City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 64.139.0.0 - 64.139.63.255
CIDR: 64.139.0.0/18
NetName: MEGAPATH-BLK-7
NetHandle: NET-64-139-0-0-1
Parent: NET64 (NET-64-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: GTT Americas, LLC (GAL-104)
RegDate: 2000-08-03
Updated: 2025-05-07
Ref: https://rdap.arin.net/registry/ip/64.139.0.0
OrgName: GTT Americas, LLC
OrgId: GAL-104
Address: 4201 Wilson Blvd -Suite 504
City: Arlington
StateProv: VA
PostalCode: 22203
Country: US
RegDate: 2025-02-11
Updated: 2025-07-08
Ref: https://rdap.arin.net/registry/entity/GAL-104
OrgTechHandle: AS3251-ARIN
OrgTechName: AS3257 Netguard
OrgTechPhone: +49 69 48007422
OrgTechEmail: netguard@gtt.net
OrgTechRef: https://rdap.arin.net/registry/entity/AS3251-ARIN
OrgTechHandle: GLD5-ARIN
OrgTechName: GTT Legal Departement
OrgTechPhone: +359886606
OrgTechEmail: alexander.mutafchiyski@gtt.net
OrgTechRef: https://rdap.arin.net/registry/entity/GLD5-ARIN
OrgTechHandle: GIT5-ARIN
OrgTechName: GTT IPAM Team
OrgTechPhone: +1-703-442-5500
OrgTechEmail: netguard@gtt.net
OrgTechRef: https://rdap.arin.net/registry/entity/GIT5-ARIN
OrgAbuseHandle: GAD46-ARIN
OrgAbuseName: GTT Abuse Department
OrgAbusePhone: +1-703-442-5500
OrgAbuseEmail: abuse@gtt.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/GAD46-ARIN
OrgNOCHandle: GNOC16-ARIN
OrgNOCName: GTT Network Operations Center
OrgNOCPhone: +1-703-442-5500
OrgNOCEmail: noc@gtt.net
OrgNOCRef: https://rdap.arin.net/registry/entity/GNOC16-ARIN
# end
# start
NetRange: 64.139.13.0 - 64.139.13.255
CIDR: 64.139.13.0/24
NetName: GTT-ARISK-NET
NetHandle: NET-64-139-13-0-1
Parent: MEGAPATH-BLK-7 (NET-64-139-0-0-1)
NetType: Reallocated
OriginAS:
Organization: Arisk Communications inc. (AC-5396)
RegDate: 2025-10-27
Updated: 2025-10-27
Ref: https://rdap.arin.net/registry/ip/64.139.13.0
OrgName: Arisk Communications inc.
OrgId: AC-5396
Address: 350 NORTHERN BLVD STE 324 -1331 ALBANY NY 12204-1000
City: ALBANY
StateProv: NY
PostalCode: 12204
Country: US
RegDate: 2024-06-28
Updated: 2024-07-03
Ref: https://rdap.arin.net/registry/entity/AC-5396
ReferralServer: rwhois://rwhois.ariskisp.com:4321
OrgTechHandle: WILSO1903-ARIN
OrgTechName: Wilson
OrgTechPhone: +1-518-512-9230
OrgTechEmail: support@ariskisp.com
OrgTechRef: https://rdap.arin.net/registry/entity/WILSO1903-ARIN
OrgAbuseHandle: WILSO1903-ARIN
OrgAbuseName: Wilson
OrgAbusePhone: +1-518-512-9230
OrgAbuseEmail: support@ariskisp.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/WILSO1903-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to rwhois.ariskisp.com:4321.; <<>> DiG 9.10.3-P4-Ubuntu <<>> 64.139.13.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52991
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;64.139.13.126. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025110901 1800 900 604800 86400
;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 10 09:14:44 CST 2025
;; MSG SIZE rcvd: 106126.13.139.64.in-addr.arpa domain name pointer ip-64-139-13-126.dsl.sca.megapath.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
