JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.94.209.56

158.94.209.56 was found in our database!

This IP was reported 118 times. Confidence of Abuse is 100%: ?

100%

ISP	OMEGATECH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS202412
Domain Name	omegatech.sc
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.94.209.56

Whois 158.94.209.56

IP Abuse Reports for 158.94.209.56:

This IP address has been reported a total of 118 times from 62 distinct sources. 158.94.209.56 was first reported on April 2nd 2026, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-07 11:38:48 (11 hours ago)	Apr 7 07:26:54 mail fail2ban.actions [619]: NOTICE [postfix-pregreet] Ban 158.94.209.56 Apr ... show more Apr 7 07:26:54 mail fail2ban.actions [619]: NOTICE [postfix-pregreet] Ban 158.94.209.56 Apr 7 08:43:33 mail fail2ban.actions [619]: NOTICE [postfix-pregreet] Ban 158.94.209.56 Apr 7 10:00:15 mail fail2ban.actions [619]: NOTICE [postfix-pregreet] Ban 158.94.209.56 show less	Brute-Force SSH
🇬🇧 PeravixGroup	2026-06-03 19:29:39 (4 days ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 25. Severity: CRITIC ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 25. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇪🇸 Gem	2026-06-02 22:00:36 (5 days ago)	Unauthorized mail server scanning	Port Scan
🇵🇱 genokrad	2026-06-02 08:25:12 (5 days ago)	Unauthorized connection attempt on TCP/25 (SMTP)	Port Scan
🇬🇧 PeravixGroup	2026-06-02 07:28:52 (5 days ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 25. Severity: CRITIC ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 25. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇪🇸 didevi	2026-06-02 06:26:14 (5 days ago)	SPAM or Brute force attack detected	Email Spam Brute-Force
🇵🇱 mkey	2026-06-02 06:05:12 (5 days ago)	Source IP from blacklist is still actively scanning our network. (7 hits in last hour, last seen 202 ... show more Source IP from blacklist is still actively scanning our network. (7 hits in last hour, last seen 2026-06-02 07:21:48) show less	Port Scan
🇹🇭 Sawasdee	2026-06-01 17:33:12 (6 days ago)	Port Scan ...	Port Scan
Anonymous	2026-06-01 14:09:46 (6 days ago)	2026-06-01T14:09:43.475874+00:00 mail postfix/submission/smtpd[1910128]: lost connection after CONNE ... show more 2026-06-01T14:09:43.475874+00:00 mail postfix/submission/smtpd[1910128]: lost connection after CONNECT from unknown[158.94.209.56] 2026-06-01T14:09:44.340713+00:00 mail postfix/submission/smtpd[1910128]: NOQUEUE: reject: RCPT from unknown[158.94.209.56]: 554 5.7.1 <unknown[158.94.209.56]>: Client host rejected: Access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<win-7n1fiecl6ic.domain> 2026-06-01T14:09:46.433619+00:00 mail postfix/submission/smtpd[1910200]: warning: unknown[158.94.209.56]: SASL LOGIN authentication failed: (reason unavailable), sasl_username=info ... show less	Email Spam Brute-Force
🇩🇪 Nerdscave Hosting	2026-06-01 11:30:02 (6 days ago)	SMTP brute-force detected by Fail2Ban in plesk-postfix jail	Email Spam Brute-Force
🇬🇧 PeravixGroup	2026-06-01 11:28:24 (6 days ago)	Honeypot detection: SMTP abuse / unauthorized email relay attempt on port 25. Severity: MEDIUM. Aara ... show more Honeypot detection: SMTP abuse / unauthorized email relay attempt on port 25. Severity: MEDIUM. Aaran.cloud show less	Email Spam
🇫🇮 Yachiyo Runami	2026-05-30 07:12:59 (1 week ago)	Port Scan on Honeypot \| Ports: 25/SMTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 119 \| Len: 52B \| Win: ... show more Port Scan on Honeypot \| Ports: 25/SMTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 119 \| Len: 52B \| Win: 8192(1) \| F2B/ufw-honeypot@2026-05-30T07:12:59Z show less	Port Scan Hacking
🇩🇪 Yachiyo Runami	2026-05-30 06:56:02 (1 week ago)	Port Scan on Honeypot \| Ports: 25/SMTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 116 \| Len: 52B \| Win: ... show more Port Scan on Honeypot \| Ports: 25/SMTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 116 \| Len: 52B \| Win: 8192(1) \| F2B/ufw-honeypot@2026-05-30T06:56:02Z show less	Port Scan Hacking
🇳🇱 CryptoYakari	2026-05-29 22:20:21 (1 week ago)	2026-05-30 01:20:20 dovecot_login authenticator failed for (User) [158.94.209.56]: 535 Incorrect aut ... show more 2026-05-30 01:20:20 dovecot_login authenticator failed for (User) [158.94.209.56]: 535 Incorrect authentication data (set_id=error) ... show less	Email Spam Spoofing Brute-Force
🇧🇷 SvrAdmin	2026-05-29 21:24:06 (1 week ago)	[293] (smtpauth) Failed SMTP AUTH login from 158.94.209.56 (NL/The Netherlands/-): 5 in the last 360 ... show more [293] (smtpauth) Failed SMTP AUTH login from 158.94.209.56 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: May 29 18:20:39 cwp01 postfix/smtpd[31921]: warning: unknown[158.94.209.56]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 29 18:21:19 cwp01 postfix/smtpd[31921]: warning: unknown[158.94.209.56]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 29 18:22:24 cwp01 postfix/smtpd[31921]: warning: unknown[158.94.209.56]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 29 18:23:13 cwp01 postfix/smtpd[31921]: warning: unknown[158.94.209.56]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 29 18:24:01 cwp01 postfix/smtpd[31921]: warning: unknown[158.94.209.56]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 show less	Port Scan Hacking Brute-Force Exploited Host

Showing 1 to 15 of 118 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 212.192.240.126

🇩🇪 167.94.146.58

🇺🇸 109.105.210.64

🇭🇰 45.142.154.13

🇺🇸 209.141.46.91

🇻🇪 200.8.158.118

🇺🇸 173.239.240.151

🇳🇬 165.154.11.202

🇧🇷 164.163.24.11

🇺🇸 159.203.182.190

🇨🇦 142.68.19.140

🇬🇧 104.143.239.109

🇺🇸 47.251.124.86

🇸🇬 47.84.134.78

🇨🇳 27.24.141.160

🇸🇦 5.163.90.53

🇨🇳 221.228.10.226

🇷🇺 217.195.94.243

🇨🇭 209.99.185.59

🇳🇱 204.76.203.206