200.94.105.34 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Mexico

Internet Service Provider: Alestra S. de R.L. de C.V.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorised access (Aug 2) SRC=200.94.105.34 LEN=40 TTL=233 ID=34660 TCP DPT=445 WINDOW=1024 SYN	2020-08-02 16:16:18
attack	Honeypot attack, port: 445, PTR: static-200-94-105-34.alestra.net.mx.	2020-02-20 20:25:16
attackspambots	[portscan] tcp/1433 [MsSQL] *(RWIN=1024)(12301200)	2019-12-30 22:03:00
attack	Unauthorised access (Nov 10) SRC=200.94.105.34 LEN=40 TTL=235 ID=40643 TCP DPT=1433 WINDOW=1024 SYN	2019-11-11 03:10:17
attackspambots	SMB Server BruteForce Attack	2019-10-25 16:56:06
attackbots	firewall-block, port(s): 445/tcp	2019-10-02 08:31:42
attackspam	Unauthorised access (Sep 8) SRC=200.94.105.34 LEN=40 TTL=235 ID=25842 TCP DPT=445 WINDOW=1024 SYN	2019-09-09 02:03:20
attack	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:14:15
attackspambots	firewall-block, port(s): 445/tcp	2019-08-31 17:17:42

Comments on same subnet:

IP	Type	Details	Datetime
200.94.105.39	attack	Unauthorised access (Jul 24) SRC=200.94.105.39 LEN=40 TTL=231 ID=51832 TCP DPT=445 WINDOW=1024 SYN	2019-07-25 08:29:22
200.94.105.39	attackspambots	19/7/8@23:16:52: FAIL: Alarm-Intrusion address from=200.94.105.39 ...	2019-07-09 18:57:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.94.105.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25993
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.94.105.34.			IN	A

;; AUTHORITY SECTION:
.			2503	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019083100 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 31 17:17:35 CST 2019
;; MSG SIZE  rcvd: 117

