200.94.105.39 - IPInfo

Basic Info

City: Guadalajara

Region: Jalisco

Country: Mexico

Internet Service Provider: Alestra S. de R.L. de C.V.

Hostname: unknown

Organization: Alestra, S. de R.L. de C.V.

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorised access (Jul 24) SRC=200.94.105.39 LEN=40 TTL=231 ID=51832 TCP DPT=445 WINDOW=1024 SYN	2019-07-25 08:29:22
attackspambots	19/7/8@23:16:52: FAIL: Alarm-Intrusion address from=200.94.105.39 ...	2019-07-09 18:57:24

Comments on same subnet:

IP	Type	Details	Datetime
200.94.105.34	attackbotsspam	Unauthorised access (Aug 2) SRC=200.94.105.34 LEN=40 TTL=233 ID=34660 TCP DPT=445 WINDOW=1024 SYN	2020-08-02 16:16:18
200.94.105.34	attack	Honeypot attack, port: 445, PTR: static-200-94-105-34.alestra.net.mx.	2020-02-20 20:25:16
200.94.105.34	attackspambots	[portscan] tcp/1433 [MsSQL] *(RWIN=1024)(12301200)	2019-12-30 22:03:00
200.94.105.34	attack	Unauthorised access (Nov 10) SRC=200.94.105.34 LEN=40 TTL=235 ID=40643 TCP DPT=1433 WINDOW=1024 SYN	2019-11-11 03:10:17
200.94.105.34	attackspambots	SMB Server BruteForce Attack	2019-10-25 16:56:06
200.94.105.34	attackbots	firewall-block, port(s): 445/tcp	2019-10-02 08:31:42
200.94.105.34	attackspam	Unauthorised access (Sep 8) SRC=200.94.105.34 LEN=40 TTL=235 ID=25842 TCP DPT=445 WINDOW=1024 SYN	2019-09-09 02:03:20
200.94.105.34	attack	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:14:15
200.94.105.34	attackspambots	firewall-block, port(s): 445/tcp	2019-08-31 17:17:42

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.94.105.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49057
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.94.105.39.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050800 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed May 08 19:49:16 +08 2019
;; MSG SIZE  rcvd: 117

Host info

39.105.94.200.in-addr.arpa domain name pointer static-200-94-105-39.alestra.net.mx.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
39.105.94.200.in-addr.arpa	name = static-200-94-105-39.alestra.net.mx.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.176.27.30	attackbots	scans 14 times in preceeding hours on the ports (in chronological order) 26488 26487 26486 26499 26498 26500 26589 26590 26591 26680 26682 26693 26692 26694 resulting in total of 81 scans from 185.176.27.0/24 block.	2020-06-21 20:22:06
202.200.142.251	attackbotsspam	Jun 20 22:48:26 s158375 sshd[9823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.200.142.251	2020-06-21 20:02:39
64.225.102.53	attackspambots	scans once in preceeding hours on the ports (in chronological order) 5422 resulting in total of 5 scans from 64.225.0.0/17 block.	2020-06-21 20:37:41
185.176.27.174	attackspam	06/21/2020-06:56:53.010697 185.176.27.174 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-06-21 20:02:57
139.186.71.62	attack	Jun 21 14:16:27 jane sshd[18732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.71.62 Jun 21 14:16:29 jane sshd[18732]: Failed password for invalid user log from 139.186.71.62 port 47764 ssh2 ...	2020-06-21 20:45:59
111.229.120.31	attack	2020-06-21T11:42:04.542421ns386461 sshd\[10222\]: Invalid user kishore from 111.229.120.31 port 41008 2020-06-21T11:42:04.546973ns386461 sshd\[10222\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.120.31 2020-06-21T11:42:05.994165ns386461 sshd\[10222\]: Failed password for invalid user kishore from 111.229.120.31 port 41008 ssh2 2020-06-21T11:46:04.579113ns386461 sshd\[13709\]: Invalid user hyg from 111.229.120.31 port 42716 2020-06-21T11:46:04.583541ns386461 sshd\[13709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.120.31 ...	2020-06-21 20:06:57
73.41.104.30	attackbots	Jun 21 11:03:58 XXX sshd[26018]: Invalid user jasalu from 73.41.104.30 port 48505	2020-06-21 20:05:30
198.199.115.94	attackbots	scans once in preceeding hours on the ports (in chronological order) 17462 resulting in total of 1 scans from 198.199.64.0/18 block.	2020-06-21 20:30:00
121.58.233.35	attackbotsspam	Jun 19 11:47:53 WHD8 dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=121.58.233.35, lip=10.64.89.208, session=\<74RTyWyodo95Oukj\> Jun 19 11:48:00 WHD8 dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=121.58.233.35, lip=10.64.89.208, session=\ Jun 19 11:48:11 WHD8 dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 10 secs\): user=\, method=PLAIN, rip=121.58.233.35, lip=10.64.89.208, session=\ Jun 20 04:39:34 WHD8 dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=121.58.233.35, lip=10.64.89.208, session=\ Jun 20 04:39:41 WHD8 dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=121.58.233.35, lip=10.64.89.208, session=\ Jun 20 04:39:52 WHD8 dove ...	2020-06-21 20:22:28
3.230.143.72	attackbots	Jun 21 13:13:18 xeon sshd[29903]: Failed password for invalid user ubuntu from 3.230.143.72 port 55124 ssh2	2020-06-21 20:13:52
82.209.201.112	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-06-21 20:28:42
45.119.41.62	attackspambots	magento	2020-06-21 20:19:54
218.4.163.146	attack	Jun 21 14:16:30 cp sshd[28089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.4.163.146	2020-06-21 20:29:43
206.189.28.69	attack	scans once in preceeding hours on the ports (in chronological order) 3302 resulting in total of 3 scans from 206.189.0.0/16 block.	2020-06-21 20:34:15
168.138.221.133	attack	2020-06-21T14:16:19.916102struts4.enskede.local sshd\[15647\]: Invalid user lab from 168.138.221.133 port 59086 2020-06-21T14:16:19.922690struts4.enskede.local sshd\[15647\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.138.221.133 2020-06-21T14:16:22.919514struts4.enskede.local sshd\[15647\]: Failed password for invalid user lab from 168.138.221.133 port 59086 ssh2 2020-06-21T14:19:50.471026struts4.enskede.local sshd\[15658\]: Invalid user renato from 168.138.221.133 port 58488 2020-06-21T14:19:50.479295struts4.enskede.local sshd\[15658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.138.221.133 ...	2020-06-21 20:21:36

Recently Reported IPs

119.200.89.74	172.83.95.216	121.125.188.66	78.56.129.237
27.49.160.7	185.15.106.8	180.211.179.78	32.35.243.225
83.222.106.216	120.96.121.213	39.113.217.118	44.163.73.55
82.212.85.106	70.11.140.77	103.234.96.191	180.69.118.123
128.7.165.123	200.68.36.42	37.212.234.84	63.72.166.174