City: Havana
Region: La Habana
Country: Cuba
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 152.206.0.0 - 152.206.255.255
CIDR: 152.206.0.0/16
NetName: LACNIC-ERX-152-206-0-0
NetHandle: NET-152-206-0-0-1
Parent: NET152 (NET-152-0-0-0-0)
NetType: Transferred to LACNIC
OriginAS:
Organization: Latin American and Caribbean IP address Regional Registry (LACNIC)
RegDate: 2010-11-03
Updated: 2010-11-17
Comment: This IP address range is under LACNIC responsibility
Comment: for further allocations to users in LACNIC region.
Comment: Please see http://www.lacnic.net/ for further details,
Comment: or check the WHOIS server located at http://whois.lacnic.net
Ref: https://rdap.arin.net/registry/ip/152.206.0.0
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
ResourceLink: whois.lacnic.net
OrgName: Latin American and Caribbean IP address Regional Registry
OrgId: LACNIC
Address: Rambla Republica de Mexico 6125
City: Montevideo
StateProv:
PostalCode: 11400
Country: UY
RegDate: 2002-07-27
Updated: 2018-03-15
Ref: https://rdap.arin.net/registry/entity/LACNIC
ReferralServer: whois://whois.lacnic.net
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
OrgTechHandle: LACNIC-ARIN
OrgTechName: LACNIC Whois Info
OrgTechPhone: +598-2604-2222
OrgTechEmail: whois-contact@lacnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/LACNIC-ARIN
OrgAbuseHandle: LWI100-ARIN
OrgAbuseName: LACNIC Whois Info
OrgAbusePhone: +598-2604-2222
OrgAbuseEmail: abuse@lacnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/LWI100-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.lacnic.net.
% IP Client: 124.223.158.242
% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries
% LACNIC resource: whois.lacnic.net
% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2026-04-16 18:00:03 (-03 -03:00)
inetnum: 152.206.0.0/15
status: allocated
aut-num: AS27725
owner: Empresa de Telecomunicaciones de Cuba, S.A.
ownerid: CU-ETCS-LACNIC
responsible: Daniel Ramos Fernandez
address: 3ra Ave Edificio Beigin, Oficina 507, Miramar Trade Center, entre 76 y 78 Reparto Miramar, Playa., 507, -
address: 10100 - La Habana - CU
country: CU
phone: +53 52883033 [0000]
owner-c: DRF13
tech-c: SYA8
abuse-c: DRF13
inetrev: 152.207.0.0/16
nserver: NS3.ETECSA.NET
nsstat: 20260413 AA
nslastaa: 20260413
nserver: NS4.ETECSA.NET
nsstat: 20260413 AA
nslastaa: 20260413
nserver: NS5.ETECSA.NET
nsstat: 20260413 AA
nslastaa: 20260413
inetrev: 152.206.0.0/16
nserver: NS3.ETECSA.NET
nsstat: 20260409 AA
nslastaa: 20260409
nserver: NS4.ETECSA.NET
nsstat: 20260409 AA
nslastaa: 20260409
nserver: NS5.ETECSA.NET
nsstat: 20260409 AA
nslastaa: 20260409
created: 20140604
changed: 20170510
nic-hdl: DRF13
person: Daniel Ramos Fernández
e-mail: daniel.ramos@etecsa.cu
address: Santiago, 2310, -
address: - - La Habana -
country: CU
phone: +53 52883033 [0000]
created: 20170427
changed: 20240220; <<>> DiG 9.10.3-P4-Ubuntu <<>> 152.206.119.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57447
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;152.206.119.39. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026041602 1800 900 604800 86400
;; Query time: 6 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 17 05:00:04 CST 2026
;; MSG SIZE rcvd: 10739.119.206.152.in-addr.arpa domain name pointer srv39119-206152.vps.etecsa.cu.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
39.119.206.152.in-addr.arpa name = srv39119-206152.vps.etecsa.cu.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 192.241.234.246 | attackbots | Port scan: Attack repeated for 24 hours |
2020-08-01 14:49:59 |
| 14.29.89.15 | attackspambots | Aug 1 08:21:29 marvibiene sshd[7096]: Failed password for root from 14.29.89.15 port 33314 ssh2 Aug 1 08:26:45 marvibiene sshd[7642]: Failed password for root from 14.29.89.15 port 33624 ssh2 |
2020-08-01 15:09:47 |
| 222.186.190.14 | attackbotsspam | Aug 1 08:59:54 piServer sshd[7221]: Failed password for root from 222.186.190.14 port 49366 ssh2 Aug 1 08:59:57 piServer sshd[7221]: Failed password for root from 222.186.190.14 port 49366 ssh2 Aug 1 09:00:01 piServer sshd[7221]: Failed password for root from 222.186.190.14 port 49366 ssh2 ... |
