200.52.140.130

Basic Info

City: unknown

Region: unknown

Country: Mexico

Internet Service Provider: Topnet SA de CV

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	proto=tcp . spt=48188 . dpt=25 . (listed on Blocklist de Jul 05) (529)	2019-07-07 06:26:40

Comments on same subnet:

IP	Type	Details	Datetime
200.52.140.145	attackspambots	WordPress XMLRPC scan :: 200.52.140.145 0.512 BYPASS [29/Jun/2020:03:55:35 0000] [censored_2] "POST //xmlrpc.php HTTP/1.1" 200 217 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"	2020-06-29 14:50:30

Type

Details

Datetime

200.52.140.145

attackspambots

WordPress XMLRPC scan :: 200.52.140.145 0.512 BYPASS [29/Jun/2020:03:55:35  0000] [censored_2] "POST //xmlrpc.php HTTP/1.1" 200 217 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"

2020-06-29 14:50:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.52.140.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7854
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.52.140.130.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070601 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 07 06:26:33 CST 2019
;; MSG SIZE  rcvd: 118

Host info

130.140.52.200.in-addr.arpa domain name pointer redip130.inext.net.mx.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
130.140.52.200.in-addr.arpa	name = redip130.inext.net.mx.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.108.181.165	attack	2019-08-27T13:14:28.030777abusebot-6.cloudsearch.cf sshd\[27289\]: Invalid user ui from 114.108.181.165 port 39169	2019-08-27 21:20:37
139.155.70.251	attackbotsspam	Aug 27 00:17:56 eddieflores sshd\[1152\]: Invalid user shift from 139.155.70.251 Aug 27 00:17:56 eddieflores sshd\[1152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.70.251 Aug 27 00:17:58 eddieflores sshd\[1152\]: Failed password for invalid user shift from 139.155.70.251 port 40370 ssh2 Aug 27 00:20:55 eddieflores sshd\[1407\]: Invalid user porno from 139.155.70.251 Aug 27 00:20:55 eddieflores sshd\[1407\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.70.251	2019-08-27 20:24:35
178.128.86.127	attackspam	Aug 27 02:03:13 aiointranet sshd\[11489\]: Invalid user cpotter from 178.128.86.127 Aug 27 02:03:13 aiointranet sshd\[11489\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.86.127 Aug 27 02:03:14 aiointranet sshd\[11489\]: Failed password for invalid user cpotter from 178.128.86.127 port 56388 ssh2 Aug 27 02:08:04 aiointranet sshd\[11913\]: Invalid user le from 178.128.86.127 Aug 27 02:08:04 aiointranet sshd\[11913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.86.127	2019-08-27 20:26:35
187.163.126.189	attackbotsspam	Automatic report - Port Scan Attack	2019-08-27 20:26:09
106.12.108.23	attackbots	Aug 27 02:16:55 hiderm sshd\[10050\]: Invalid user heim from 106.12.108.23 Aug 27 02:16:55 hiderm sshd\[10050\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.108.23 Aug 27 02:16:58 hiderm sshd\[10050\]: Failed password for invalid user heim from 106.12.108.23 port 45764 ssh2 Aug 27 02:22:12 hiderm sshd\[10486\]: Invalid user mhal from 106.12.108.23 Aug 27 02:22:12 hiderm sshd\[10486\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.108.23	2019-08-27 20:34:05
81.22.45.239	attack	08/27/2019-07:35:11.455592 81.22.45.239 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 85	2019-08-27 21:17:21
23.129.64.212	attackbots	Aug 27 14:43:47 vps647732 sshd[22993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.212 Aug 27 14:43:49 vps647732 sshd[22993]: Failed password for invalid user user from 23.129.64.212 port 18907 ssh2 ...	2019-08-27 20:45:01
51.38.150.104	attackspam	Aug 27 14:08:08 srv206 sshd[4712]: Invalid user user from 51.38.150.104 ...	2019-08-27 20:34:57
111.172.81.48	attack	Caught in portsentry honeypot	2019-08-27 20:58:38
27.5.71.151	attackbots	Automatic report - Port Scan Attack	2019-08-27 20:34:31
185.222.58.170	attackspambots	joshuajohannes.de 185.222.58.170 \[27/Aug/2019:11:21:35 +0200\] "POST /wp-login.php HTTP/1.1" 200 5603 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" joshuajohannes.de 185.222.58.170 \[27/Aug/2019:11:21:35 +0200\] "POST /wp-login.php HTTP/1.1" 200 5610 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-08-27 20:40:32
191.7.8.180	attack	Aug 27 12:12:50 [host] sshd[22419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.7.8.180 user=root Aug 27 12:12:52 [host] sshd[22419]: Failed password for root from 191.7.8.180 port 57335 ssh2 Aug 27 12:17:58 [host] sshd[22543]: Invalid user betrieb from 191.7.8.180 Aug 27 12:17:58 [host] sshd[22543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.7.8.180	2019-08-27 20:32:57
175.211.112.66	attack	Aug 27 11:06:54 tuxlinux sshd[51477]: Invalid user dolores from 175.211.112.66 port 34622 Aug 27 11:06:54 tuxlinux sshd[51477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.211.112.66 Aug 27 11:06:54 tuxlinux sshd[51477]: Invalid user dolores from 175.211.112.66 port 34622 Aug 27 11:06:54 tuxlinux sshd[51477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.211.112.66 Aug 27 11:06:54 tuxlinux sshd[51477]: Invalid user dolores from 175.211.112.66 port 34622 Aug 27 11:06:54 tuxlinux sshd[51477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.211.112.66 Aug 27 11:06:56 tuxlinux sshd[51477]: Failed password for invalid user dolores from 175.211.112.66 port 34622 ssh2 ...	2019-08-27 20:42:18
80.211.0.78	attack	Aug 27 14:14:13 lnxweb62 sshd[12136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.0.78	2019-08-27 20:30:28
87.123.141.44	attack	Login attempt AUTH NTLM, SMTP, Port 25	2019-08-27 20:39:13

Recently Reported IPs

197.59.71.137	114.108.177.104	49.156.44.4	42.84.205.193
220.143.30.145	78.139.91.76	209.97.185.206	214.101.236.93
58.72.155.170	82.117.244.85	106.12.156.233	124.207.187.139
45.114.68.168	67.205.187.73	1.22.181.26	80.216.38.173
177.91.119.50	88.138.112.63	45.147.177.113	49.148.41.207