189.213.138.52

Basic Info

City: unknown

Region: unknown

Country: Mexico

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
189.213.138.7	attack	Automatic report - Port Scan Attack	2020-04-22 06:39:58
189.213.138.224	attack	Port Scan detected from 189.213.138.224 (MX/Mexico/-). 4 hits in the last 60 seconds	2019-11-21 18:43:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.213.138.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46752
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;189.213.138.52.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 16:07:52 CST 2022
;; MSG SIZE  rcvd: 107

Host info

52.138.213.189.in-addr.arpa domain name pointer 189-213-138-52.static.axtel.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.138.213.189.in-addr.arpa	name = 189-213-138-52.static.axtel.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
80.82.77.240	attackbots	probes 10 times on the port 18080 5000 5004 5800 5900 8443 8880 9000 9050 9200 resulting in total of 125 scans from 80.82.64.0/20 block.	2020-07-30 01:21:43
159.65.30.66	attackspam	Port Scan detected from 159.65.30.66 (GB/United Kingdom/England/London/-). 4 hits in the last 280 seconds	2020-07-30 01:26:44
106.12.33.28	attackbots	Jul 29 19:17:21 marvibiene sshd[27992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.33.28 Jul 29 19:17:23 marvibiene sshd[27992]: Failed password for invalid user hammad from 106.12.33.28 port 54174 ssh2	2020-07-30 01:36:17
103.90.228.121	attackbotsspam	Jul 29 13:48:33 l03 sshd[6936]: Invalid user dzhou from 103.90.228.121 port 60602 ...	2020-07-30 01:16:45
114.232.110.100	attack	Jul 29 19:02:46 andromeda postfix/smtpd\[23803\]: warning: unknown\[114.232.110.100\]: SASL LOGIN authentication failed: authentication failure Jul 29 19:02:47 andromeda postfix/smtpd\[57036\]: warning: unknown\[114.232.110.100\]: SASL LOGIN authentication failed: authentication failure Jul 29 19:02:50 andromeda postfix/smtpd\[23803\]: warning: unknown\[114.232.110.100\]: SASL LOGIN authentication failed: authentication failure Jul 29 19:02:53 andromeda postfix/smtpd\[23803\]: warning: unknown\[114.232.110.100\]: SASL LOGIN authentication failed: authentication failure Jul 29 19:02:54 andromeda postfix/smtpd\[23803\]: warning: unknown\[114.232.110.100\]: SASL LOGIN authentication failed: authentication failure	2020-07-30 01:12:29
118.100.116.155	attack	2020-07-29T12:26:56.408055devel sshd[31328]: Invalid user songnahong from 118.100.116.155 port 54974 2020-07-29T12:26:58.577328devel sshd[31328]: Failed password for invalid user songnahong from 118.100.116.155 port 54974 ssh2 2020-07-29T12:39:20.115447devel sshd[589]: Invalid user xiapeng from 118.100.116.155 port 35350	2020-07-30 00:53:12
182.61.1.88	attackbotsspam	Automatic report - Banned IP Access	2020-07-30 01:10:43
51.68.229.177	attack	51.68.229.177 - - [29/Jul/2020:16:55:06 +0100] "POST /wp-login.php HTTP/1.1" 200 2109 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.68.229.177 - - [29/Jul/2020:16:55:06 +0100] "POST /wp-login.php HTTP/1.1" 200 2079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.68.229.177 - - [29/Jul/2020:16:55:06 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-30 01:11:30
46.229.168.140	attackspambots	Automatic report - Banned IP Access	2020-07-30 00:54:09
221.141.253.171	attackbots	Jul 29 16:18:09 h2427292 sshd\[4328\]: Invalid user vusers from 221.141.253.171 Jul 29 16:18:09 h2427292 sshd\[4328\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.141.253.171 Jul 29 16:18:11 h2427292 sshd\[4328\]: Failed password for invalid user vusers from 221.141.253.171 port 60784 ssh2 ...	2020-07-30 01:34:12
47.176.104.74	attackbots	2020-07-29T18:34:46.733850amanda2.illicoweb.com sshd\[18676\]: Invalid user sunyifan_stu from 47.176.104.74 port 21536 2020-07-29T18:34:46.739014amanda2.illicoweb.com sshd\[18676\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.176.104.74 2020-07-29T18:34:48.754399amanda2.illicoweb.com sshd\[18676\]: Failed password for invalid user sunyifan_stu from 47.176.104.74 port 21536 ssh2 2020-07-29T18:40:06.182035amanda2.illicoweb.com sshd\[19173\]: Invalid user liangzheming from 47.176.104.74 port 39437 2020-07-29T18:40:06.188117amanda2.illicoweb.com sshd\[19173\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.176.104.74 ...	2020-07-30 01:11:55
185.132.53.138	attackbots	185.132.53.138 - - [29/Jul/2020:20:50:44 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2020-07-30 00:55:42
51.15.229.198	attack	Auto Fail2Ban report, multiple SSH login attempts.	2020-07-30 01:37:19
193.252.189.37	attackspam	Jul 29 14:08:56 vm1 sshd[13965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.252.189.37 ...	2020-07-30 01:33:29
114.34.107.162	attack	Port probing on unauthorized port 85	2020-07-30 00:59:27

Recently Reported IPs

189.213.14.48	189.213.104.5	189.213.140.1	189.213.142.176
189.213.142.59	189.213.143.68	189.213.140.151	189.213.143.171
189.213.145.119	189.213.146.164	189.213.145.155	189.213.145.244
189.213.146.222	189.213.147.126	189.213.15.105	189.213.147.67
189.213.148.236	189.213.153.63	189.213.153.71	189.213.153.136