2020-08-01 15:10:58 |
| 200.193.220.6 | attackbots | Aug 01 01:30:31 askasleikir sshd[13520]: Failed password for root from 200.193.220.6 port 42574 ssh2 Aug 01 01:41:59 askasleikir sshd[13549]: Failed password for root from 200.193.220.6 port 49896 ssh2 Aug 01 01:36:48 askasleikir sshd[13535]: Failed password for root from 200.193.220.6 port 37974 ssh2 |
2020-08-01 15:03:31 |
| 221.209.17.222 | attackbots | Aug 1 06:31:38 eventyay sshd[3858]: Failed password for root from 221.209.17.222 port 16357 ssh2 Aug 1 06:36:27 eventyay sshd[4064]: Failed password for root from 221.209.17.222 port 47618 ssh2 ... |
2020-08-01 15:00:43 |
| 222.186.42.155 | attack | 2020-08-01T07:21:12.427827shield sshd\[26589\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root 2020-08-01T07:21:14.054239shield sshd\[26589\]: Failed password for root from 222.186.42.155 port 11584 ssh2 2020-08-01T07:21:20.830777shield sshd\[26589\]: Failed password for root from 222.186.42.155 port 11584 ssh2 2020-08-01T07:21:23.466126shield sshd\[26589\]: Failed password for root from 222.186.42.155 port 11584 ssh2 2020-08-01T07:21:38.738555shield sshd\[26723\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root |
2020-08-01 15:23:44 |
| 175.139.1.34 | attack | 2020-07-31T07:49:27.604864hostname sshd[30857]: Failed password for root from 175.139.1.34 port 45078 ssh2 ... |
2020-08-01 15:28:31 |
| 37.49.224.156 | attackbotsspam | SSH Brute Force |
2020-08-01 15:15:08 |
| 218.92.0.221 | attackspambots | 2020-08-01T10:17:53.396578lavrinenko.info sshd[16438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.221 user=root 2020-08-01T10:17:55.369162lavrinenko.info sshd[16438]: Failed password for root from 218.92.0.221 port 40552 ssh2 2020-08-01T10:17:53.396578lavrinenko.info sshd[16438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.221 user=root 2020-08-01T10:17:55.369162lavrinenko.info sshd[16438]: Failed password for root from 218.92.0.221 port 40552 ssh2 2020-08-01T10:17:57.189793lavrinenko.info sshd[16438]: Failed password for root from 218.92.0.221 port 40552 ssh2 ... |
2020-08-01 15:25:22 |
| 222.186.15.246 | attack | Aug 1 09:19:05 vps sshd[957728]: Failed password for root from 222.186.15.246 port 18692 ssh2 Aug 1 09:19:08 vps sshd[957728]: Failed password for root from 222.186.15.246 port 18692 ssh2 Aug 1 09:19:10 vps sshd[957728]: Failed password for root from 222.186.15.246 port 18692 ssh2 Aug 1 09:19:52 vps sshd[960326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.246 user=root Aug 1 09:19:54 vps sshd[960326]: Failed password for root from 222.186.15.246 port 53969 ssh2 ... |
2020-08-01 15:21:31 |
| 68.41.142.120 | attackbots | Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-01T03:46:12Z and 2020-08-01T03:54:20Z |
2020-08-01 14:59:05 |
| 112.85.42.189 | attackbotsspam | 2020-08-01T03:15:38.650782uwu-server sshd[833292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.189 user=root 2020-08-01T03:15:40.758004uwu-server sshd[833292]: Failed password for root from 112.85.42.189 port 52231 ssh2 2020-08-01T03:15:38.650782uwu-server sshd[833292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.189 user=root 2020-08-01T03:15:40.758004uwu-server sshd[833292]: Failed password for root from 112.85.42.189 port 52231 ssh2 2020-08-01T03:15:44.243013uwu-server sshd[833292]: Failed password for root from 112.85.42.189 port 52231 ssh2 ... |
2020-08-01 15:21:11 |
| 31.207.36.51 | attackbots | Attempt to hack Wordpress Login, XMLRPC or other login |
2020-08-01 15:11:59 |
| 124.158.164.146 | attackspam | Invalid user guolijun from 124.158.164.146 port 60634 |
2020-08-01 14:48:49 |
| 208.100.26.241 | attackspambots | Aug 1 08:55:51 debian-2gb-nbg1-2 kernel: \[18523432.953348\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=208.100.26.241 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=65153 PROTO=TCP SPT=41637 DPT=22 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-08-01 15:01:36 |