58.11.2.18 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: True Internet Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH login attempts.	2020-02-17 19:47:21

Comments on same subnet:

IP	Type	Details	Datetime
58.11.2.52	attack	lfd: (smtpauth) Failed SMTP AUTH login from 58.11.2.52 (TH/Thailand/ppp-58-11-2-52.revip2.asianet.co.th): 5 in the last 3600 secs - Fri Nov 30 16:11:22 2018	2020-02-07 05:13:05
58.11.22.248	attackbotsspam	19/11/17@17:44:46: FAIL: IoT-Telnet address from=58.11.22.248 ...	2019-11-18 07:01:19
58.11.29.170	attackbots	Sun, 21 Jul 2019 07:35:06 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 01:56:51

Type

Details

Datetime

58.11.2.52

attack

lfd: (smtpauth) Failed SMTP AUTH login from 58.11.2.52 (TH/Thailand/ppp-58-11-2-52.revip2.asianet.co.th): 5 in the last 3600 secs - Fri Nov 30 16:11:22 2018

2020-02-07 05:13:05

58.11.22.248

attackbotsspam

19/11/17@17:44:46: FAIL: IoT-Telnet address from=58.11.22.248
...

2019-11-18 07:01:19

58.11.29.170

attackbots

Sun, 21 Jul 2019 07:35:06 +0000 likely compromised host or open proxy. ddos rate spidering

2019-07-22 01:56:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.11.2.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10207
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.11.2.18.			IN	A

;; AUTHORITY SECTION:
.			539	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021700 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 17 19:47:12 CST 2020
;; MSG SIZE  rcvd: 114

Host info

18.2.11.58.in-addr.arpa domain name pointer ppp-58-11-2-18.revip2.asianet.co.th.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
18.2.11.58.in-addr.arpa	name = ppp-58-11-2-18.revip2.asianet.co.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.79.156.90	attackspambots	Sep 11 23:14:12 sshgateway sshd\[31459\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps-b1e1dbaf.vps.ovh.ca user=root Sep 11 23:14:14 sshgateway sshd\[31459\]: Failed password for root from 51.79.156.90 port 57816 ssh2 Sep 11 23:18:29 sshgateway sshd\[32113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps-b1e1dbaf.vps.ovh.ca user=root	2020-09-12 15:42:44
106.13.226.152	attackspam	TCP (SYN) 106.13.226.152:48657 -> port 7326, len 44	2020-09-12 15:51:55
193.169.253.138	attackbots	Lines containing failures of 193.169.253.138 Sep 11 1 postfix/smtpd[15537]: connect from unknown[193.169.253.138] Sep 11 1 postfix/smtpd[15537]: lost connection after AUTH from unknown[193.169.253.138]	2020-09-12 16:09:40
93.108.242.140	attack	<6 unauthorized SSH connections	2020-09-12 15:59:40
152.136.196.155	attackbots	Sep 12 04:00:29 ws24vmsma01 sshd[7379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.196.155 Sep 12 04:00:30 ws24vmsma01 sshd[7379]: Failed password for invalid user admin from 152.136.196.155 port 54824 ssh2 ...	2020-09-12 15:54:49
119.5.157.124	attack	$f2bV_matches	2020-09-12 15:48:04
35.209.209.15	attack	$f2bV_matches	2020-09-12 15:37:25
117.247.226.29	attack	web-1 [ssh_2] SSH Attack	2020-09-12 15:45:36
80.82.70.214	attackbotsspam	Sep 12 09:25:00 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=80.82.70.214, lip=185.118.198.210, session=<4QvXshivPE1QUkbW> Sep 12 09:25:05 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=80.82.70.214, lip=185.118.198.210, session= Sep 12 09:26:26 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=80.82.70.214, lip=185.118.198.210, session= Sep 12 09:27:19 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=80.82.70.214, lip=185.118.198.210, session= Sep 12 09:28:50 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): us	2020-09-12 16:04:55
218.92.0.246	attackbotsspam	Sep 12 13:01:10 gw1 sshd[1873]: Failed password for root from 218.92.0.246 port 45368 ssh2 Sep 12 13:01:24 gw1 sshd[1873]: error: maximum authentication attempts exceeded for root from 218.92.0.246 port 45368 ssh2 [preauth] ...	2020-09-12 16:07:07
193.228.91.109	attack	Auto Fail2Ban report, multiple SSH login attempts.	2020-09-12 16:11:58
31.184.177.6	attackspam	SSH BruteForce Attack	2020-09-12 15:59:52
170.130.187.54	attack	Port Scan/VNC login attempt ...	2020-09-12 15:49:49
212.129.242.171	attackbotsspam	Sep 12 00:59:46 localhost sshd[3371982]: Failed password for root from 212.129.242.171 port 37738 ssh2 Sep 12 01:02:59 localhost sshd[3378847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.242.171 user=root Sep 12 01:03:01 localhost sshd[3378847]: Failed password for root from 212.129.242.171 port 55294 ssh2 Sep 12 01:06:10 localhost sshd[3385720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.242.171 user=root Sep 12 01:06:13 localhost sshd[3385720]: Failed password for root from 212.129.242.171 port 44614 ssh2 ...	2020-09-12 15:34:14
200.84.52.138	attack	20/9/11@13:33:44: FAIL: Alarm-Network address from=200.84.52.138 20/9/11@13:33:44: FAIL: Alarm-Network address from=200.84.52.138 ...	2020-09-12 16:11:06

Recently Reported IPs

75.127.0.18	103.57.141.118	45.127.204.1	60.25.162.169
196.217.162.132	195.158.9.250	107.170.238.47	201.209.249.249
201.205.255.71	69.206.241.161	176.100.173.50	103.13.123.25
220.134.219.216	167.86.112.134	222.236.44.84	4.96.154.6
49.245.60.203	196.216.12.122	54.165.145.171	82.135.250.20