149.56.158.7 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
149.56.158.24	attack	445/tcp 1433/tcp... [2020-02-23/04-05]4pkt,2pt.(tcp)	2020-04-06 04:37:51
149.56.158.24	attack	suspicious action Mon, 24 Feb 2020 01:51:34 -0300	2020-02-24 16:42:35
149.56.158.24	attackspam	Unauthorized connection attempt detected from IP address 149.56.158.24 to port 1433 [J]	2020-01-06 17:57:00
149.56.158.24	attack	Unauthorized access or intrusion attempt detected from Thor banned IP	2019-12-12 08:55:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.56.158.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29696
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;149.56.158.7.			IN	A

;; AUTHORITY SECTION:
.			415	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022011002 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 11 15:00:42 CST 2022
;; MSG SIZE  rcvd: 105

Host info

7.158.56.149.in-addr.arpa domain name pointer kvm.medicinasa.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
7.158.56.149.in-addr.arpa	name = kvm.medicinasa.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.204.42.58	attack	Invalid user eddie from 129.204.42.58 port 55937	2019-08-23 13:28:59
134.209.202.84	attackbots	Invalid user admin from 134.209.202.84 port 51102	2019-08-23 13:47:07
162.247.74.202	attackbots	Invalid user james from 162.247.74.202 port 33140	2019-08-23 13:45:40
197.248.205.54	attackbotsspam	Aug 23 05:43:19 nextcloud sshd\[26395\]: Invalid user xie from 197.248.205.54 Aug 23 05:43:19 nextcloud sshd\[26395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.205.54 Aug 23 05:43:22 nextcloud sshd\[26395\]: Failed password for invalid user xie from 197.248.205.54 port 56708 ssh2 ...	2019-08-23 12:53:58
51.68.70.175	attackbotsspam	Aug 23 02:17:11 yabzik sshd[13849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.70.175 Aug 23 02:17:13 yabzik sshd[13849]: Failed password for invalid user bmm from 51.68.70.175 port 53016 ssh2 Aug 23 02:21:04 yabzik sshd[15296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.70.175	2019-08-23 12:36:20
192.141.234.231	attackspam	Port Scan: TCP/22	2019-08-23 13:39:53
92.118.37.97	attackspam	08/23/2019-00:59:38.487686 92.118.37.97 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-23 13:22:18
206.189.162.87	attackbotsspam	Aug 22 23:20:24 mail sshd[8520]: Invalid user laxmi from 206.189.162.87 Aug 22 23:20:24 mail sshd[8520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.162.87 Aug 22 23:20:24 mail sshd[8520]: Invalid user laxmi from 206.189.162.87 Aug 22 23:20:26 mail sshd[8520]: Failed password for invalid user laxmi from 206.189.162.87 port 55122 ssh2 Aug 22 23:28:11 mail sshd[20351]: Invalid user ts3sleep from 206.189.162.87 ...	2019-08-23 12:34:07
54.39.29.105	attackbots	Aug 22 19:12:20 kapalua sshd\[3905\]: Invalid user arkserver from 54.39.29.105 Aug 22 19:12:20 kapalua sshd\[3905\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns557495.ip-54-39-29.net Aug 22 19:12:22 kapalua sshd\[3905\]: Failed password for invalid user arkserver from 54.39.29.105 port 59188 ssh2 Aug 22 19:16:34 kapalua sshd\[4358\]: Invalid user ts3bot from 54.39.29.105 Aug 22 19:16:34 kapalua sshd\[4358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns557495.ip-54-39-29.net	2019-08-23 13:22:54
118.98.121.195	attackbotsspam	Aug 23 06:54:33 v22019058497090703 sshd[7716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.98.121.195 Aug 23 06:54:35 v22019058497090703 sshd[7716]: Failed password for invalid user sms from 118.98.121.195 port 58912 ssh2 Aug 23 06:59:37 v22019058497090703 sshd[8083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.98.121.195 ...	2019-08-23 13:19:49
106.13.37.253	attack	Aug 22 05:30:07 itv-usvr-01 sshd[25343]: Invalid user xiaojie from 106.13.37.253 Aug 22 05:30:07 itv-usvr-01 sshd[25343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 Aug 22 05:30:07 itv-usvr-01 sshd[25343]: Invalid user xiaojie from 106.13.37.253 Aug 22 05:30:08 itv-usvr-01 sshd[25343]: Failed password for invalid user xiaojie from 106.13.37.253 port 45878 ssh2 Aug 22 05:37:11 itv-usvr-01 sshd[25582]: Invalid user tina from 106.13.37.253	2019-08-23 12:32:30
14.140.192.7	attackbots	Aug 23 05:03:40 mail sshd\[24049\]: Invalid user lawrence from 14.140.192.7 Aug 23 05:03:40 mail sshd\[24049\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.140.192.7 Aug 23 05:03:42 mail sshd\[24049\]: Failed password for invalid user lawrence from 14.140.192.7 port 18543 ssh2 ...	2019-08-23 12:43:28
121.142.111.230	attack	Aug 23 06:00:20 XXX sshd[17319]: Invalid user ofsaa from 121.142.111.230 port 56032	2019-08-23 13:10:05
107.172.77.205	attackspambots	Aug 22 19:11:54 hiderm sshd\[31068\]: Invalid user hue from 107.172.77.205 Aug 22 19:11:54 hiderm sshd\[31068\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.172.77.205 Aug 22 19:11:56 hiderm sshd\[31068\]: Failed password for invalid user hue from 107.172.77.205 port 51980 ssh2 Aug 22 19:16:05 hiderm sshd\[31390\]: Invalid user test from 107.172.77.205 Aug 22 19:16:05 hiderm sshd\[31390\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.172.77.205	2019-08-23 13:23:52
139.59.59.187	attackspam	SSHD brute force attack detected by fail2ban	2019-08-23 12:50:35

Recently Reported IPs

203.252.10.193	195.206.111.206	0.28.136.77	13.226.247.71
134.42.122.58	10.116.70.115	115.182.47.223	178.151.70.100
157.185.163.40	127.56.105.107	168.68.111.142	104.210.155.118
217.160.40.205	197.37.195.79	28.4.180.172	159.50.103.15
25.178.207.26	183.210.62.138	19.81.11.65	111.150.90.132