JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 200.56.131.207

200.56.131.207 was found in our database!

This IP was reported 216 times. Confidence of Abuse is 100%: ?

100%

ISP	Mega Cable, S.A. de C.V.
Usage Type	Fixed Line ISP
ASN	AS262916
Hostname(s)	customer-CDMX-MCA-131-207.megared.net.mx
Domain Name	mega.mx
Country	🇲🇽 Mexico
City	Mexico City, Mexico City

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 200.56.131.207

Whois 200.56.131.207

IP Abuse Reports for 200.56.131.207:

This IP address has been reported a total of 216 times from 88 distinct sources. 200.56.131.207 was first reported on May 15th 2026, and the most recent report was 28 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 evvsk	2026-06-15 11:35:27 (28 minutes ago)	5038/tcp	Port Scan
🇫🇮 6kilowatti	2026-06-15 09:51:45 (2 hours ago)	2026-06-15T12:51:44.868329+03:00 koti kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:bd:29:2d:18:f ... show more 2026-06-15T12:51:44.868329+03:00 koti kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:bd:29:2d:18:fd:74:70:71:9e:08:00 SRC=200.56.131.207 DST=10.0.0.30 LEN=40 TOS=0x00 PREC=0x00 TTL=232 ID=18005 PROTO=TCP SPT=43405 DPT=5038 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇮🇪 RoboSOC	2026-06-15 09:32:32 (2 hours ago)	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: customer-CDMX-MCA-131-207.megared.net.m ... show more SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: customer-CDMX-MCA-131-207.megared.net.mx. show less	Port Scan
🇬🇧 gbzret4d	2026-06-15 08:27:49 (3 hours ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 5038 [1] TCP	Port Scan
🇨🇭 pingusurmars	2026-06-15 08:17:11 (3 hours ago)	Blocked by UFW on amperetwo [5038/tcp] Source port: 43405 TTL: 236 Packet length: 40 TOS: 0x00 This ... show more Blocked by UFW on amperetwo [5038/tcp] Source port: 43405 TTL: 236 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇯🇵 mkaraki	2026-06-15 07:39:56 (4 hours ago)	1781509195 # Service_probe # SIGNATURE_SEND # source_ip:200.56.131.207 # dst_port:5038 ...	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-15 03:11:09 (8 hours ago)	Honeypot hit: Empty payload (likely service probe); 5038 [1] TCP	Port Scan
🇺🇸 MPL	2026-06-15 02:20:17 (9 hours ago)	tcp/5038 (8 or more attempts)	Port Scan
🇹🇭 Sawasdee	2026-06-15 01:39:06 (10 hours ago)	Port Scan ...	Port Scan
🇩🇪 Justin F. \| AS204464	2026-06-15 01:29:03 (10 hours ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 5038 [1] TCP Reported by: Justin ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 5038 [1] TCP Reported by: Justin F. show less	Port Scan
🇬🇧 andypiper	2026-06-15 01:01:14 (11 hours ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇧🇾 StatsMe	2026-06-15 00:28:52 (11 hours ago)	2026-06-14T23:05:00.177940+0300 ET SCAN NMAP -sS window 1024	Port Scan
🇫🇷 Duggy_Tuxy🧱	2026-06-15 00:15:26 (11 hours ago)	[DS-BLKS-PROD01] Blocked by SysWarden Firewall (Port Scan / Probing)	Port Scan
🇫🇷 Soncraft	2026-06-14 22:34:58 (13 hours ago)	Blocked by UFW on Jellyfin [5038/tcp] Source port: 43405 TTL: 228 Packet length: 44 TOS: 0x08 This ... show more Blocked by UFW on Jellyfin [5038/tcp] Source port: 43405 TTL: 228 Packet length: 44 TOS: 0x08 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-06-14 21:14:50 (14 hours ago)	Blocked by UFW (TCP on 5038) Source port: 43405 TTL: 237 Packet length: 40 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 5038) Source port: 43405 TTL: 237 Packet length: 40 TOS: 0x00 This report (for 200.56.131.207) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 216 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 188.245.175.169

🇩🇪 31.76.27.231

🇭🇰 199.45.154.121

🇬🇧 185.216.145.174

🇺🇸 136.115.183.107

🇺🇸 136.109.117.160

🇧🇬 91.92.40.176

🇫🇷 87.253.237.172

🇷🇺 87.226.190.225

🇨🇦 85.217.149.64

🇧🇬 78.128.114.102

🇺🇸 66.132.172.216

🇻🇳 59.153.224.10

🇮🇳 49.47.130.13

🇸🇬 43.156.229.55

🇨🇳 1.58.122.185

🇲🇽 187.189.47.46

🇵🇱 185.54.102.192

🇬🇧 178.62.31.156

🇦🇷 152.169.82.37