspam | Attempt to attack host OS, exploiting network vulnerabilities, on 21-11-2019 14:50:33. |
2019-11-22 03:19:58 |
| 118.193.31.180 | attack | MultiHost/MultiPort Probe, Scan, Hack - |
2019-11-22 03:01:14 |
| 185.143.223.184 | attack | 185.143.223.184 was recorded 12 times by 3 hosts attempting to connect to the following ports: 38396,38176,38357,38373,38790,38655,38613,38507,38415,38372,38594. Incident counter (4h, 24h, all-time): 12, 71, 198 |
2019-11-22 03:11:53 |
| 183.167.196.65 | attackspam | Nov 21 16:53:53 vps666546 sshd\[11788\]: Invalid user deeney from 183.167.196.65 port 48552 Nov 21 16:53:53 vps666546 sshd\[11788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.167.196.65 Nov 21 16:53:55 vps666546 sshd\[11788\]: Failed password for invalid user deeney from 183.167.196.65 port 48552 ssh2 Nov 21 16:58:45 vps666546 sshd\[12016\]: Invalid user server from 183.167.196.65 port 54620 Nov 21 16:58:45 vps666546 sshd\[12016\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.167.196.65 ... |
2019-11-22 03:38:15 |
| 128.74.110.21 | attack | Attempt to attack host OS, exploiting network vulnerabilities, on 21-11-2019 14:50:25. |
2019-11-22 03:33:06 |
| 177.132.62.77 | attack | Attempt to attack host OS, exploiting network vulnerabilities, on 21-11-2019 14:50:26. |
2019-11-22 03:31:12 |
| 85.25.246.122 | attack | Invalid user Njoseg from 85.25.246.122 port 30472 |
2019-11-22 03:12:57 |
| 129.226.188.41 | attack | Lines containing failures of 129.226.188.41 Nov 20 19:40:54 shared12 sshd[14274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.188.41 user=games Nov 20 19:40:56 shared12 sshd[14274]: Failed password for games from 129.226.188.41 port 41330 ssh2 Nov 20 19:40:56 shared12 sshd[14274]: Received disconnect from 129.226.188.41 port 41330:11: Bye Bye [preauth] Nov 20 19:40:56 shared12 sshd[14274]: Disconnected from authenticating user games 129.226.188.41 port 41330 [preauth] Nov 20 19:59:34 shared12 sshd[19594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.188.41 user=r.r Nov 20 19:59:37 shared12 sshd[19594]: Failed password for r.r from 129.226.188.41 port 43976 ssh2 Nov 20 19:59:38 shared12 sshd[19594]: Received disconnect from 129.226.188.41 port 43976:11: Bye Bye [preauth] Nov 20 19:59:38 shared12 sshd[19594]: Disconnected from authenticating user r.r 129.226.188.41 port........ ------------------------------ |
2019-11-22 03:15:54 |
| 62.80.177.69 | attackbotsspam | Attempt to attack host OS, exploiting network vulnerabilities, on 21-11-2019 14:50:33. |
2019-11-22 03:20:12 |
| 219.142.140.2 | attackspambots | Nov 21 19:29:22 * sshd[9844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.142.140.2 Nov 21 19:29:24 * sshd[9844]: Failed password for invalid user Piritta from 219.142.140.2 port 55378 ssh2 |
2019-11-22 03:13:09 |
| 185.234.217.182 | attack | MultiHost/MultiPort Probe, Scan, Hack - |
2019-11-22 03:35:05 |
| 89.35.39.60 | attackspam | AbusiveCrawling |
2019-11-22 03:06:08 |
| 193.32.163.44 | attack | 2019-11-21T19:26:32.952666+01:00 lumpi kernel: [4183158.928078] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=193.32.163.44 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=44344 PROTO=TCP SPT=56073 DPT=3392 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-11-22 03:37:33 |