Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
No discussion about this IP yet. Click above link to make one.
Comments on same subnet:
IP Type Details Datetime
149.56.44.101 attack
Automatic report - Banned IP Access
2020-10-10 07:59:50
149.56.44.101 attackbots
Invalid user cyrus from 149.56.44.101 port 32886
2020-10-10 00:22:53
149.56.44.101 attackbotsspam
Oct  9 09:56:57 Ubuntu-1404-trusty-64-minimal sshd\[32610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.44.101  user=root
Oct  9 09:56:59 Ubuntu-1404-trusty-64-minimal sshd\[32610\]: Failed password for root from 149.56.44.101 port 46970 ssh2
Oct  9 10:03:52 Ubuntu-1404-trusty-64-minimal sshd\[9738\]: Invalid user test from 149.56.44.101
Oct  9 10:03:52 Ubuntu-1404-trusty-64-minimal sshd\[9738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.44.101
Oct  9 10:03:54 Ubuntu-1404-trusty-64-minimal sshd\[9738\]: Failed password for invalid user test from 149.56.44.101 port 50264 ssh2
2020-10-09 16:09:23
149.56.44.101 attackspambots
Invalid user bishop from 149.56.44.101 port 44966
2020-09-24 20:38:41
149.56.44.101 attackbots
2020-09-24T04:11:20+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)
2020-09-24 12:36:05
149.56.44.101 attackbotsspam
Sep 23 17:02:28 rush sshd[10157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.44.101
Sep 23 17:02:30 rush sshd[10157]: Failed password for invalid user u1 from 149.56.44.101 port 36014 ssh2
Sep 23 17:05:37 rush sshd[10224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.44.101
...
2020-09-24 04:05:57
149.56.44.101 attackspam
Sep 18 17:23:24 havingfunrightnow sshd[17250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.44.101 
Sep 18 17:23:27 havingfunrightnow sshd[17250]: Failed password for invalid user secretariat from 149.56.44.101 port 35762 ssh2
Sep 18 17:25:43 havingfunrightnow sshd[17366]: Failed password for root from 149.56.44.101 port 47086 ssh2
...
2020-09-18 23:35:16
149.56.44.101 attack
s3.hscode.pl - SSH Attack
2020-09-18 15:43:55
149.56.44.101 attack
Sep 17 21:07:52 buvik sshd[20354]: Failed password for invalid user i from 149.56.44.101 port 46290 ssh2
Sep 17 21:11:38 buvik sshd[21057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.44.101  user=root
Sep 17 21:11:40 buvik sshd[21057]: Failed password for root from 149.56.44.101 port 58622 ssh2
...
2020-09-18 05:59:36
149.56.44.47 attackbots
2020-09-12T16:21[Censored Hostname] sshd[4615]: Failed password for root from 149.56.44.47 port 35648 ssh2
2020-09-12T16:21[Censored Hostname] sshd[4615]: Failed password for root from 149.56.44.47 port 35648 ssh2
2020-09-12T16:21[Censored Hostname] sshd[4615]: Failed password for root from 149.56.44.47 port 35648 ssh2[...]
2020-09-13 01:09:12
149.56.44.47 attack
Automatic report - Banned IP Access
2020-09-12 17:07:41
149.56.44.47 attackbots
Aug 30 00:43:35 itv-usvr-01 sshd[27840]: Invalid user admin from 149.56.44.47
Aug 30 00:43:36 itv-usvr-01 sshd[27840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.44.47
Aug 30 00:43:35 itv-usvr-01 sshd[27840]: Invalid user admin from 149.56.44.47
Aug 30 00:43:37 itv-usvr-01 sshd[27840]: Failed password for invalid user admin from 149.56.44.47 port 52174 ssh2
2020-08-30 03:24:10
149.56.44.47 attack
Aug 26 22:52:25 *hidden* sshd[21672]: Failed password for *hidden* from 149.56.44.47 port 36972 ssh2 Aug 26 22:52:29 *hidden* sshd[21672]: Failed password for *hidden* from 149.56.44.47 port 36972 ssh2 Aug 26 22:52:32 *hidden* sshd[21672]: Failed password for *hidden* from 149.56.44.47 port 36972 ssh2
2020-08-27 06:45:55
149.56.44.101 attack
Aug 21 07:50:17 fhem-rasp sshd[14621]: Invalid user oracle from 149.56.44.101 port 55060
...
2020-08-21 17:53:36
149.56.44.101 attack
SSH Brute-Forcing (server2)
2020-08-20 22:35:29
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.56.44.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65001
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;149.56.44.73.			IN	A

