Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: San Jose

Region: California

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
Make a comment on this IP
No discussion about this IP yet. Click above link to make one.
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#


NetRange:       2602:FEDA:: - 2602:FEDA:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
CIDR:           2602:FEDA::/32
NetName:        NATOLAB-NET6
NetHandle:      NET6-2602-FEDA-1
Parent:         NET6-2600 (NET6-2600-1)
NetType:        Direct Allocation
OriginAS:       
Organization:   Black Mesa Corporation (NRL-25)
RegDate:        2017-06-09
Updated:        2021-09-07
Ref:            https://rdap.arin.net/registry/ip/2602:FEDA::


OrgName:        Black Mesa Corporation
OrgId:          NRL-25
Address:        720 University Ave
Address:        PO Box 35765
City:           Syracuse
StateProv:      NY
PostalCode:     13235
Country:        US
RegDate:        2017-04-24
Updated:        2024-11-04
Comment:        ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comment:        + Black Mesa Corporation
Comment:        + 
Comment:        + Black Mesa Corporation, a.k.a. Nato Internet Service is a
Comment:        + non-profit project for learning, education and research.
Comment:        +
Comment:        + Our goal is to support the ever-growing internet community
Comment:        + that wants to experiment and gain hands-on experience with
Comment:        + the real world BGP.
Comment:        +
Comment:        + Network Information:
Comment:        + https://internet.nat.moe
Comment:        ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Ref:            https://rdap.arin.net/registry/entity/NRL-25

ReferralServer:  rwhois://whois.nat.moe:43

OrgTechHandle: NLN2-ARIN
OrgTechName:   Nato Laboratory Networking
OrgTechPhone:  +1-315-744-5708 
OrgTechEmail:  noc@nat.moe
OrgTechRef:    https://rdap.arin.net/registry/entity/NLN2-ARIN

OrgAbuseHandle: NLN2-ARIN
OrgAbuseName:   Nato Laboratory Networking
OrgAbusePhone:  +1-315-744-5708 
OrgAbuseEmail:  noc@nat.moe
OrgAbuseRef:    https://rdap.arin.net/registry/entity/NLN2-ARIN

OrgTechHandle: LEETO56-ARIN
OrgTechName:   Lee, Tony 
OrgTechPhone:  +1-971-482-5107 
OrgTechEmail:  tony@apernet.io
OrgTechRef:    https://rdap.arin.net/registry/entity/LEETO56-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#



Found a referral to whois.nat.moe:43.

% [whois.nat.moe]
% This is the NIS Database query service.
% The objects are in RPSL format.

inet6num:   2602:feda::/32
netname:    NIS-FEDA
descr:      Nato Internet Service
remarks:    -------------------------------------------------------------------
remarks:    IP addresses from this network are further allocated or assigned
remarks:    to customers.
remarks:    
remarks:    To report abuse, you may contact abuse@nat.moe directly, but you
remarks:    are encouraged to contact the "OrgAbuseEmail" listed in ARIN whois
remarks:    first.
remarks:    
remarks:    Report invalid contact to noc@nat.moe.
remarks:    -------------------------------------------------------------------
country:    US
admin-c:    MM-0
tech-c:     FPT-0
status:     ALLOCATED
mnt-by:     MNT-NIS
changed:    nat@nat.moe 20180101
source:     NIS

person:     Maho Morichika
nic-hdl:    MM-0
address:    PO Box 35765
address:    720 University Ave, Syracuse, NY, 13210
address:    US
phone:      +1 (315) 744-5708
e-mail:     nat@nat.moe
mnt-by:     MNT-NIS
changed:    nat@nat.moe 20170901
source:     NIS

role:       FEDA Project Team
nic-hdl:    FPT-0
address:    PO Box 35765
address:    720 University Ave, Syracuse, NY, 13210
address:    US
phone:      +1 (315) 744-5708
e-mail:     support@apernet.io
mnt-by:     MNT-NIS
changed:    nat@nat.moe 20170901
source:     NIS

% Query done in 0.000288 second(s), result size 1269 byte(s).
% The current server time is 06/20/26 13:14:29 (UTC).
% This query was served by the NIS whoisd (irrd 3.0.9rc2).
Dig info:
b'
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> 2602:feda:30:ae86:2f4:18ff:fe31:31a1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 37527
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;2602:feda:30:ae86:2f4:18ff:fe31:31a1. IN A

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Jun 20 21:20:18 CST 2026
;; MSG SIZE  rcvd: 65

