168.243.91.20 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: El Salvador

Internet Service Provider: Svnet

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	2020-03-27T03:59:27.902371shield sshd\[8522\]: Invalid user lqp from 168.243.91.20 port 50015 2020-03-27T03:59:27.911520shield sshd\[8522\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail2.pddh.gob.sv 2020-03-27T03:59:29.406078shield sshd\[8522\]: Failed password for invalid user lqp from 168.243.91.20 port 50015 ssh2 2020-03-27T04:02:32.706876shield sshd\[9402\]: Invalid user wol from 168.243.91.20 port 49082 2020-03-27T04:02:32.714165shield sshd\[9402\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail2.pddh.gob.sv	2020-03-27 12:27:37

Type

Details

Datetime

attackbotsspam

2020-03-27T03:59:27.902371shield sshd\[8522\]: Invalid user lqp from 168.243.91.20 port 50015
2020-03-27T03:59:27.911520shield sshd\[8522\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail2.pddh.gob.sv
2020-03-27T03:59:29.406078shield sshd\[8522\]: Failed password for invalid user lqp from 168.243.91.20 port 50015 ssh2
2020-03-27T04:02:32.706876shield sshd\[9402\]: Invalid user wol from 168.243.91.20 port 49082
2020-03-27T04:02:32.714165shield sshd\[9402\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail2.pddh.gob.sv

2020-03-27 12:27:37

Comments on same subnet:

IP	Type	Details	Datetime
168.243.91.19	attack	2020-03-23T23:50:04.278392whonock.onlinehub.pt sshd[4465]: Invalid user rico from 168.243.91.19 port 56500 2020-03-23T23:50:04.281440whonock.onlinehub.pt sshd[4465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 2020-03-23T23:50:04.278392whonock.onlinehub.pt sshd[4465]: Invalid user rico from 168.243.91.19 port 56500 2020-03-23T23:50:06.966338whonock.onlinehub.pt sshd[4465]: Failed password for invalid user rico from 168.243.91.19 port 56500 ssh2 2020-03-24T00:01:28.805549whonock.onlinehub.pt sshd[5548]: Invalid user magda from 168.243.91.19 port 56023 2020-03-24T00:01:28.810073whonock.onlinehub.pt sshd[5548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 2020-03-24T00:01:28.805549whonock.onlinehub.pt sshd[5548]: Invalid user magda from 168.243.91.19 port 56023 2020-03-24T00:01:30.727510whonock.onlinehub.pt sshd[5548]: Failed password for invalid user magda from 168.243.91.19 ...	2020-03-24 08:48:43
168.243.91.19	attackbotsspam	2020-03-17 19:21:46,583 fail2ban.actions: WARNING [ssh] Ban 168.243.91.19	2020-03-18 02:56:02
168.243.91.19	attackspam	$f2bV_matches	2020-03-10 00:43:12
168.243.91.19	attackbots	2020-03-07T05:54:44.577490ns386461 sshd\[2068\]: Invalid user pi from 168.243.91.19 port 38582 2020-03-07T05:54:44.582143ns386461 sshd\[2068\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 2020-03-07T05:54:46.135106ns386461 sshd\[2068\]: Failed password for invalid user pi from 168.243.91.19 port 38582 ssh2 2020-03-07T05:57:44.289851ns386461 sshd\[5039\]: Invalid user thomson from 168.243.91.19 port 59984 2020-03-07T05:57:44.294402ns386461 sshd\[5039\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 ...	2020-03-07 14:05:31
168.243.91.19	attackspambots	Feb 20 20:42:22 hpm sshd\[28726\]: Invalid user nxautomation from 168.243.91.19 Feb 20 20:42:22 hpm sshd\[28726\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 Feb 20 20:42:24 hpm sshd\[28726\]: Failed password for invalid user nxautomation from 168.243.91.19 port 56753 ssh2 Feb 20 20:45:49 hpm sshd\[29052\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 user=man Feb 20 20:45:51 hpm sshd\[29052\]: Failed password for man from 168.243.91.19 port 43099 ssh2	2020-02-21 14:52:26
168.243.91.19	attackspambots	Dec 17 16:22:58 web8 sshd\[4652\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 user=root Dec 17 16:22:59 web8 sshd\[4652\]: Failed password for root from 168.243.91.19 port 39715 ssh2 Dec 17 16:29:09 web8 sshd\[7501\]: Invalid user yosef from 168.243.91.19 Dec 17 16:29:09 web8 sshd\[7501\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 Dec 17 16:29:11 web8 sshd\[7501\]: Failed password for invalid user yosef from 168.243.91.19 port 44258 ssh2	2019-12-18 00:33:06
168.243.91.19	attackspam	Dec 16 07:33:07 sachi sshd\[17021\]: Invalid user fitzsimons from 168.243.91.19 Dec 16 07:33:07 sachi sshd\[17021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 Dec 16 07:33:09 sachi sshd\[17021\]: Failed password for invalid user fitzsimons from 168.243.91.19 port 53331 ssh2 Dec 16 07:39:29 sachi sshd\[17715\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 user=sshd Dec 16 07:39:31 sachi sshd\[17715\]: Failed password for sshd from 168.243.91.19 port 56873 ssh2	2019-12-17 01:53:09
168.243.91.19	attackspambots	$f2bV_matches	2019-12-15 05:38:06
168.243.91.19	attackbots	Dec 8 16:56:05 v22018086721571380 sshd[29299]: Failed password for invalid user fansler from 168.243.91.19 port 56485 ssh2	2019-12-09 00:21:56
168.243.91.19	attackbots	Dec 6 16:38:54 markkoudstaal sshd[27295]: Failed password for root from 168.243.91.19 port 47349 ssh2 Dec 6 16:44:55 markkoudstaal sshd[27990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 Dec 6 16:44:56 markkoudstaal sshd[27990]: Failed password for invalid user kojuro from 168.243.91.19 port 51790 ssh2	2019-12-07 00:01:13
168.243.91.19	attack	Dec 5 00:13:16 heissa sshd\[16691\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 user=root Dec 5 00:13:18 heissa sshd\[16691\]: Failed password for root from 168.243.91.19 port 57036 ssh2 Dec 5 00:22:48 heissa sshd\[18176\]: Invalid user cloud from 168.243.91.19 port 44205 Dec 5 00:22:48 heissa sshd\[18176\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 Dec 5 00:22:50 heissa sshd\[18176\]: Failed password for invalid user cloud from 168.243.91.19 port 44205 ssh2	2019-12-05 07:34:27
168.243.91.19	attack	Dec 3 23:26:16 ns3042688 sshd\[4897\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 user=root Dec 3 23:26:18 ns3042688 sshd\[4897\]: Failed password for root from 168.243.91.19 port 43039 ssh2 Dec 3 23:32:14 ns3042688 sshd\[6510\]: Invalid user sdtdserver from 168.243.91.19 Dec 3 23:32:14 ns3042688 sshd\[6510\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 Dec 3 23:32:15 ns3042688 sshd\[6510\]: Failed password for invalid user sdtdserver from 168.243.91.19 port 48410 ssh2 ...	2019-12-04 06:33:44
168.243.91.19	attack	Nov 26 07:37:32 markkoudstaal sshd[17413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 Nov 26 07:37:34 markkoudstaal sshd[17413]: Failed password for invalid user lewison from 168.243.91.19 port 37583 ssh2 Nov 26 07:44:40 markkoudstaal sshd[18172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19	2019-11-26 19:45:22
168.243.91.19	attack	Nov 23 00:55:48 MK-Soft-VM6 sshd[10037]: Failed password for root from 168.243.91.19 port 33603 ssh2 ...	2019-11-23 08:27:04
168.243.91.19	attack	2019-11-21T05:42:21.367291shield sshd\[18727\]: Invalid user bef3968 from 168.243.91.19 port 48939 2019-11-21T05:42:21.372731shield sshd\[18727\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19 2019-11-21T05:42:24.113627shield sshd\[18727\]: Failed password for invalid user bef3968 from 168.243.91.19 port 48939 ssh2 2019-11-21T05:46:27.052209shield sshd\[19009\]: Invalid user sacawa from 168.243.91.19 port 38801 2019-11-21T05:46:27.057908shield sshd\[19009\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.243.91.19	2019-11-21 14:01:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 168.243.91.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14020
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;168.243.91.20.			IN	A

;; AUTHORITY SECTION:
.			401	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032601 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 27 12:27:33 CST 2020
;; MSG SIZE  rcvd: 117