;; AUTHORITY SECTION:
.			217	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 04:36:36 CST 2022
;; MSG SIZE  rcvd: 105
Host info
73.44.56.149.in-addr.arpa domain name pointer 73.ip-149-56-44.net.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
73.44.56.149.in-addr.arpa	name = 73.ip-149-56-44.net.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
186.215.182.206 attackspam
Port 1433 Scan
2019-10-22 07:33:14
106.12.7.75 attack
Invalid user cisco from 106.12.7.75 port 43312
2019-10-22 07:43:50
115.85.213.217 attackspam
2019-10-21 20:49:35 auth_login authenticator failed for (…) [115.85.213.217]: 535 Incorrect authentication data (set_id=nologin@…)
2019-10-22 07:54:19
180.244.39.49 attack
Oct 21 21:35:24 nbi-636 sshd[21585]: Invalid user tomcat from 180.244.39.49 port 55282
Oct 21 21:35:26 nbi-636 sshd[21585]: Failed password for invalid user tomcat from 180.244.39.49 port 55282 ssh2
Oct 21 21:35:26 nbi-636 sshd[21585]: Received disconnect from 180.244.39.49 port 55282:11: Bye Bye [preauth]
Oct 21 21:35:26 nbi-636 sshd[21585]: Disconnected from 180.244.39.49 port 55282 [preauth]
Oct 21 21:53:20 nbi-636 sshd[25009]: User r.r from 180.244.39.49 not allowed because not listed in AllowUsers
Oct 21 21:53:20 nbi-636 sshd[25009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.244.39.49  user=r.r
Oct 21 21:53:21 nbi-636 sshd[25009]: Failed password for invalid user r.r from 180.244.39.49 port 40264 ssh2
Oct 21 21:53:21 nbi-636 sshd[25009]: Received disconnect from 180.244.39.49 port 40264:11: Bye Bye [preauth]
Oct 21 21:53:21 nbi-636 sshd[25009]: Disconnected from 180.244.39.49 port 40264 [preauth]
Oct 21 21:56:40 nbi........
-------------------------------
2019-10-22 07:44:35
201.219.236.100 attackspambots
2019-10-21 x@x
2019-10-21 21:42:00 unexpected disconnection while reading SMTP command from ip-100-236-219-201.nextelmovil.cl [201.219.236.100]:28062 I=[10.100.18.22]:25 (error: Connection reset by peer)
2019-10-21 x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=201.219.236.100
2019-10-22 07:51:04
117.200.9.220 attackspambots
Honeypot attack, port: 23, PTR: PTR record not found
2019-10-22 07:22:54
222.186.190.92 attack
2019-10-22T06:37:37.582470enmeeting.mahidol.ac.th sshd\[31021\]: User root from 222.186.190.92 not allowed because not listed in AllowUsers
2019-10-22T06:37:38.836872enmeeting.mahidol.ac.th sshd\[31021\]: Failed none for invalid user root from 222.186.190.92 port 43370 ssh2
2019-10-22T06:37:40.201135enmeeting.mahidol.ac.th sshd\[31021\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.92  user=root
...
2019-10-22 07:39:47
114.92.117.248 attack
Unauthorized connection attempt from IP address 114.92.117.248 on Port 445(SMB)
2019-10-22 08:01:34
45.80.64.246 attackspam
Oct 22 01:29:14 h2177944 sshd\[29638\]: Invalid user mattp from 45.80.64.246 port 57428
Oct 22 01:29:14 h2177944 sshd\[29638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.246
Oct 22 01:29:16 h2177944 sshd\[29638\]: Failed password for invalid user mattp from 45.80.64.246 port 57428 ssh2
Oct 22 01:32:52 h2177944 sshd\[29894\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.246  user=root
...
2019-10-22 07:38:25
198.71.241.47 attackspam
WordPress login Brute force / Web App Attack on client site.
2019-10-22 07:27:34
218.1.18.78 attack
Oct 21 19:20:20 *** sshd[11651]: Failed password for invalid user ubnt from 218.1.18.78 port 21487 ssh2
Oct 21 19:25:49 *** sshd[11729]: Failed password for invalid user hadoop from 218.1.18.78 port 38443 ssh2
Oct 21 19:31:21 *** sshd[11764]: Failed password for invalid user webmaster from 218.1.18.78 port 55408 ssh2
Oct 21 19:44:38 *** sshd[11953]: Failed password for invalid user genival from 218.1.18.78 port 32851 ssh2
Oct 21 19:50:05 *** sshd[12014]: Failed password for invalid user User from 218.1.18.78 port 49800 ssh2
Oct 21 20:24:11 *** sshd[12391]: Failed password for invalid user ubnt from 218.1.18.78 port 38560 ssh2
Oct 21 20:29:43 *** sshd[12459]: Failed password for invalid user zhz from 218.1.18.78 port 55513 ssh2
Oct 21 20:35:08 *** sshd[12490]: Failed password for invalid user tl from 218.1.18.78 port 15975 ssh2
Oct 21 20:40:38 *** sshd[12586]: Failed password for invalid user zk from 218.1.18.78 port 32934 ssh2
Oct 21 20:51:20 *** sshd[12709]: Failed password for invalid user om from 218.1.18.
2019-10-22 07:56:53
119.57.120.107 attackspam
Oct 21 23:45:52 server1 postfix/smtpd\[27443\]: warning: unknown\[119.57.120.107\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
Oct 21 23:46:06 server1 postfix/smtpd\[27443\]: warning: unknown\[119.57.120.107\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
Oct 21 23:46:25 server1 postfix/smtpd\[27443\]: warning: unknown\[119.57.120.107\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
2019-10-22 07:57:52
187.101.39.250 attackspambots
Port 1433 Scan
2019-10-22 07:29:45
94.132.227.190 attackspambots
2019-10-21 x@x
2019-10-21 21:45:21 unexpected disconnection while reading SMTP command from a94-132-227-190.cpe.netcabo.pt [94.132.227.190]:11494 I=[10.100.18.21]:25 (error: Connection reset by peer)
2019-10-21 x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=94.132.227.190
2019-10-22 07:47:26
157.245.129.1 attackspam
Honeypot attack, port: 23, PTR: PTR record not found
2019-10-22 07:34:08

Recently Reported IPs

149.56.42.72 149.56.38.103 59.169.220.7 149.56.66.200
149.56.45.2 149.56.75.192 149.56.8.103 149.56.80.223
149.56.95.20 149.56.9.173 149.62.168.3 149.62.172.228
149.62.172.185 149.62.172.114 149.81.125.216 149.71.234.40
149.86.103.235 149.86.102.139 149.8.161.126 149.86.98.19