'
Host info
Host 1.a.1.3.1.3.e.f.f.f.8.1.4.f.2.0.6.8.e.a.0.3.0.0.a.d.e.f.2.0.6.2.ip6.arpa not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.a.1.3.1.3.e.f.f.f.8.1.4.f.2.0.6.8.e.a.0.3.0.0.a.d.e.f.2.0.6.2.ip6.arpa: NXDOMAIN
Related comments:
IP Type Details Datetime
159.89.53.183 attackbots 
Oct  6 08:38:06 serwer sshd\[12660\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.53.183  user=root
Oct  6 08:38:08 serwer sshd\[12660\]: Failed password for root from 159.89.53.183 port 36884 ssh2
Oct  6 08:43:28 serwer sshd\[13418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.53.183  user=root
...
 2020-10-06 15:10:44
186.170.28.46 attack 
Oct  6 08:03:05 sshgateway sshd\[26308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.170.28.46  user=root
Oct  6 08:03:07 sshgateway sshd\[26308\]: Failed password for root from 186.170.28.46 port 40687 ssh2
Oct  6 08:12:25 sshgateway sshd\[26402\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.170.28.46  user=root
 2020-10-06 14:42:11
74.120.14.67 attack 
Port scan: Attack repeated for 24 hours
 2020-10-06 14:38:22
140.143.24.46 attack 
SSH login attempts.
 2020-10-06 14:56:07
108.188.199.237 attackspambots 
Automatic report - Banned IP Access
 2020-10-06 14:37:20
27.157.90.107 attackspam 
Oct  5 23:08:22 srv01 postfix/smtpd\[12943\]: warning: unknown\[27.157.90.107\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct  5 23:22:06 srv01 postfix/smtpd\[31850\]: warning: unknown\[27.157.90.107\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct  5 23:22:18 srv01 postfix/smtpd\[31850\]: warning: unknown\[27.157.90.107\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct  5 23:22:34 srv01 postfix/smtpd\[31850\]: warning: unknown\[27.157.90.107\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct  5 23:22:52 srv01 postfix/smtpd\[31850\]: warning: unknown\[27.157.90.107\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
...
 2020-10-06 15:00:31
49.233.130.95 attack 
Oct  6 05:51:19 localhost sshd\[15235\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.130.95  user=root
Oct  6 05:51:21 localhost sshd\[15235\]: Failed password for root from 49.233.130.95 port 32920 ssh2
Oct  6 05:54:37 localhost sshd\[15299\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.130.95  user=root
Oct  6 05:54:39 localhost sshd\[15299\]: Failed password for root from 49.233.130.95 port 50012 ssh2
Oct  6 05:57:44 localhost sshd\[15539\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.130.95  user=root
...
 2020-10-06 14:29:51
112.238.172.163 attackbots 
IP 112.238.172.163 attacked honeypot on port: 2323 at 10/5/2020 1:41:04 PM
 2020-10-06 15:07:49
162.142.125.22 attack 
 TCP (SYN) 162.142.125.22:52573 -> port 11211, len 44
 2020-10-06 14:40:16
51.178.83.124 attackspam 
Invalid user solaris from 51.178.83.124 port 47298
 2020-10-06 14:41:48
109.72.192.78 attackspambots 
Attempted Brute Force (dovecot)
 2020-10-06 14:47:14
139.5.253.131 attackbots 
Port Scan: TCP/443
 2020-10-06 14:29:08
146.56.220.95 attack 
Oct  5 15:30:25 our-server-hostname sshd[18496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.56.220.95  user=r.r
Oct  5 15:30:27 our-server-hostname sshd[18496]: Failed password for r.r from 146.56.220.95 port 60900 ssh2
Oct  5 15:34:08 our-server-hostname sshd[18946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.56.220.95  user=r.r
Oct  5 15:34:10 our-server-hostname sshd[18946]: Failed password for r.r from 146.56.220.95 port 41716 ssh2
Oct  5 15:40:04 our-server-hostname sshd[19776]: Did not receive identification string from 146.56.220.95
Oct  5 15:43:02 our-server-hostname sshd[19989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.56.220.95  user=r.r
Oct  5 15:43:04 our-server-hostname sshd[19989]: Failed password for r.r from 146.56.220.95 port 40988 ssh2
Oct  5 15:45:47 our-server-hostname sshd[20265]: pam_unix(sshd:auth): a........
-------------------------------
 2020-10-06 14:58:07
166.175.61.228 attackspambots 
Brute forcing email accounts
 2020-10-06 15:08:57
35.229.26.153 attackbots 
[f2b] sshd bruteforce, retries: 1
 2020-10-06 14:44:10

Recently Reported IPs

2606:4700:10::6816:1452 204.76.203.36 110.77.187.157 20.221.66.142
110.78.138.223 217.60.195.184 2606:4700:10::6814:7669 202.160.86.0
92.112.253.97 146.148.5.239 2606:4700:10::6814:8618 4.145.79.81
4.145.79.82 192.168.42.1 192.168.1.42 34.118.92.152
205.169.39.3 120.229.98.153 2606:4700:10::6814:5528 47.89.13.120