City: Bellingham
Region: Washington
Country: United States
Internet Service Provider: RTC Communications LLC
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 65.100.0.0 - 65.103.255.255
CIDR: 65.100.0.0/14
NetName: CENTURYLINK-LEGACY-QWEST-INET-115
NetHandle: NET-65-100-0-0-1
Parent: NET65 (NET-65-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: CenturyLink Communications, LLC (CCL-534)
RegDate: 2001-01-03
Updated: 2018-02-21
Ref: https://rdap.arin.net/registry/ip/65.100.0.0
OrgName: CenturyLink Communications, LLC
OrgId: CCL-534
Address: 100 CENTURYLINK DR
City: Monroe
StateProv: LA
PostalCode: 71201
Country: US
RegDate: 2018-07-12
Updated: 2024-06-17
Comment: USAGE OF IP SPACE MUST COMPLY WITH OUR ACCEPTABLE USE POLICY:
Comment: https://www.lumen.com/en-us/about/legal/acceptable-use-policy.html
Comment:
Comment: ADDRESSES COVERED BY THIS ORG-ID ARE NON-PORTABLE ANY ISP ANNOUNCING OR TRANSITING PORTIONS WITHIN OUR RANGES SHOULD NOT RELY ON PRESENTED LOA'S OR OLD WHOIS UNLESS THOSE RANGES ARE ALSO ACTIVELY DIRECTLY ANNOUNCED TO A LUMEN ASN. WITH ALL LOA'S THESE CONDITIONS APPLY:
Comment:
Comment: 1. You are permitted to route the Lumen IP prefixes listed via Public BGP to your alternate ISP from the designated ASN. Any other ASN originating the prefix listed is forbidden.
Comment: 2. The Lumen IP prefixes listed can be routed via Public BGP to your alternate ISP as long as you remain an active customer with Lumen and continue to route the prefixes over at least one Lumen Internet circuit without significant traffic engineering.
Comment: 3. Should your Internet services with Lumen be discontinued, Lumen reserves the right to have your alternate ISP terminate the routing of the Lumen IP prefixes without advanced notification, should you fail to do so.
Comment: 4. All IP Addresses assigned or allocated by Lumen to an end-user (customer or ISP) shall be considered non-portable and will be reclaimed by Lumen upon service termination.
Comment: 5. Lumen reserves the right to conduct audits to ensure the LOA conditions are being met.
Comment: 6. Usage of IP space must comply with our AUP https://www.lumen.com/en-us/about/legal/acceptable-use-policy.html
Comment:
Comment: Our looking glass is located at: https://lookingglass.centurylink.com/
Comment:
Comment: For subpoena or court order please fax 844.254.5800 or refer to our Trust & Safety page:
Comment: https://www.lumen.com/en-us/about/legal/trust-center/trust-and-safety.html
Comment:
Comment: For abuse issues, please email abuse@aup.lumen.com
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email)
Comment: Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/CCL-534
OrgRoutingHandle: RPKIR-ARIN
OrgRoutingName: RPKI-ROA
OrgRoutingPhone: +1-877-886-6515
OrgRoutingEmail: rpki-roa@lumen.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/RPKIR-ARIN
OrgAbuseHandle: CAD54-ARIN
OrgAbuseName: Centurylink Abuse Desk
OrgAbusePhone: +1-877-886-6515
OrgAbuseEmail: abuse@aup.lumen.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/CAD54-ARIN
OrgTechHandle: QIA-ARIN
OrgTechName: Centurylink IP Admin
OrgTechPhone: +1-877-886-6515
OrgTechEmail: ipadmin@centurylink.com
OrgTechRef: https://rdap.arin.net/registry/entity/QIA-ARIN
# end
# start
NetRange: 65.102.164.8 - 65.102.164.15
CIDR: 65.102.164.8/29
NetName: USW-WIREFINGER
NetHandle: NET-65-102-164-8-1
Parent: CENTURYLINK-LEGACY-QWEST-INET-115 (NET-65-100-0-0-1)
NetType: Reassigned
OriginAS:
Organization: Wirefinger Industries (WIREFI-1)
RegDate: 2001-10-06
Updated: 2001-10-06
Ref: https://rdap.arin.net/registry/ip/65.102.164.8
OrgName: Wirefinger Industries
OrgId: WIREFI-1
Address: 1210 E Denny Way
City: Seattle
StateProv: WA
PostalCode: 98122
Country: US
RegDate: 2001-10-06
Updated: 2011-09-24
Ref: https://rdap.arin.net/registry/entity/WIREFI-1
OrgAbuseHandle: IO-ORG-ARIN
OrgAbuseName: Internet Operations U S WEST
OrgAbusePhone: +1-612-672-8537
OrgAbuseEmail: dns-info@uswest.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/IO-ORG-ARIN
OrgTechHandle: IO-ORG-ARIN
OrgTechName: Internet Operations U S WEST
OrgTechPhone: +1-612-672-8537
OrgTechEmail: dns-info@uswest.net
OrgTechRef: https://rdap.arin.net/registry/entity/IO-ORG-ARIN
RTechHandle: IO-ORG-ARIN
RTechName: Internet Operations U S WEST