Host info

20.91.243.168.in-addr.arpa domain name pointer mail2.pddh.gob.sv.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.91.243.168.in-addr.arpa	name = mail2.pddh.gob.sv.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.180.123.227	attackbots	Aug 4 21:44:15 ns381471 sshd[4301]: Failed password for root from 180.180.123.227 port 45155 ssh2	2020-08-05 06:34:18
49.235.221.172	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-04T20:31:47Z and 2020-08-04T20:39:08Z	2020-08-05 06:36:22
45.129.33.13	attackspam	Multiport scan : 39 ports scanned 1703 1706 1711 1712 1716 1720 1725 1727 1728 1731 1732 1734 1736 1737 1738 1740 1741 1743 1744 1745 1746 1747 1749 1750 1753 1762 1766 1768 1780 1783 1784 1789 1792 1793 1794 1797 1798 1868 1871	2020-08-05 06:31:06
178.128.217.135	attackspambots	Aug 4 19:50:38 vps46666688 sshd[8742]: Failed password for root from 178.128.217.135 port 59028 ssh2 ...	2020-08-05 06:59:47
202.153.37.194	attackspambots	Aug 4 21:04:37 localhost sshd\[8216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.153.37.194 user=root Aug 4 21:04:39 localhost sshd\[8216\]: Failed password for root from 202.153.37.194 port 19719 ssh2 Aug 4 21:17:05 localhost sshd\[8456\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.153.37.194 user=root ...	2020-08-05 06:56:05
218.92.0.203	attack	2020-08-04T23:48:15.811895vps751288.ovh.net sshd\[26465\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.203 user=root 2020-08-04T23:48:17.600785vps751288.ovh.net sshd\[26465\]: Failed password for root from 218.92.0.203 port 41634 ssh2 2020-08-04T23:48:20.278356vps751288.ovh.net sshd\[26465\]: Failed password for root from 218.92.0.203 port 41634 ssh2 2020-08-04T23:48:22.368866vps751288.ovh.net sshd\[26465\]: Failed password for root from 218.92.0.203 port 41634 ssh2 2020-08-04T23:53:14.859665vps751288.ovh.net sshd\[26537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.203 user=root	2020-08-05 06:26:37
106.54.191.247	attackbotsspam	detected by Fail2Ban	2020-08-05 06:46:54
89.248.162.247	attackspam	TCP (SYN) 89.248.162.247:50377 -> port 22, len 44	2020-08-05 06:47:17
106.12.69.53	attackspam	2020-08-03T21:52:37.368645hostname sshd[74794]: Failed password for root from 106.12.69.53 port 44646 ssh2 ...	2020-08-05 06:31:49
180.76.103.247	attack	Aug 4 23:40:38 dev0-dcde-rnet sshd[18236]: Failed password for root from 180.76.103.247 port 53564 ssh2 Aug 4 23:43:31 dev0-dcde-rnet sshd[18275]: Failed password for root from 180.76.103.247 port 42016 ssh2	2020-08-05 06:49:03
222.186.175.151	attackspam	Aug 5 00:15:36 nas sshd[31365]: Failed password for root from 222.186.175.151 port 26408 ssh2 Aug 5 00:15:42 nas sshd[31365]: Failed password for root from 222.186.175.151 port 26408 ssh2 Aug 5 00:15:47 nas sshd[31365]: Failed password for root from 222.186.175.151 port 26408 ssh2 Aug 5 00:15:50 nas sshd[31365]: Failed password for root from 222.186.175.151 port 26408 ssh2 ...	2020-08-05 06:28:48
51.15.226.137	attackspambots	2020-08-04T11:36:19.733830correo.[domain] sshd[4240]: Failed password for root from 51.15.226.137 port 39902 ssh2 2020-08-04T11:39:33.994518correo.[domain] sshd[4925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.226.137 user=root 2020-08-04T11:39:35.514727correo.[domain] sshd[4925]: Failed password for root from 51.15.226.137 port 40084 ssh2 ...	2020-08-05 06:54:19
5.58.16.212	attack	1596563729 - 08/04/2020 19:55:29 Host: 5.58.16.212/5.58.16.212 Port: 445 TCP Blocked	2020-08-05 06:39:08
51.195.53.216	attackbots	Aug 4 23:58:11 ip40 sshd[14028]: Failed password for root from 51.195.53.216 port 45830 ssh2 ...	2020-08-05 06:51:40
3.80.80.98	attackspam	Looks like invalid Webpage scraping	2020-08-05 06:50:04

Recently Reported IPs

39.217.69.25	145.112.182.144	110.111.173.91	31.82.162.136
15.8.55.248	132.179.200.251	60.215.31.40	67.149.57.37
159.203.219.38	58.17.250.96	25.138.152.158	51.38.131.68
54.37.71.204	14.221.173.223	218.64.210.230	14.183.99.51
125.163.208.194	110.167.30.110	58.247.201.25	115.56.111.254