Host info

34.105.94.200.in-addr.arpa domain name pointer static-200-94-105-34.alestra.net.mx.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
34.105.94.200.in-addr.arpa	name = static-200-94-105-34.alestra.net.mx.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.27.235.76	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-23 07:04:39
124.127.132.22	attack	2020-03-22T22:31:40.297654abusebot-4.cloudsearch.cf sshd[27347]: Invalid user jhon from 124.127.132.22 port 39334 2020-03-22T22:31:40.304076abusebot-4.cloudsearch.cf sshd[27347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.127.132.22 2020-03-22T22:31:40.297654abusebot-4.cloudsearch.cf sshd[27347]: Invalid user jhon from 124.127.132.22 port 39334 2020-03-22T22:31:42.663794abusebot-4.cloudsearch.cf sshd[27347]: Failed password for invalid user jhon from 124.127.132.22 port 39334 ssh2 2020-03-22T22:35:10.630880abusebot-4.cloudsearch.cf sshd[27570]: Invalid user ezio from 124.127.132.22 port 14638 2020-03-22T22:35:10.637466abusebot-4.cloudsearch.cf sshd[27570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.127.132.22 2020-03-22T22:35:10.630880abusebot-4.cloudsearch.cf sshd[27570]: Invalid user ezio from 124.127.132.22 port 14638 2020-03-22T22:35:12.826517abusebot-4.cloudsearch.cf sshd[27570]: Fail ...	2020-03-23 06:38:31
173.10.164.161	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-23 06:38:04
118.67.185.0	attackspam	ICMP MH Probe, Scan /Distributed -	2020-03-23 06:38:54
122.224.215.102	attackbots	Mar 22 23:31:23 host01 sshd[1387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.215.102 Mar 22 23:31:25 host01 sshd[1387]: Failed password for invalid user hadoop from 122.224.215.102 port 43442 ssh2 Mar 22 23:35:08 host01 sshd[2116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.215.102 ...	2020-03-23 06:36:19
134.73.51.229	attackspambots	Mar 22 23:00:23 mail.srvfarm.net postfix/smtpd[905544]: NOQUEUE: reject: RCPT from unknown[134.73.51.229]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 22 23:01:26 mail.srvfarm.net postfix/smtpd[903244]: NOQUEUE: reject: RCPT from unknown[134.73.51.229]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 22 23:02:06 mail.srvfarm.net postfix/smtpd[910222]: NOQUEUE: reject: RCPT from unknown[134.73.51.229]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 22 23:02:07 mail.srvfarm.net postfix/smtpd[909880]: NOQUEUE: reject: RCPT from unknown[134.73.51.229]: 450 4.1.8 <	2020-03-23 07:05:24
173.11.209.26	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-23 07:02:37
199.87.154.255	attack	B: zzZZzz blocked content access	2020-03-23 07:02:54
71.85.106.211	attackspam	Mar 17 07:32:42 71.85.106.211 PROTO=TCP SPT=26349 DPT=23 Mar 17 08:48:58 71.85.106.211 PROTO=TCP SPT=55963 DPT=23 Mar 17 09:51:22 71.85.106.211 PROTO=TCP SPT=40120 DPT=23 Mar 17 10:39:52 71.85.106.211 PROTO=TCP SPT=12179 DPT=23 Mar 17 11:54:55 71.85.106.211 PROTO=TCP SPT=8303 DPT=23	2020-03-23 06:52:22
104.198.100.105	attack	Mar 22 23:00:33 roki sshd[19562]: Invalid user virginio from 104.198.100.105 Mar 22 23:00:33 roki sshd[19562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.198.100.105 Mar 22 23:00:34 roki sshd[19562]: Failed password for invalid user virginio from 104.198.100.105 port 34576 ssh2 Mar 22 23:19:34 roki sshd[20962]: Invalid user anina from 104.198.100.105 Mar 22 23:19:34 roki sshd[20962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.198.100.105 ...	2020-03-23 07:10:56
192.241.169.184	attackbots	Mar 22 22:31:13 localhost sshd[60227]: Invalid user profesor from 192.241.169.184 port 39378 Mar 22 22:31:13 localhost sshd[60227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.169.184 Mar 22 22:31:13 localhost sshd[60227]: Invalid user profesor from 192.241.169.184 port 39378 Mar 22 22:31:14 localhost sshd[60227]: Failed password for invalid user profesor from 192.241.169.184 port 39378 ssh2 Mar 22 22:36:30 localhost sshd[60797]: Invalid user ts3server from 192.241.169.184 port 57726 ...	2020-03-23 06:41:25
193.251.91.89	attack	Invalid user dolphin from 193.251.91.89 port 41368	2020-03-23 06:51:42
36.67.120.42	attackbots	Unauthorised access (Mar 23) SRC=36.67.120.42 LEN=52 TTL=119 ID=22141 TCP DPT=445 WINDOW=8192 SYN	2020-03-23 06:59:41
178.128.168.87	attackspam	Mar 22 18:34:13 NPSTNNYC01T sshd[28741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.168.87 Mar 22 18:34:14 NPSTNNYC01T sshd[28741]: Failed password for invalid user hm from 178.128.168.87 port 37114 ssh2 Mar 22 18:38:16 NPSTNNYC01T sshd[28972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.168.87 ...	2020-03-23 06:47:10
5.135.165.138	attackspambots	Invalid user qscand from 5.135.165.138 port 53728	2020-03-23 07:11:27

Recently Reported IPs

178.126.113.37	228.179.92.51	182.10.192.92	4.17.157.227
181.234.99.62	194.83.223.170	0.93.127.84	85.46.137.243
157.9.189.245	94.49.233.125	63.41.59.158	184.198.43.231
22.157.30.30	235.244.57.24	19.241.237.150	185.88.135.128
145.182.17.46	62.220.216.250	138.68.212.211	194.99.184.116