167.249.20.1 - IPInfo

Basic Info

City: San Miguel

Region: San Miguel

Country: El Salvador

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
167.249.206.35	attack	Jan 11 05:49:22 grey postfix/smtpd\[9288\]: NOQUEUE: reject: RCPT from ip167-249-206-35.mentrix.com.br\[167.249.206.35\]: 554 5.7.1 Service unavailable\; Client host \[167.249.206.35\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[167.249.206.35\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-11 18:48:12
167.249.206.13	attack	Port Scan	2019-10-23 20:57:17

Type

Details

Datetime

167.249.206.35

attack

Jan 11 05:49:22 grey postfix/smtpd\[9288\]: NOQUEUE: reject: RCPT from ip167-249-206-35.mentrix.com.br\[167.249.206.35\]: 554 5.7.1 Service unavailable\; Client host \[167.249.206.35\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[167.249.206.35\]\; from=\ to=\ proto=ESMTP helo=\
...

2020-01-11 18:48:12

167.249.206.13

attack

Port Scan

2019-10-23 20:57:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.249.20.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31309
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;167.249.20.1.			IN	A

;; AUTHORITY SECTION:
.			226	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023080900 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 10 01:59:07 CST 2023
;; MSG SIZE  rcvd: 105

Host info

Host 1.20.249.167.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.20.249.167.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
141.98.9.137	attackbotsspam	Jun 5 10:05:31 IngegnereFirenze sshd[32442]: Failed password for invalid user operator from 141.98.9.137 port 35224 ssh2 ...	2020-06-05 18:19:32
51.210.15.231	attackspambots	TCP (SYN) 51.210.15.231:53597 -> port 60000, len 44	2020-06-05 17:55:45
107.170.91.121	attackbotsspam	(sshd) Failed SSH login from 107.170.91.121 (US/United States/bootstit.ch): 5 in the last 3600 secs	2020-06-05 18:02:58
190.113.142.197	attackspam	$f2bV_matches	2020-06-05 18:01:28
201.247.123.54	attack	(country_code/El/-) SMTP Bruteforcing attempts	2020-06-05 17:49:39
111.229.190.111	attackbots	SSH Brute-Force Attack	2020-06-05 17:59:04
212.83.158.206	attackbotsspam	[2020-06-05 05:33:18] NOTICE[1288][C-000008da] chan_sip.c: Call from '' (212.83.158.206:62420) to extension '99995011972592277524' rejected because extension not found in context 'public'. [2020-06-05 05:33:18] SECURITY[1303] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-06-05T05:33:18.718-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="99995011972592277524",SessionID="0x7f4d7403c148",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/212.83.158.206/62420",ACLName="no_extension_match" [2020-06-05 05:37:33] NOTICE[1288][C-000008db] chan_sip.c: Call from '' (212.83.158.206:56121) to extension '99991011972592277524' rejected because extension not found in context 'public'. ...	2020-06-05 17:53:52
49.88.112.76	attack	2020-06-05T10:18:08.339503shield sshd\[7638\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.76 user=root 2020-06-05T10:18:09.755261shield sshd\[7638\]: Failed password for root from 49.88.112.76 port 31270 ssh2 2020-06-05T10:18:12.033186shield sshd\[7638\]: Failed password for root from 49.88.112.76 port 31270 ssh2 2020-06-05T10:18:13.919198shield sshd\[7638\]: Failed password for root from 49.88.112.76 port 31270 ssh2 2020-06-05T10:19:56.006598shield sshd\[7868\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.76 user=root	2020-06-05 18:21:22
73.67.179.188	attack	Jun 5 05:47:51 haigwepa sshd[15142]: Failed password for root from 73.67.179.188 port 40854 ssh2 ...	2020-06-05 18:17:12
58.250.0.73	attack	Jun 5 11:57:07 webhost01 sshd[2176]: Failed password for root from 58.250.0.73 port 43238 ssh2 ...	2020-06-05 18:10:32
88.214.26.53	attack	TCP (SYN) 88.214.26.53:42952 -> port 3389, len 44	2020-06-05 17:58:48
79.104.44.202	attack	Jun 5 07:57:52 santamaria sshd\[23570\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.104.44.202 user=root Jun 5 07:57:54 santamaria sshd\[23570\]: Failed password for root from 79.104.44.202 port 52748 ssh2 Jun 5 08:01:46 santamaria sshd\[23653\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.104.44.202 user=root ...	2020-06-05 17:50:22
106.12.133.103	attackbotsspam	Jun 5 10:22:07 gw1 sshd[5243]: Failed password for root from 106.12.133.103 port 48730 ssh2 ...	2020-06-05 17:55:17
218.164.215.74	attack	TCP (SYN) 218.164.215.74:22552 -> port 37215, len 40	2020-06-05 17:50:45
201.148.246.82	attack	(BR/Brazil/-) SMTP Bruteforcing attempts	2020-06-05 17:54:58

Recently Reported IPs

167.249.20.13	113.190.54.236	132.147.202.74	242.129.246.114
155.111.148.119	217.91.231.254	71.140.13.210	174.85.233.112
213.233.110.203	222.10.96.11	36.82.98.152	63.95.240.158
77.220.32.242	183.253.225.247	95.111.194.65	57.199.245.218
39.108.187.166	181.46.164.19	181.143.201.80	186.143.201.80