126.13.139.64.in-addr.arpa name = ip-64-139-13-126.dsl.sca.megapath.net.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 54.39.168.54 | attack | (sshd) Failed SSH login from 54.39.168.54 (CA/Canada/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 5 06:30:29 server sshd[2184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.168.54 user=root Oct 5 06:30:31 server sshd[2184]: Failed password for root from 54.39.168.54 port 39064 ssh2 Oct 5 06:38:01 server sshd[4083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.168.54 user=root Oct 5 06:38:03 server sshd[4083]: Failed password for root from 54.39.168.54 port 60870 ssh2 Oct 5 06:41:30 server sshd[5000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.168.54 user=root |
2020-10-06 07:48:00 |
| 189.56.198.214 | attackspam | Attempted Brute Force (dovecot) |
2020-10-06 08:11:15 |
| 62.212.235.246 | attack | Automatic report - Port Scan Attack |
2020-10-06 07:51:23 |
| 179.113.50.141 | attack | Bruteforce detected by fail2ban |
2020-10-06 07:52:55 |
| 103.223.9.109 | attack | Threat Management Alert 2: Attempted Information Leak. Signature ET EXPLOIT Netgear DGN Remote Command Execution. From: 103.223.9.109:10961, to: 192.168.31.48:80, protocol: TCP |
2020-10-06 08:08:00 |
| 157.92.49.151 | attackbots | Oct 5 23:57:24 db sshd[26802]: User root from 157.92.49.151 not allowed because none of user's groups are listed in AllowGroups ... |
2020-10-06 07:46:37 |
| 177.126.130.112 | attackspam | Oct 5 20:39:20 vpn01 sshd[7840]: Failed password for root from 177.126.130.112 port 59372 ssh2 ... |
2020-10-06 08:10:47 |
| 202.29.51.28 | attackbots | 2020-10-05T19:06:46.763340morrigan.ad5gb.com sshd[1595700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.51.28 user=root 2020-10-05T19:06:48.516931morrigan.ad5gb.com sshd[1595700]: Failed password for root from 202.29.51.28 port 57161 ssh2 |
2020-10-06 08:18:03 |
| 114.119.145.237 | attackspam | $f2bV_matches |
2020-10-06 07:57:38 |
| 51.15.17.226 | attackspam | Oct 5 22:18:20 roki sshd[31959]: refused connect from 51.15.17.226 (51.15.17.226) Oct 5 22:19:27 roki sshd[32036]: refused connect from 51.15.17.226 (51.15.17.226) Oct 5 22:20:06 roki sshd[32101]: refused connect from 51.15.17.226 (51.15.17.226) Oct 5 22:20:45 roki sshd[32159]: refused connect from 51.15.17.226 (51.15.17.226) Oct 5 22:21:26 roki sshd[32204]: refused connect from 51.15.17.226 (51.15.17.226) ... |
2020-10-06 08:19:59 |
| 212.83.181.11 | attackbots | Port scan denied |
2020-10-06 07:55:44 |
| 146.0.41.70 | attackbotsspam | Oct 6 00:22:14 ovpn sshd\[4938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.0.41.70 user=root Oct 6 00:22:16 ovpn sshd\[4938\]: Failed password for root from 146.0.41.70 port 46266 ssh2 Oct 6 00:34:29 ovpn sshd\[7996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.0.41.70 user=root Oct 6 00:34:31 ovpn sshd\[7996\]: Failed password for root from 146.0.41.70 port 56020 ssh2 Oct 6 00:37:58 ovpn sshd\[8886\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.0.41.70 user=root |
2020-10-06 07:56:15 |
| 179.43.149.143 | attack | Oct 5 22:24:26 vmd26974 sshd[835]: Failed password for root from 179.43.149.143 port 47682 ssh2 ... |
2020-10-06 08:19:18 |
| 104.248.119.129 | attackspambots | Oct 6 01:44:05 ip106 sshd[26162]: Failed password for root from 104.248.119.129 port 60850 ssh2 ... |
2020-10-06 08:08:43 |
| 119.45.199.253 | attackspam | Oct 5 19:38:04 vps46666688 sshd[24521]: Failed password for root from 119.45.199.253 port 58282 ssh2 ... |
2020-10-06 08:07:04 |