167.249.20.1 - IPInfo

Basic Info

City: San Miguel

Region: San Miguel

Country: El Salvador

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
167.249.206.35	attack	Jan 11 05:49:22 grey postfix/smtpd\[9288\]: NOQUEUE: reject: RCPT from ip167-249-206-35.mentrix.com.br\[167.249.206.35\]: 554 5.7.1 Service unavailable\; Client host \[167.249.206.35\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[167.249.206.35\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-11 18:48:12
167.249.206.13	attack	Port Scan	2019-10-23 20:57:17

Type

Details

Datetime

167.249.206.35

attack

Jan 11 05:49:22 grey postfix/smtpd\[9288\]: NOQUEUE: reject: RCPT from ip167-249-206-35.mentrix.com.br\[167.249.206.35\]: 554 5.7.1 Service unavailable\; Client host \[167.249.206.35\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[167.249.206.35\]\; from=\ to=\ proto=ESMTP helo=\
...

2020-01-11 18:48:12

167.249.206.13

attack

Port Scan

2019-10-23 20:57:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.249.20.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31309
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;167.249.20.1.			IN	A

;; AUTHORITY SECTION:
.			226	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023080900 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 10 01:59:07 CST 2023
;; MSG SIZE  rcvd: 105

Host info

Host 1.20.249.167.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.20.249.167.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
42.56.70.168	attackspam	$f2bV_matches	2020-03-19 02:45:55
177.72.13.80	attackspambots	SSH login attempts with user root.	2020-03-19 03:02:17
106.12.48.217	attackbotsspam	Mar 18 08:25:32 server1 sshd\[11518\]: Invalid user influxdb from 106.12.48.217 Mar 18 08:25:32 server1 sshd\[11518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 Mar 18 08:25:34 server1 sshd\[11518\]: Failed password for invalid user influxdb from 106.12.48.217 port 47616 ssh2 Mar 18 08:29:27 server1 sshd\[12495\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=root Mar 18 08:29:29 server1 sshd\[12495\]: Failed password for root from 106.12.48.217 port 60872 ssh2 ...	2020-03-19 02:34:09
183.77.139.175	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 18-03-2020 17:00:39.	2020-03-19 02:59:55
113.184.40.133	attackbotsspam	Honeypot attack, port: 81, PTR: static.vnpt.vn.	2020-03-19 02:39:27
91.103.248.25	attackbots	1584536869 - 03/18/2020 14:07:49 Host: 91.103.248.25/91.103.248.25 Port: 445 TCP Blocked	2020-03-19 03:00:27
222.186.52.86	attackspambots	Mar 18 14:35:24 ny01 sshd[3521]: Failed password for root from 222.186.52.86 port 31027 ssh2 Mar 18 14:36:30 ny01 sshd[3942]: Failed password for root from 222.186.52.86 port 38873 ssh2	2020-03-19 02:58:38
2606:4700:20::681a:56	spam	AGAIN and AGAIN and ALWAYS the same REGISTRARS as namecheap.com, whoisguard.com, namesilo.com, privacyguardian.org and cloudflare.com TO STOP IMMEDIATELY for keeping SPAMMERS, LIERS, ROBERS and else since too many years ! The cheapest service, as usual... And Link as usual by bit.ly to delette IMMEDIATELY too ! MARRE de ces ORDURES et autres FILS de PUTE genre SOUS MERDES capables de POLLUER STUPIDEMENT pour ne pas dire CONNEMENT la Planète par des POURRIELS INUTILES sur des listes VOLÉES on ne sait où et SANS notre accord ! surfsupport.club => namecheap.com => whoisguard.com surfsupport.club => 192.64.119.6 162.255.119.153 => namecheap.com https://www.mywot.com/scorecard/surfsupport.club https://www.mywot.com/scorecard/namecheap.com https://www.mywot.com/scorecard/whoisguard.com https://en.asytech.cn/check-ip/162.255.119.153 AS USUAL since few days for PHISHING and SCAM send to : http://bit.ly/412dd4z which resend to : https://enticingse.com/fr-carrefour/?s1=16T&s2=d89bb555-d96f-468b-b60b-1dc635000f2b&s3=&s4=&s5=&Fname=&Lname=&Email=#/0 enticingse.com => namesilo.com => privacyguardian.org enticingse.com => 104.27.177.33 104.27.177.33 => cloudflare.com namesilo.com => 104.17.175.85 privacyguardian.org => 2606:4700:20::681a:56 => cloudflare.com https://www.mywot.com/scorecard/enticingse.com https://www.mywot.com/scorecard/namesilo.com https://www.mywot.com/scorecard/privacyguardian.org https://www.mywot.com/scorecard/cloudflare.com https://en.asytech.cn/check-ip/104.27.177.33 https://en.asytech.cn/check-ip/2606:4700:20::681a:56	2020-03-19 03:06:56
193.37.255.114	attack	" "	2020-03-19 02:36:39
31.14.142.162	attackspambots	Mar 18 19:32:25 ns3042688 sshd\[15578\]: Invalid user cpanelphpmyadmin from 31.14.142.162 Mar 18 19:32:25 ns3042688 sshd\[15578\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.14.142.162 Mar 18 19:32:27 ns3042688 sshd\[15578\]: Failed password for invalid user cpanelphpmyadmin from 31.14.142.162 port 39403 ssh2 Mar 18 19:36:38 ns3042688 sshd\[15939\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.14.142.162 user=root Mar 18 19:36:40 ns3042688 sshd\[15939\]: Failed password for root from 31.14.142.162 port 49656 ssh2 ...	2020-03-19 03:01:01
190.208.32.110	attack	Mar 18 17:59:56 xeon sshd[57878]: Failed password for invalid user chris from 190.208.32.110 port 51922 ssh2	2020-03-19 02:47:57
51.15.204.102	attackspambots	Mar 15 17:15:59 mx01 sshd[21415]: reveeclipse mapping checking getaddrinfo for 102-204-15-51.rev.cloud.scaleway.com [51.15.204.102] failed - POSSIBLE BREAK-IN ATTEMPT! Mar 15 17:15:59 mx01 sshd[21415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.204.102 user=r.r Mar 15 17:16:01 mx01 sshd[21415]: Failed password for r.r from 51.15.204.102 port 51982 ssh2 Mar 15 17:16:01 mx01 sshd[21415]: Received disconnect from 51.15.204.102: 11: Bye Bye [preauth] Mar 15 17:16:02 mx01 sshd[21434]: reveeclipse mapping checking getaddrinfo for 102-204-15-51.rev.cloud.scaleway.com [51.15.204.102] failed - POSSIBLE BREAK-IN ATTEMPT! Mar 15 17:16:02 mx01 sshd[21434]: Invalid user admin from 51.15.204.102 Mar 15 17:16:02 mx01 sshd[21434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.204.102 Mar 15 17:16:04 mx01 sshd[21434]: Failed password for invalid user admin from 51.15.204.102 port 56708 s........ -------------------------------	2020-03-19 02:38:41
103.44.15.89	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-19 02:46:11
116.109.5.47	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-19 03:06:59
139.59.188.207	attack	SSH brutforce	2020-03-19 03:10:10

Recently Reported IPs

167.249.20.13	113.190.54.236	132.147.202.74	242.129.246.114
155.111.148.119	217.91.231.254	71.140.13.210	174.85.233.112
213.233.110.203	222.10.96.11	36.82.98.152	63.95.240.158
77.220.32.242	183.253.225.247	95.111.194.65	57.199.245.218
39.108.187.166	181.46.164.19	181.143.201.80	186.143.201.80