1.1.158.142 - IPInfo

Basic Info

City: Bangkok

Region: Bangkok

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.1.158.132	attack	Unauthorized IMAP connection attempt	2020-01-16 22:02:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.1.158.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2687
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.1.158.142.			IN	A

;; AUTHORITY SECTION:
.			418	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022302 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 08:48:02 CST 2022
;; MSG SIZE  rcvd: 104

Host info

142.158.1.1.in-addr.arpa domain name pointer node-61a.pool-1-1.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.158.1.1.in-addr.arpa	name = node-61a.pool-1-1.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.75.248.251	attackspambots	10/13/2019-17:08:09.124063 51.75.248.251 Protocol: 6 ET SCAN Potential SSH Scan	2019-10-14 05:13:29
142.4.1.222	attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-10-14 05:03:17
46.38.144.32	attackspambots	Oct 13 23:22:31 relay postfix/smtpd\[25578\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 23:23:11 relay postfix/smtpd\[24455\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 23:26:09 relay postfix/smtpd\[9958\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 23:26:51 relay postfix/smtpd\[24951\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 23:29:53 relay postfix/smtpd\[9958\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-14 05:31:13
92.119.160.143	attackbotsspam	10/13/2019-17:12:37.865119 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-14 05:30:45
168.181.50.60	attack	Mar 15 01:01:14 yesfletchmain sshd\[7080\]: Invalid user steve from 168.181.50.60 port 13880 Mar 15 01:01:14 yesfletchmain sshd\[7080\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.50.60 Mar 15 01:01:16 yesfletchmain sshd\[7080\]: Failed password for invalid user steve from 168.181.50.60 port 13880 ssh2 Mar 15 01:07:36 yesfletchmain sshd\[7489\]: Invalid user admin from 168.181.50.60 port 12329 Mar 15 01:07:37 yesfletchmain sshd\[7489\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.50.60 ...	2019-10-14 04:58:32
202.187.144.145	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 13-10-2019 21:15:20.	2019-10-14 05:33:56
58.162.140.172	attack	Oct 14 00:00:28 sauna sshd[170248]: Failed password for root from 58.162.140.172 port 48394 ssh2 ...	2019-10-14 05:13:59
188.166.1.95	attackspambots	Automatic report - Banned IP Access	2019-10-14 05:36:36
150.109.43.226	attackbots	Drupal Core Remote Code Execution Vulnerability	2019-10-14 05:27:59
153.92.126.13	attackspam	Message ID <-G761r1Z.mx227.ipsusterte.com@cisco.com> Created at: Sun, Oct 13, 2019 at 11:46 AM (Delivered after -3600 seconds) From: milf_31 To: me@cisco.com.uk Subject: milf_31 sent you pictures SPF: SOFTFAIL with IP 153.92.126.13 Learn more DKIM: 'PASS' with domain mx227.ipsusterte.com Learn more DMARC: 'PASS' Learn more	2019-10-14 05:27:07
71.6.142.87	attackbotsspam	10/13/2019-22:15:13.009906 71.6.142.87 Protocol: 17 ET CINS Active Threat Intelligence Poor Reputation IP group 71	2019-10-14 05:39:13
106.12.221.86	attackbots	Oct 13 10:26:55 auw2 sshd\[17194\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.221.86 user=root Oct 13 10:26:56 auw2 sshd\[17194\]: Failed password for root from 106.12.221.86 port 34000 ssh2 Oct 13 10:30:47 auw2 sshd\[17498\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.221.86 user=root Oct 13 10:30:50 auw2 sshd\[17498\]: Failed password for root from 106.12.221.86 port 41954 ssh2 Oct 13 10:34:45 auw2 sshd\[17797\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.221.86 user=root	2019-10-14 05:36:56
106.12.21.212	attack	$f2bV_matches	2019-10-14 05:28:28
106.12.28.36	attackspam	Oct 13 22:11:06 MK-Soft-VM3 sshd[23699]: Failed password for root from 106.12.28.36 port 46510 ssh2 ...	2019-10-14 05:17:29
103.105.195.230	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-10-14 05:22:51

Recently Reported IPs

1.1.158.130	1.1.158.165	1.1.158.177	1.1.158.180
1.1.158.211	1.1.158.22	1.1.158.233	1.1.158.239
1.1.158.242	1.1.158.25	1.1.158.34	1.1.158.36
1.1.158.4	1.1.158.49	1.1.158.52	1.1.158.67
1.1.158.81	1.1.159.100	1.1.159.109	1.1.159.123