216.167.1.158 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
216.167.161.219	attackbotsspam	SSH login attempts.	2020-06-19 15:08:22
216.167.191.57	attackspam	Unauthorized connection attempt detected from IP address 216.167.191.57 to port 82 [J]	2020-01-21 20:40:30
216.167.162.37	attackbots	Sending SPAM email	2019-12-23 20:36:05
216.167.134.158	attack	2019-12-07T12:52:49.029734scmdmz1 sshd\[31859\]: Invalid user ssh from 216.167.134.158 port 34424 2019-12-07T12:52:49.032463scmdmz1 sshd\[31859\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=microfour.nts-online.net 2019-12-07T12:52:50.570964scmdmz1 sshd\[31859\]: Failed password for invalid user ssh from 216.167.134.158 port 34424 ssh2 ...	2019-12-07 20:11:42
216.167.162.37	attack	2019-08-10 17:26:58 H=(lolafitness.it) [216.167.162.37]:47762 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-08-10 17:27:00 H=(lolafitness.it) [216.167.162.37]:47762 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-08-10 17:27:02 H=(lolafitness.it) [216.167.162.37]:47762 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2019-08-11 11:11:49

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#


NetRange:       216.167.0.0 - 216.167.127.255
CIDR:           216.167.0.0/17
NetName:        NTTA-216-167
NetHandle:      NET-216-167-0-0-1
Parent:         NET216 (NET-216-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   NTT America, Inc. (NTTAM-1)
RegDate:        2001-02-06
Updated:        2023-10-04
Comment:        Geofeed https://geo.ip.gin.ntt.net/geofeeds/geofeeds.csv
Comment:        Reassignment information for this block is
Comment:        available at rwhois.gin.ntt.net port 4321
Ref:            https://rdap.arin.net/registry/ip/216.167.0.0



OrgName:        NTT America, Inc.
OrgId:          NTTAM-1
Address:        15809 Bear Creek Pkwy
Address:        Suite 320
City:           Redmond
StateProv:      WA
PostalCode:     98052
Country:        US
RegDate:        2005-12-08
Updated:        2024-03-04
Ref:            https://rdap.arin.net/registry/entity/NTTAM-1

ReferralServer:  rwhois://rwhois.gin.ntt.net:4321

OrgAbuseHandle: NAAC-ARIN
OrgAbuseName:   NTT America Abuse Contact
OrgAbusePhone:  +1-877-688-6625 
OrgAbuseEmail:  abuse@ntt.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/NAAC-ARIN

OrgTechHandle: VIPAR-ARIN
OrgTechName:   VIPAR
OrgTechPhone:  +1-877-688-6625 
OrgTechEmail:  ipr@gin.ntt.net
OrgTechRef:    https://rdap.arin.net/registry/entity/VIPAR-ARIN

OrgNOCHandle: NASC-ARIN
OrgNOCName:   NTT America Support Contact
OrgNOCPhone:  +1-877-688-6625 
OrgNOCEmail:  ce-support@gin.ntt.net
OrgNOCRef:    https://rdap.arin.net/registry/entity/NASC-ARIN

OrgTechHandle: CANDE70-ARIN
OrgTechName:   Candela, Massimo 
OrgTechPhone:  +1-214-915-1366 
OrgTechEmail:  massimo@ntt.net
OrgTechRef:    https://rdap.arin.net/registry/entity/CANDE70-ARIN

OrgRoutingHandle: PEERI-ARIN
OrgRoutingName:   Peering
OrgRoutingPhone:  +1-877-688-6625 
OrgRoutingEmail:  peering@ntt.net
OrgRoutingRef:    https://rdap.arin.net/registry/entity/PEERI-ARIN

RTechHandle: VIA4-ORG-ARIN
RTechName:   VIPAR
RTechPhone:  +1-877-688-6625 
RTechEmail:  ipr@gin.ntt.net
RTechRef:    https://rdap.arin.net/registry/entity/VIA4-ORG-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#



Found a referral to rwhois.gin.ntt.net:4321.

%rwhois V-1.5:0078b6:00 rwhois.gin.ntt.net (Vipar 0.1a. Comments to ipr@gin.ntt.net)
network:Class-Name:network
network:Auth-Area:216.167.0.0/17
network:ID:NETBLK-USV4-216-167-000.127.0.0.1/32
network:Handle:NETBLK-USV4-216-167-000
network:Network-Name:USV4-216-167-000
network:IP-Network:216.167.0.0/17
network:In-Addr-Server;I:GIN1-HST.127.0.0.1/32
network:In-Addr-Server;I:GIN2-HST.127.0.0.1/32
network:In-Addr-Server;I:GIN3-HST.127.0.0.1/32
network:In-Addr-Server;I:GIN4-HST.127.0.0.1/32
network:In-Addr-Server;I:GIN5-HST.127.0.0.1/32
network:IP-Network-Block:216.167.0.0 - 216.167.127.255
network:Org-Name:NTT DATA
network:Street-Address:8300 E Maplewood Ave. Suite 400
network:City:Greenwood Village
network:State:CO
network:Postal-Code:80111
network:Country-Code:US
network:Tech-Contact;I:GIN-BBV4.127.0.0.1/32
network:Created:2000-05-23 06:26:41+00
network:Updated:2025-07-11 13:36:18.422828+00

%ok

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 216.167.1.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1396
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;216.167.1.158.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026031000 1800 900 604800 86400

;; Query time: 9 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 11 01:27:40 CST 2026
;; MSG SIZE  rcvd: 106

