城市(city): Caracas
省份(region): Federal Capital
国家(country): Venezuela
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 167.250.48.115 | attack | Unauthorized connection attempt detected from IP address 167.250.48.115 to port 2220 [J] |
2020-01-08 08:46:10 |
| 167.250.48.1 | attack | Detected By Fail2ban |
2019-11-12 04:21:33 |
| 167.250.48.1 | attack | WEB Masscan Scanner Activity |
2019-11-10 22:30:02 |
| 167.250.48.1 | attackspam | Masscan |
2019-11-06 00:11:04 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 167.250.0.0 - 167.250.255.255
CIDR: 167.250.0.0/16
NetName: LACNIC-ERX-167-250-0-0
NetHandle: NET-167-250-0-0-1
Parent: NET167 (NET-167-0-0-0-0)
NetType: Transferred to LACNIC
OriginAS:
Organization: Latin American and Caribbean IP address Regional Registry (LACNIC)
RegDate: 2010-11-03
Updated: 2010-11-17
Comment: This IP address range is under LACNIC responsibility
Comment: for further allocations to users in LACNIC region.
Comment: Please see http://www.lacnic.net/ for further details,
Comment: or check the WHOIS server located at http://whois.lacnic.net
Ref: https://rdap.arin.net/registry/ip/167.250.0.0
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
ResourceLink: whois.lacnic.net
OrgName: Latin American and Caribbean IP address Regional Registry
OrgId: LACNIC
Address: Rambla Republica de Mexico 6125
City: Montevideo
StateProv:
PostalCode: 11400
Country: UY
RegDate: 2002-07-27
Updated: 2018-03-15
Ref: https://rdap.arin.net/registry/entity/LACNIC
ReferralServer: whois://whois.lacnic.net
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
OrgTechHandle: LACNIC-ARIN
OrgTechName: LACNIC Whois Info
OrgTechPhone: +598-2604-2222
OrgTechEmail: whois-contact@lacnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/LACNIC-ARIN
OrgAbuseHandle: LWI100-ARIN
OrgAbuseName: LACNIC Whois Info
OrgAbusePhone: +598-2604-2222
OrgAbuseEmail: abuse@lacnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/LWI100-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.lacnic.net.
% IP Client: 124.223.158.242
% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries
% LACNIC resource: whois.lacnic.net
% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2026-03-20 15:30:19 (-03 -03:00)
inetnum: 167.250.48.0/22
status: allocated
aut-num: N/A
owner: CORPORACIÃN GALA IT, C.A.
ownerid: VE-ICCA10-LACNIC
responsible: Jose G Marin
address: Calle Panama con Av.Libertador Edificio Lidomar Plaza 8, 8, Edificio Lidomar Plaza 8
address: 1010 - Caracas -
country: VE
phone: +58 2127093800 [823]
owner-c: ICC10
tech-c: ICC10
abuse-c: ICC10
inetrev: 167.250.48.0/24
nserver: NS1.GALAWEBHOST.NET
nsstat: 20260320 AA
nslastaa: 20260320
nserver: NS2.GALAWEBHOST.NET
nsstat: 20260320 AA
nslastaa: 20260320
inetrev: 167.250.49.0/24
nserver: NS1.GALAWEBHOST.NET
nsstat: 20260320 AA
nslastaa: 20260320
nserver: NS2.GALAWEBHOST.NET
nsstat: 20260320 AA
nslastaa: 20260320
inetrev: 167.250.51.0/24
nserver: NS1.GALAWEBHOST.NET
nsstat: 20260317 AA
nslastaa: 20260317
nserver: NS2.GALAWEBHOST.NET
nsstat: 20260317 AA
nslastaa: 20260317
inetrev: 167.250.50.0/24
nserver: NS1.GALAWEBHOST.NET
nsstat: 20260318 AA
nslastaa: 20260318
nserver: NS2.GALAWEBHOST.NET
nsstat: 20260318 AA
nslastaa: 20260318
created: 20151216
changed: 20151216
nic-hdl: ICC10
person: Corporación GALA IT
e-mail: aguilarrn@galait.net
address: Calle Panama con Av.Libertador Edificio Lidomar Plaza, 8, A
address: 1010 - Caracas - DF
country: VE
phone: +58 2127937413 [801]
created: 20150224
changed: 20260105
% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.250.48.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10331
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;167.250.48.114. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026032001 1800 900 604800 86400
;; Query time: 7 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 21 02:30:19 CST 2026
;; MSG SIZE rcvd: 107Host 114.48.250.167.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 114.48.250.167.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 5.189.143.93 | attackspambots | " " |
