City: Guadalajara
Region: Jalisco
Country: Mexico
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 207.248.0.0 - 207.249.255.255
CIDR: 207.248.0.0/15
NetName: LACNIC-207-248-0-0
NetHandle: NET-207-248-0-0-1
Parent: NET207 (NET-207-0-0-0-0)
NetType: Transferred to LACNIC
OriginAS:
Organization: Latin American and Caribbean IP address Regional Registry (LACNIC)
RegDate: 2003-05-13
Updated: 2007-12-17
Comment: This IP address range is under LACNIC responsibility for further
Comment: allocations to users in LACNIC region.
Comment: Please see http://www.lacnic.net/ for further details, or check the
Comment: WHOIS server located at http://whois.lacnic.net
Ref: https://rdap.arin.net/registry/ip/207.248.0.0
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
ResourceLink: whois.lacnic.net
OrgName: Latin American and Caribbean IP address Regional Registry
OrgId: LACNIC
Address: Rambla Republica de Mexico 6125
City: Montevideo
StateProv:
PostalCode: 11400
Country: UY
RegDate: 2002-07-27
Updated: 2018-03-15
Ref: https://rdap.arin.net/registry/entity/LACNIC
ReferralServer: whois://whois.lacnic.net
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
OrgTechHandle: LACNIC-ARIN
OrgTechName: LACNIC Whois Info
OrgTechPhone: +598-2604-2222
OrgTechEmail: whois-contact@lacnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/LACNIC-ARIN
OrgAbuseHandle: LWI100-ARIN
OrgAbuseName: LACNIC Whois Info
OrgAbusePhone: +598-2604-2222
OrgAbuseEmail: abuse@lacnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/LWI100-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.lacnic.net.
% IP Client: 124.223.158.242
% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries
% LACNIC resource: whois.lacnic.net
% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2026-04-23 14:35:26 (-03 -03:00)
inetnum: 207.249.224.0/19
status: assigned
aut-num: AS2549
owner: Universidad de Guadalajara
ownerid: MX-UNGU4-LACNIC
responsible: No hay informacion
address: Av. Juárez, 976, Zona Centro
address: 44100 - Guadalajara - ja
country: MX
phone: +52 3331342222 [12204]
owner-c: UNG
tech-c: UNG
abuse-c: UNG
inetrev: 207.249.224.0/19
nserver: LEON.DCA.UDG.MX
nsstat: 20260421 AA
nslastaa: 20260421
nserver: LEON2.NS.UDG.MX
nsstat: 20260421 AA
nslastaa: 20260421
created: 20090122
changed: 20120901
nic-hdl: UNG
person: Universidad de Guadalajara
e-mail: abuse@noc.udg.mx
address: Av. Juarez,, 976, Zona Centro
address: 44100 - Guadalajara - Ja
country: MX
phone: +52 3331342222 [12242]
created: 20040825
changed: 20130731
% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.; <<>> DiG 9.10.3-P4-Ubuntu <<>> 207.249.232.84
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22328
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;207.249.232.84. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026042300 1800 900 604800 86400
;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 24 01:35:26 CST 2026
;; MSG SIZE rcvd: 107b'84.232.249.207.in-addr.arpa domain name pointer 84-232-249-207.net.udg.mx.
'b'84.232.249.207.in-addr.arpa name = 84-232-249-207.net.udg.mx.
Authoritative answers can be found from:
'| IP | Type | Details | Datetime |
|---|---|---|---|
| 211.240.105.132 | attackbots | Jul 12 20:48:37 vps647732 sshd[26675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.240.105.132 Jul 12 20:48:39 vps647732 sshd[26675]: Failed password for invalid user admin from 211.240.105.132 port 54785 ssh2 ... |
2019-07-13 03:02:53 |
| 157.52.149.214 | attackbotsspam | Sent mail to former whois address of a deleted domain. |
2019-07-13 03:07:31 |
| 133.242.228.107 | attack | Jul 12 20:56:46 legacy sshd[21079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.242.228.107 Jul 12 20:56:48 legacy sshd[21079]: Failed password for invalid user na from 133.242.228.107 port 51479 ssh2 Jul 12 21:02:40 legacy sshd[21248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.242.228.107 ... |
2019-07-13 03:08:19 |
| 173.82.232.222 | attackspambots | Chinese spam |
2019-07-13 03:00:56 |
| 140.143.239.156 | attackspambots | detected by Fail2Ban |
2019-07-13 02:46:43 |
| 68.183.190.251 | attackbotsspam | 2019-07-12T13:39:40.446500abusebot-8.cloudsearch.cf sshd\[27222\]: Invalid user test1 from 68.183.190.251 port 47042 |
2019-07-13 03:14:54 |
| 77.242.26.218 | attackspambots | 2019-07-12T11:34:16.205746MailD postfix/smtpd[31081]: warning: unknown[77.242.26.218]: SASL PLAIN authentication failed: authentication failure 2019-07-12T11:34:16.397150MailD postfix/smtpd[31081]: warning: unknown[77.242.26.218]: SASL LOGIN authentication failed: authentication failure 2019-07-12T11:34:16.790496MailD postfix/smtpd[31081]: warning: unknown[77.242.26.218]: SASL PLAIN authentication failed: authentication failure 2019-07-12T11:34:16.979091MailD postfix/smtpd[31081]: warning: unknown[77.242.26.218]: SASL LOGIN authentication failed: authentication failure |
2019-07-13 02:55:50 |
| 189.51.104.186 | attackbots | $f2bV_matches |
2019-07-13 02:35:08 |
| 212.83.146.233 | attack | [connect count:2 time(s)][SMTP/25/465/587 Probe]
[SMTPD] RECEIVED: EHLO onyphe.io
[SMTPD] SENT: 554 5.7.1 Rejected: IP FROM DNS for {onyphe.io} diff.
*(07121545) |
2019-07-13 02:43:06 |
| 61.183.9.191 | attackbots | Jul 12 14:24:14 ks10 sshd[16087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.183.9.191 Jul 12 14:24:17 ks10 sshd[16087]: Failed password for invalid user dmu from 61.183.9.191 port 49126 ssh2 ... |
2019-07-13 02:41:31 |
| 111.231.87.204 | attackspambots | Jul 12 20:19:31 MK-Soft-Root1 sshd\[32281\]: Invalid user r from 111.231.87.204 port 39350 Jul 12 20:19:31 MK-Soft-Root1 sshd\[32281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.87.204 Jul 12 20:19:32 MK-Soft-Root1 sshd\[32281\]: Failed password for invalid user r from 111.231.87.204 port 39350 ssh2 ... |
2019-07-13 02:31:46 |
| 165.227.69.188 | attackbots | Jul 12 20:20:44 legacy sshd[19808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.69.188 Jul 12 20:20:46 legacy sshd[19808]: Failed password for invalid user hacked from 165.227.69.188 port 50160 ssh2 Jul 12 20:27:25 legacy sshd[20004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.69.188 ... |
2019-07-13 02:45:38 |
| 197.56.16.15 | attackbotsspam | Jul 12 12:34:29 srv-4 sshd\[6781\]: Invalid user admin from 197.56.16.15 Jul 12 12:34:29 srv-4 sshd\[6781\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.56.16.15 Jul 12 12:34:31 srv-4 sshd\[6781\]: Failed password for invalid user admin from 197.56.16.15 port 35653 ssh2 ... |
2019-07-13 02:52:16 |
| 117.50.46.36 | attackbotsspam | $f2bV_matches |
2019-07-13 03:09:59 |
| 74.82.47.19 | attack | 3389BruteforceFW23 |
2019-07-13 02:49:20 |