Host info

Host 158.1.167.216.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

server can't find 216.167.1.158.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.75.86.217	attackspam	2019-09-09T11:45:44.472841abusebot-5.cloudsearch.cf sshd\[21956\]: Invalid user web from 106.75.86.217 port 35508	2019-09-09 19:54:49
112.17.160.200	attackbots	Sep 9 01:41:53 eddieflores sshd\[6351\]: Invalid user vnc from 112.17.160.200 Sep 9 01:41:53 eddieflores sshd\[6351\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.17.160.200 Sep 9 01:41:55 eddieflores sshd\[6351\]: Failed password for invalid user vnc from 112.17.160.200 port 45644 ssh2 Sep 9 01:48:36 eddieflores sshd\[6924\]: Invalid user zabbix from 112.17.160.200 Sep 9 01:48:36 eddieflores sshd\[6924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.17.160.200	2019-09-09 19:57:40
92.222.71.125	attack	Sep 8 19:42:26 web1 sshd\[9756\]: Invalid user ftpuser from 92.222.71.125 Sep 8 19:42:26 web1 sshd\[9756\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.71.125 Sep 8 19:42:27 web1 sshd\[9756\]: Failed password for invalid user ftpuser from 92.222.71.125 port 59442 ssh2 Sep 8 19:48:18 web1 sshd\[10343\]: Invalid user developer from 92.222.71.125 Sep 8 19:48:18 web1 sshd\[10343\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.71.125	2019-09-09 20:03:22
106.12.210.229	attackbots	Sep 9 13:38:37 dedicated sshd[29324]: Invalid user 1 from 106.12.210.229 port 38866	2019-09-09 19:50:51
49.146.40.222	attackspam	Unauthorized connection attempt from IP address 49.146.40.222 on Port 445(SMB)	2019-09-09 19:58:35
125.166.94.98	attack	Unauthorized connection attempt from IP address 125.166.94.98 on Port 445(SMB)	2019-09-09 19:24:10
182.61.15.70	attackspambots	Sep 9 06:43:52 v11 sshd[16707]: Invalid user user from 182.61.15.70 port 51966 Sep 9 06:43:54 v11 sshd[16707]: Failed password for invalid user user from 182.61.15.70 port 51966 ssh2 Sep 9 06:43:54 v11 sshd[16707]: Received disconnect from 182.61.15.70 port 51966:11: Bye Bye [preauth] Sep 9 06:43:54 v11 sshd[16707]: Disconnected from 182.61.15.70 port 51966 [preauth] Sep 9 06:46:10 v11 sshd[16790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.15.70 user=r.r Sep 9 06:46:11 v11 sshd[16790]: Failed password for r.r from 182.61.15.70 port 39498 ssh2 Sep 9 06:46:11 v11 sshd[16790]: Received disconnect from 182.61.15.70 port 39498:11: Bye Bye [preauth] Sep 9 06:46:11 v11 sshd[16790]: Disconnected from 182.61.15.70 port 39498 [preauth] Sep 9 06:49:41 v11 sshd[17019]: Invalid user usuario from 182.61.15.70 port 55280 Sep 9 06:49:43 v11 sshd[17019]: Failed password for invalid user usuario from 182.61.15.70 port 55280 ........ -------------------------------	2019-09-09 19:34:29
187.188.193.211	attackspambots	Sep 9 13:49:31 vps647732 sshd[19914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.188.193.211 Sep 9 13:49:32 vps647732 sshd[19914]: Failed password for invalid user developer from 187.188.193.211 port 59456 ssh2 ...	2019-09-09 19:59:10
118.97.79.218	attackspam	Unauthorized connection attempt from IP address 118.97.79.218 on Port 445(SMB)	2019-09-09 19:53:17
51.254.123.131	attackbots	Sep 9 07:54:26 eventyay sshd[22474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.123.131 Sep 9 07:54:28 eventyay sshd[22474]: Failed password for invalid user test123! from 51.254.123.131 port 55752 ssh2 Sep 9 07:59:49 eventyay sshd[22612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.123.131 ...	2019-09-09 19:21:12
141.98.9.67	attackspambots	Sep 9 13:15:51 relay postfix/smtpd\[32260\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 13:16:15 relay postfix/smtpd\[32308\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 13:16:34 relay postfix/smtpd\[11731\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 13:16:57 relay postfix/smtpd\[30848\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 13:17:16 relay postfix/smtpd\[11732\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-09 19:32:58
115.94.141.62	attackbotsspam	Sep 9 01:46:48 hcbb sshd\[13642\]: Invalid user mcadmin from 115.94.141.62 Sep 9 01:46:49 hcbb sshd\[13642\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.141.62 Sep 9 01:46:51 hcbb sshd\[13642\]: Failed password for invalid user mcadmin from 115.94.141.62 port 55184 ssh2 Sep 9 01:53:34 hcbb sshd\[14233\]: Invalid user sinus from 115.94.141.62 Sep 9 01:53:34 hcbb sshd\[14233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.141.62	2019-09-09 20:12:38
125.163.208.225	attackbotsspam	Unauthorized connection attempt from IP address 125.163.208.225 on Port 445(SMB)	2019-09-09 19:54:28
203.210.197.189	attack	Unauthorized connection attempt from IP address 203.210.197.189 on Port 445(SMB)	2019-09-09 19:56:13
207.195.247.4	attackspam	Posted spammy content - typically SEO webspam	2019-09-09 19:35:32

Recently Reported IPs

47.92.232.117	36.43.201.192	159.65.156.72	139.59.67.232
68.183.81.163	157.245.108.89	38.34.8.202	52.87.243.92
139.59.66.30	157.245.243.118	139.59.89.35	116.76.37.65
34.58.19.223	192.81.168.2	41.59.227.69	167.71.230.20
159.65.156.134	216.167.83.137	1.9.4.61	58.35.19.126