2019-07-02 20:40:21 |
| 113.186.232.184 | attackspam | [ER hit] Tried to deliver spam. Already well known. |
2019-07-02 20:53:36 |
| 159.192.144.203 | attackbots | Feb 27 06:25:46 motanud sshd\[23699\]: Invalid user tx from 159.192.144.203 port 43184 Feb 27 06:25:46 motanud sshd\[23699\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.144.203 Feb 27 06:25:48 motanud sshd\[23699\]: Failed password for invalid user tx from 159.192.144.203 port 43184 ssh2 |
2019-07-02 20:24:13 |
| 92.222.181.159 | attackspam | 2019-07-02T09:07:51.547793lon01.zurich-datacenter.net sshd\[6873\]: Invalid user mz from 92.222.181.159 port 35407 2019-07-02T09:07:51.553469lon01.zurich-datacenter.net sshd\[6873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.ip-92-222-181.eu 2019-07-02T09:07:52.998813lon01.zurich-datacenter.net sshd\[6873\]: Failed password for invalid user mz from 92.222.181.159 port 35407 ssh2 2019-07-02T09:11:16.690075lon01.zurich-datacenter.net sshd\[6952\]: Invalid user owen from 92.222.181.159 port 55393 2019-07-02T09:11:16.696349lon01.zurich-datacenter.net sshd\[6952\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.ip-92-222-181.eu ... |
2019-07-02 20:24:43 |
| 71.126.167.89 | attack | Jul 2 08:57:15 s64-1 sshd[16718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.126.167.89 Jul 2 08:57:17 s64-1 sshd[16718]: Failed password for invalid user testuser from 71.126.167.89 port 35908 ssh2 Jul 2 08:59:32 s64-1 sshd[16738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.126.167.89 ... |
2019-07-02 21:05:02 |
| 118.163.149.163 | attackbots | Fail2Ban Ban Triggered |
2019-07-02 20:26:18 |
| 179.243.39.97 | attack | Jul 1 20:52:44 xb3 sshd[14919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179-243-39-97.3g.claro.net.br Jul 1 20:52:47 xb3 sshd[14919]: Failed password for invalid user admin from 179.243.39.97 port 45074 ssh2 Jul 1 20:52:47 xb3 sshd[14919]: Received disconnect from 179.243.39.97: 11: Bye Bye [preauth] Jul 1 20:54:46 xb3 sshd[19587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179-243-39-97.3g.claro.net.br Jul 1 20:54:48 xb3 sshd[19587]: Failed password for invalid user Username from 179.243.39.97 port 34070 ssh2 Jul 1 20:54:48 xb3 sshd[19587]: Received disconnect from 179.243.39.97: 11: Bye Bye [preauth] Jul 1 20:56:43 xb3 sshd[11957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179-243-39-97.3g.claro.net.br Jul 1 20:56:44 xb3 sshd[11957]: Failed password for invalid user userftp from 179.243.39.97 port 51306 ssh2 Jul 1 20:56:45........ ------------------------------- |
2019-07-02 20:22:41 |
| 104.216.171.15 | attack | Jul 2 07:12:48 vpn01 sshd\[1252\]: Invalid user dts from 104.216.171.15 Jul 2 07:12:48 vpn01 sshd\[1252\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.216.171.15 Jul 2 07:12:50 vpn01 sshd\[1252\]: Failed password for invalid user dts from 104.216.171.15 port 49302 ssh2 |
2019-07-02 20:18:32 |
| 118.163.178.146 | attack | Jul 2 04:32:20 XXX sshd[21551]: Invalid user jake from 118.163.178.146 port 39813 |
2019-07-02 20:25:07 |
| 1.168.149.1 | attack | 37215/tcp [2019-07-02]1pkt |
2019-07-02 20:28:25 |
| 168.243.232.149 | attack | 2019-07-02T18:10:09.078880enmeeting.mahidol.ac.th sshd\[12534\]: User root from ip168-243-232-149.intercom.com.sv not allowed because not listed in AllowUsers 2019-07-02T18:10:09.203641enmeeting.mahidol.ac.th sshd\[12534\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip168-243-232-149.intercom.com.sv user=root 2019-07-02T18:10:11.428229enmeeting.mahidol.ac.th sshd\[12534\]: Failed password for invalid user root from 168.243.232.149 port 50731 ssh2 ... |
2019-07-02 20:28:55 |
| 119.93.11.252 | attackspambots | 23/tcp [2019-07-02]1pkt |
2019-07-02 20:33:59 |
| 111.59.192.7 | attackbotsspam | TCP port 3389 (RDP) attempt blocked by firewall. [2019-07-02 05:42:26] |
2019-07-02 20:54:38 |
| 51.255.109.166 | attackbots | [portscan] udp/137 [netbios NS] *(RWIN=-)(07021037) |
2019-07-02 20:41:30 |
| 1.247.163.245 | attackbotsspam | 23/tcp [2019-07-02]1pkt |
2019-07-02 20:18:11 |