RTechPhone: +1-612-672-8537
RTechEmail: dns-info@uswest.net
RTechRef: https://rdap.arin.net/registry/entity/IO-ORG-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.102.164.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58263
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;65.102.164.10. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026032601 1800 900 604800 86400
;; Query time: 5 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 27 13:12:01 CST 2026
;; MSG SIZE rcvd: 10610.164.102.65.in-addr.arpa domain name pointer dns2.wirefinger.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
10.164.102.65.in-addr.arpa name = dns2.wirefinger.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 222.186.31.135 | attackspambots | Feb 24 05:38:20 marvibiene sshd[7042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.135 user=root Feb 24 05:38:23 marvibiene sshd[7042]: Failed password for root from 222.186.31.135 port 16424 ssh2 Feb 24 05:38:24 marvibiene sshd[7042]: Failed password for root from 222.186.31.135 port 16424 ssh2 Feb 24 05:38:20 marvibiene sshd[7042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.135 user=root Feb 24 05:38:23 marvibiene sshd[7042]: Failed password for root from 222.186.31.135 port 16424 ssh2 Feb 24 05:38:24 marvibiene sshd[7042]: Failed password for root from 222.186.31.135 port 16424 ssh2 ... |
2020-02-24 13:46:10 |
| 222.186.31.83 | attack | $f2bV_matches |
2020-02-24 13:41:32 |
| 103.48.180.103 | attackbots | Feb 24 05:59:03 debian-2gb-nbg1-2 kernel: \[4779544.795238\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=103.48.180.103 DST=195.201.40.59 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=5856 DF PROTO=TCP SPT=53859 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 |
2020-02-24 13:16:05 |
| 69.10.58.42 | attack | suspicious action Mon, 24 Feb 2020 01:59:20 -0300 |
2020-02-24 13:09:43 |
| 103.139.37.2 | attackbotsspam | DATE:2020-02-24 05:59:12, IP:103.139.37.2, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc) |
2020-02-24 13:13:18 |
| 141.98.10.141 | attackspambots | Feb 24 05:18:21 mail postfix/smtpd\[18461\]: warning: unknown\[141.98.10.141\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Feb 24 05:24:12 mail postfix/smtpd\[18571\]: warning: unknown\[141.98.10.141\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Feb 24 05:30:03 mail postfix/smtpd\[18816\]: warning: unknown\[141.98.10.141\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Feb 24 06:05:05 mail postfix/smtpd\[19378\]: warning: unknown\[141.98.10.141\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ |
2020-02-24 13:06:53 |
| 36.90.122.217 | attackspam | 1582520320 - 02/24/2020 05:58:40 Host: 36.90.122.217/36.90.122.217 Port: 445 TCP Blocked |
2020-02-24 13:27:45 |
| 111.229.246.61 | attack | (sshd) Failed SSH login from 111.229.246.61 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 24 05:48:10 amsweb01 sshd[20047]: Invalid user reizen from 111.229.246.61 port 52968 Feb 24 05:48:13 amsweb01 sshd[20047]: Failed password for invalid user reizen from 111.229.246.61 port 52968 ssh2 Feb 24 05:53:12 amsweb01 sshd[20481]: Invalid user test from 111.229.246.61 port 51032 Feb 24 05:53:13 amsweb01 sshd[20481]: Failed password for invalid user test from 111.229.246.61 port 51032 ssh2 Feb 24 05:58:49 amsweb01 sshd[20910]: Invalid user reizen.goedkoper from 111.229.246.61 port 49144 |
2020-02-24 13:21:27 |
| 77.40.2.12 | attackbotsspam | failed_logins |
2020-02-24 13:15:20 |
| 208.109.54.191 | attack | suspicious action Mon, 24 Feb 2020 01:58:51 -0300 |
2020-02-24 13:22:34 |
| 47.240.68.252 | attackspam | $f2bV_matches |
2020-02-24 13:47:57 |
| 138.197.105.79 | attackbots | SSH attack |
2020-02-24 13:19:48 |
| 51.83.138.87 | attackspambots | Feb 24 10:19:40 gw1 sshd[3054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.138.87 Feb 24 10:19:42 gw1 sshd[3054]: Failed password for invalid user roger from 51.83.138.87 port 40694 ssh2 ... |
2020-02-24 13:34:14 |
| 171.25.193.25 | attackbotsspam | 02/24/2020-05:57:54.407674 171.25.193.25 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 16 |
2020-02-24 13:49:07 |
| 198.199.113.198 | attack | suspicious action Mon, 24 Feb 2020 01:57:59 -0300 |
2020-02-24 13:47:05 |