167.61.3.149 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Uruguay

Internet Service Provider: Administracion Nacional de Telecomunicaciones

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	1433/tcp [2019-10-30]1pkt	2019-10-30 21:48:31

Comments on same subnet:

IP	Type	Details	Datetime
167.61.36.112	attack	Honeypot attack, port: 445, PTR: r167-61-36-112.dialup.adsl.anteldata.net.uy.	2020-03-25 23:09:35
167.61.30.44	attack	Unauthorized connection attempt detected from IP address 167.61.30.44 to port 80	2019-12-29 18:22:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.61.3.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61738
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;167.61.3.149.			IN	A

;; AUTHORITY SECTION:
.			403	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019103000 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 30 21:48:25 CST 2019
;; MSG SIZE  rcvd: 116

Host info

149.3.61.167.in-addr.arpa domain name pointer r167-61-3-149.dialup.adsl.anteldata.net.uy.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.3.61.167.in-addr.arpa	name = r167-61-3-149.dialup.adsl.anteldata.net.uy.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.225.85.78	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-10 07:15:12
185.220.101.35	attack	02/09/2020-23:08:26.926343 185.220.101.35 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 32	2020-02-10 07:14:41
101.207.117.213	attackbotsspam	Feb 9 23:55:56 dcd-gentoo sshd[22163]: Invalid user appuser from 101.207.117.213 port 52792 Feb 9 23:58:25 dcd-gentoo sshd[22329]: Invalid user appuser from 101.207.117.213 port 40794 Feb 10 00:01:47 dcd-gentoo sshd[22556]: Invalid user appuser from 101.207.117.213 port 48487 ...	2020-02-10 07:25:04
78.186.49.146	attackspam	Honeypot attack, port: 81, PTR: 78.186.49.146.static.ttnet.com.tr.	2020-02-10 07:23:38
185.143.223.161	attack	Feb 10 00:26:01 grey postfix/smtpd\[18317\]: NOQUEUE: reject: RCPT from unknown\[185.143.223.161\]: 554 5.7.1 Service unavailable\; Client host \[185.143.223.161\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[185.143.223.161\]\; from=\ to=\ proto=ESMTP helo=\<\[185.143.223.97\]\>Feb 10 00:26:01 grey postfix/smtpd\[18317\]: NOQUEUE: reject: RCPT from unknown\[185.143.223.161\]: 554 5.7.1 Service unavailable\; Client host \[185.143.223.161\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[185.143.223.161\]\; from=\ to=\ proto=ESMTP helo=\<\[185.143.223.97\]\>Feb 10 00:26:01 grey postfix/smtpd\[18317\]: NOQUEUE: reject: RCPT from unknown\[185.143.223.161\]: 554 5.7.1 Service unavailable\; Client host \[185.143.223.161\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[185.143.223.161\]\; from=\ to=\< ...	2020-02-10 07:50:04
182.72.207.148	attack	Feb 9 17:39:33 plusreed sshd[15477]: Invalid user yid from 182.72.207.148 ...	2020-02-10 07:52:49
45.134.179.57	attackspam	Feb 10 00:00:47 debian-2gb-nbg1-2 kernel: \[3548483.424482\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.134.179.57 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=59477 PROTO=TCP SPT=40864 DPT=3989 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-10 07:18:34
51.68.229.123	attack	wp-login.php	2020-02-10 07:26:23
217.15.61.178	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-10 07:54:14
218.92.0.191	attack	Feb 10 00:25:53 dcd-gentoo sshd[24098]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Feb 10 00:25:55 dcd-gentoo sshd[24098]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Feb 10 00:25:53 dcd-gentoo sshd[24098]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Feb 10 00:25:55 dcd-gentoo sshd[24098]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Feb 10 00:25:53 dcd-gentoo sshd[24098]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Feb 10 00:25:55 dcd-gentoo sshd[24098]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Feb 10 00:25:55 dcd-gentoo sshd[24098]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 49209 ssh2 ...	2020-02-10 07:38:54
47.89.179.29	attack	wp-login.php	2020-02-10 07:37:17
96.126.103.73	attackspam	Unauthorized connection attempt from IP address 96.126.103.73 on Port 445(SMB)	2020-02-10 07:49:47
46.218.85.69	attackbotsspam	Feb 10 00:08:50 silence02 sshd[20095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.218.85.69 Feb 10 00:08:52 silence02 sshd[20095]: Failed password for invalid user jiu from 46.218.85.69 port 42639 ssh2 Feb 10 00:12:08 silence02 sshd[21530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.218.85.69	2020-02-10 07:25:40
87.222.71.215	attack	TCP port 1346: Scan and connection	2020-02-10 07:50:32
202.187.131.110	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-10 07:51:47

Recently Reported IPs

40.171.212.130	44.242.218.154	227.32.26.122	246.78.23.107
105.21.241.240	253.223.105.8	163.14.169.6	173.175.149.200
200.205.166.203	49.182.255.55	23.134.170.184	7.186.112.89
127.177.88.216	123.34.220.201	202.252.162.174	220.99.83.197
113.102.129.48	80.253.194.163	135.108.238.191	122.1.144.54