City: Guadalajara
Region: Jalisco
Country: Mexico
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 207.248.0.0 - 207.249.255.255
CIDR: 207.248.0.0/15
NetName: LACNIC-207-248-0-0
NetHandle: NET-207-248-0-0-1
Parent: NET207 (NET-207-0-0-0-0)
NetType: Transferred to LACNIC
OriginAS:
Organization: Latin American and Caribbean IP address Regional Registry (LACNIC)
RegDate: 2003-05-13
Updated: 2007-12-17
Comment: This IP address range is under LACNIC responsibility for further
Comment: allocations to users in LACNIC region.
Comment: Please see http://www.lacnic.net/ for further details, or check the
Comment: WHOIS server located at http://whois.lacnic.net
Ref: https://rdap.arin.net/registry/ip/207.248.0.0
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
ResourceLink: whois.lacnic.net
OrgName: Latin American and Caribbean IP address Regional Registry
OrgId: LACNIC
Address: Rambla Republica de Mexico 6125
City: Montevideo
StateProv:
PostalCode: 11400
Country: UY
RegDate: 2002-07-27
Updated: 2018-03-15
Ref: https://rdap.arin.net/registry/entity/LACNIC
ReferralServer: whois://whois.lacnic.net
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
OrgTechHandle: LACNIC-ARIN
OrgTechName: LACNIC Whois Info
OrgTechPhone: +598-2604-2222
OrgTechEmail: whois-contact@lacnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/LACNIC-ARIN
OrgAbuseHandle: LWI100-ARIN
OrgAbuseName: LACNIC Whois Info
OrgAbusePhone: +598-2604-2222
OrgAbuseEmail: abuse@lacnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/LWI100-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.lacnic.net.
% IP Client: 124.223.158.242
% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries
% LACNIC resource: whois.lacnic.net
% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2026-04-23 14:35:22 (-03 -03:00)
inetnum: 207.249.224.0/19
status: assigned
aut-num: AS2549
owner: Universidad de Guadalajara
ownerid: MX-UNGU4-LACNIC
responsible: No hay informacion
address: Av. Juárez, 976, Zona Centro
address: 44100 - Guadalajara - ja
country: MX
phone: +52 3331342222 [12204]
owner-c: UNG
tech-c: UNG
abuse-c: UNG
inetrev: 207.249.224.0/19
nserver: LEON.DCA.UDG.MX
nsstat: 20260421 AA
nslastaa: 20260421
nserver: LEON2.NS.UDG.MX
nsstat: 20260421 AA
nslastaa: 20260421
created: 20090122
changed: 20120901
nic-hdl: UNG
person: Universidad de Guadalajara
e-mail: abuse@noc.udg.mx
address: Av. Juarez,, 976, Zona Centro
address: 44100 - Guadalajara - Ja
country: MX
phone: +52 3331342222 [12242]
created: 20040825
changed: 20130731
% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.; <<>> DiG 9.10.3-P4-Ubuntu <<>> 207.249.232.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10569
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;207.249.232.48. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026042300 1800 900 604800 86400
;; Query time: 8 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 24 01:35:22 CST 2026
;; MSG SIZE rcvd: 107b'48.232.249.207.in-addr.arpa domain name pointer 48-232-249-207.net.udg.mx.
'b'48.232.249.207.in-addr.arpa name = 48-232-249-207.net.udg.mx.
Authoritative answers can be found from:
'| IP | Type | Details | Datetime |
|---|---|---|---|
| 223.171.32.66 | attackbotsspam | 2020-04-12T12:04:41.596183dmca.cloudsearch.cf sshd[19805]: Invalid user ZXC from 223.171.32.66 port 45143 2020-04-12T12:04:41.603320dmca.cloudsearch.cf sshd[19805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.171.32.66 2020-04-12T12:04:41.596183dmca.cloudsearch.cf sshd[19805]: Invalid user ZXC from 223.171.32.66 port 45143 2020-04-12T12:04:43.379376dmca.cloudsearch.cf sshd[19805]: Failed password for invalid user ZXC from 223.171.32.66 port 45143 ssh2 2020-04-12T12:09:46.949529dmca.cloudsearch.cf sshd[20221]: Invalid user beaubere1 from 223.171.32.66 port 45143 2020-04-12T12:09:46.955399dmca.cloudsearch.cf sshd[20221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.171.32.66 2020-04-12T12:09:46.949529dmca.cloudsearch.cf sshd[20221]: Invalid user beaubere1 from 223.171.32.66 port 45143 2020-04-12T12:09:48.936998dmca.cloudsearch.cf sshd[20221]: Failed password for invalid user beaubere1 from 223. ... |
2020-04-12 20:31:50 |
| 79.129.250.179 | attackbots | Honeypot attack, port: 81, PTR: athedsl-4459203.home.otenet.gr. |
2020-04-12 20:36:51 |
| 114.67.78.79 | attackspam | (sshd) Failed SSH login from 114.67.78.79 (CN/China/-): 5 in the last 3600 secs |
2020-04-12 20:46:59 |
| 185.202.2.126 | attackspam | Target: RDP [multi-port] [brute-force] |
2020-04-12 20:33:50 |
| 112.85.42.180 | attackspam | Apr 12 14:22:15 * sshd[32085]: Failed password for root from 112.85.42.180 port 44781 ssh2 Apr 12 14:22:28 * sshd[32085]: error: maximum authentication attempts exceeded for root from 112.85.42.180 port 44781 ssh2 [preauth] |
2020-04-12 20:48:49 |
| 104.244.75.191 | attack | Apr 12 14:23:13 rotator sshd\[19413\]: Invalid user ubnt from 104.244.75.191Apr 12 14:23:15 rotator sshd\[19413\]: Failed password for invalid user ubnt from 104.244.75.191 port 33382 ssh2Apr 12 14:23:15 rotator sshd\[19415\]: Invalid user admin from 104.244.75.191Apr 12 14:23:17 rotator sshd\[19415\]: Failed password for invalid user admin from 104.244.75.191 port 35976 ssh2Apr 12 14:23:21 rotator sshd\[19417\]: Failed password for root from 104.244.75.191 port 39162 ssh2Apr 12 14:23:21 rotator sshd\[19419\]: Invalid user guest from 104.244.75.191 ... |
2020-04-12 20:24:49 |
| 222.186.173.154 | attack | Apr 12 14:19:06 srv-ubuntu-dev3 sshd[96658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root Apr 12 14:19:08 srv-ubuntu-dev3 sshd[96658]: Failed password for root from 222.186.173.154 port 23186 ssh2 Apr 12 14:19:12 srv-ubuntu-dev3 sshd[96658]: Failed password for root from 222.186.173.154 port 23186 ssh2 Apr 12 14:19:06 srv-ubuntu-dev3 sshd[96658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root Apr 12 14:19:08 srv-ubuntu-dev3 sshd[96658]: Failed password for root from 222.186.173.154 port 23186 ssh2 Apr 12 14:19:12 srv-ubuntu-dev3 sshd[96658]: Failed password for root from 222.186.173.154 port 23186 ssh2 Apr 12 14:19:06 srv-ubuntu-dev3 sshd[96658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root Apr 12 14:19:08 srv-ubuntu-dev3 sshd[96658]: Failed password for root from 222.186.173.154 p ... |
2020-04-12 20:21:28 |
| 222.186.30.76 | attack | Apr 12 14:51:52 vmd38886 sshd\[29258\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root Apr 12 14:51:54 vmd38886 sshd\[29258\]: Failed password for root from 222.186.30.76 port 20037 ssh2 Apr 12 14:51:57 vmd38886 sshd\[29258\]: Failed password for root from 222.186.30.76 port 20037 ssh2 |
2020-04-12 20:54:59 |
| 109.99.254.50 | attackbotsspam | Automatic report - Port Scan Attack |
2020-04-12 20:49:20 |
| 58.246.94.230 | attackspam | Apr 12 09:07:56 vps46666688 sshd[1335]: Failed password for root from 58.246.94.230 port 59685 ssh2 ... |
2020-04-12 20:30:21 |
| 222.186.175.182 | attackspambots | Apr 12 14:38:12 eventyay sshd[4602]: Failed password for root from 222.186.175.182 port 61018 ssh2 Apr 12 14:38:21 eventyay sshd[4602]: Failed password for root from 222.186.175.182 port 61018 ssh2 Apr 12 14:38:24 eventyay sshd[4602]: Failed password for root from 222.186.175.182 port 61018 ssh2 Apr 12 14:38:24 eventyay sshd[4602]: error: maximum authentication attempts exceeded for root from 222.186.175.182 port 61018 ssh2 [preauth] ... |
2020-04-12 20:44:48 |
| 94.191.122.141 | attackspambots | Apr 12 12:09:24 *** sshd[27806]: Invalid user ZXDSL from 94.191.122.141 |
2020-04-12 20:50:06 |
| 108.203.202.75 | attack | Apr 12 14:22:33 OPSO sshd\[24229\]: Invalid user kim from 108.203.202.75 port 35104 Apr 12 14:22:33 OPSO sshd\[24229\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.203.202.75 Apr 12 14:22:35 OPSO sshd\[24229\]: Failed password for invalid user kim from 108.203.202.75 port 35104 ssh2 Apr 12 14:26:56 OPSO sshd\[25163\]: Invalid user melanson from 108.203.202.75 port 49290 Apr 12 14:26:56 OPSO sshd\[25163\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.203.202.75 |
2020-04-12 20:40:17 |
| 192.144.159.186 | attackspambots | Apr 12 12:05:40 powerpi2 sshd[28261]: Failed password for root from 192.144.159.186 port 57108 ssh2 Apr 12 12:09:24 powerpi2 sshd[28507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.159.186 user=root Apr 12 12:09:26 powerpi2 sshd[28507]: Failed password for root from 192.144.159.186 port 42978 ssh2 ... |
2020-04-12 20:52:20 |
| 171.221.236.120 | attack | Honeypot attack, port: 5555, PTR: PTR record not found |
2020-04-12 20:19:45 |