136.243.2.149 - IPInfo

Basic Info

City: Falkenstein

Region: Sachsen

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
136.243.2.41	attackspambots	hzb4 136.243.2.41 [01/Oct/2020:05:57:38 "-" "POST /wp-login.php 200 2185 136.243.2.41 [01/Oct/2020:12:14:58 "-" "GET /wp-login.php 200 1767 136.243.2.41 [01/Oct/2020:12:14:59 "-" "POST /wp-login.php 200 2151	2020-10-02 00:55:27
136.243.2.41	attackspam	hzb4 136.243.2.41 [01/Oct/2020:05:57:38 "-" "POST /wp-login.php 200 2185 136.243.2.41 [01/Oct/2020:12:14:58 "-" "GET /wp-login.php 200 1767 136.243.2.41 [01/Oct/2020:12:14:59 "-" "POST /wp-login.php 200 2151	2020-10-01 17:02:14
136.243.254.153	attackspambots	$f2bV_matches	2020-07-10 13:31:41
136.243.26.248	normal	continua inutilmente ad occupare spazio	2020-06-18 02:19:37
136.243.208.164	attackbotsspam	Scanned 64 unique addresses for 1 unique ports in 24 hours (ports 80)	2020-06-02 03:10:43
136.243.208.164	attackspam	[Mon May 25 23:26:54 2020] - Syn Flood From IP: 136.243.208.164 Port: 60000	2020-05-26 11:19:06
136.243.238.215	attackspam	SSH Brute Force	2020-05-17 07:44:26
136.243.26.248	spam	Only spam by mail.	2020-03-31 03:42:41
136.243.205.112	attackspambots	This IOC was found in a paste: https://paste.cryptolaemus.com/emotet/2020/03/23/emotet-c2-rsa-update-03-23-20-1.html with the title "Emotet C2 and RSA Key Update - 03/23/2020 09:45" For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-03-27 01:33:03
136.243.26.248	spam	Mi mandano almeno 10 mail al giorno ,tutto spam mail truffe.	2020-03-22 04:40:57
136.243.26.248	spam	Mi mandano almeno 10 mail al giorno ,tutto spam mail truffe.	2020-03-22 04:40:26
136.243.247.44	attackbots	Port Scan: TCP/22	2019-11-20 06:30:12
136.243.208.250	attack	2019-09-15T14:01:23.436562abusebot-8.cloudsearch.cf sshd\[23823\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.hostpioneers.com user=daemon	2019-09-16 02:06:01
136.243.22.123	attack	Many RDP login attempts detected by IDS script	2019-07-18 20:33:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 136.243.2.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60142
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;136.243.2.149.			IN	A

;; AUTHORITY SECTION:
.			354	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023121501 1800 900 604800 86400

;; Query time: 22 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 16 05:05:03 CST 2023
;; MSG SIZE  rcvd: 106

Host info

149.2.243.136.in-addr.arpa domain name pointer static.149.2.243.136.clients.your-server.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.2.243.136.in-addr.arpa	name = static.149.2.243.136.clients.your-server.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.183	attack	2020-09-07T15:50:23.852230lavrinenko.info sshd[19550]: Failed password for root from 222.186.175.183 port 47300 ssh2 2020-09-07T15:50:28.124180lavrinenko.info sshd[19550]: Failed password for root from 222.186.175.183 port 47300 ssh2 2020-09-07T15:50:31.776586lavrinenko.info sshd[19550]: Failed password for root from 222.186.175.183 port 47300 ssh2 2020-09-07T15:50:35.572803lavrinenko.info sshd[19550]: Failed password for root from 222.186.175.183 port 47300 ssh2 2020-09-07T15:50:39.844702lavrinenko.info sshd[19550]: Failed password for root from 222.186.175.183 port 47300 ssh2 ...	2020-09-07 20:52:24
167.71.224.156	attack	167.71.224.156 - - [06/Sep/2020:10:54:47 -0600] "GET /wp-login.php HTTP/1.1" 301 480 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-07 20:48:07
141.98.9.163	attackspambots	2020-09-07T12:16:11.618297abusebot-4.cloudsearch.cf sshd[18452]: Invalid user admin from 141.98.9.163 port 34499 2020-09-07T12:16:11.624976abusebot-4.cloudsearch.cf sshd[18452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.163 2020-09-07T12:16:11.618297abusebot-4.cloudsearch.cf sshd[18452]: Invalid user admin from 141.98.9.163 port 34499 2020-09-07T12:16:13.976495abusebot-4.cloudsearch.cf sshd[18452]: Failed password for invalid user admin from 141.98.9.163 port 34499 ssh2 2020-09-07T12:16:32.113233abusebot-4.cloudsearch.cf sshd[18464]: Invalid user test from 141.98.9.163 port 43637 2020-09-07T12:16:32.118881abusebot-4.cloudsearch.cf sshd[18464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.163 2020-09-07T12:16:32.113233abusebot-4.cloudsearch.cf sshd[18464]: Invalid user test from 141.98.9.163 port 43637 2020-09-07T12:16:34.018756abusebot-4.cloudsearch.cf sshd[18464]: Failed password ...	2020-09-07 21:10:18
118.69.82.233	attack	prod11 ...	2020-09-07 20:59:33
165.22.60.7	attackbotsspam	SSH login attempts.	2020-09-07 21:06:38
104.244.74.223	attack	Sep 7 15:57:35 server2 sshd\[32459\]: User root from 104.244.74.223 not allowed because not listed in AllowUsers Sep 7 15:57:35 server2 sshd\[32463\]: Invalid user admin from 104.244.74.223 Sep 7 15:57:35 server2 sshd\[32465\]: Invalid user postgres from 104.244.74.223 Sep 7 15:57:36 server2 sshd\[32467\]: User root from 104.244.74.223 not allowed because not listed in AllowUsers Sep 7 15:57:36 server2 sshd\[32469\]: User root from 104.244.74.223 not allowed because not listed in AllowUsers Sep 7 15:57:36 server2 sshd\[32471\]: User root from 104.244.74.223 not allowed because not listed in AllowUsers	2020-09-07 21:07:41
222.186.175.154	attack	Sep 7 12:35:13 scw-6657dc sshd[30948]: Failed password for root from 222.186.175.154 port 19362 ssh2 Sep 7 12:35:13 scw-6657dc sshd[30948]: Failed password for root from 222.186.175.154 port 19362 ssh2 Sep 7 12:35:16 scw-6657dc sshd[30948]: Failed password for root from 222.186.175.154 port 19362 ssh2 ...	2020-09-07 20:46:18
112.85.42.200	attackbotsspam	(sshd) Failed SSH login from 112.85.42.200 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 7 08:33:06 optimus sshd[16476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.200 user=root Sep 7 08:33:07 optimus sshd[16478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.200 user=root Sep 7 08:33:07 optimus sshd[16480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.200 user=root Sep 7 08:33:07 optimus sshd[16476]: Failed password for root from 112.85.42.200 port 50140 ssh2 Sep 7 08:33:08 optimus sshd[16478]: Failed password for root from 112.85.42.200 port 14928 ssh2	2020-09-07 20:37:38
46.182.106.190	attack	2020-09-07T12:22:33.807046abusebot-2.cloudsearch.cf sshd[3365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=tor-exit.critical.cat user=root 2020-09-07T12:22:35.605553abusebot-2.cloudsearch.cf sshd[3365]: Failed password for root from 46.182.106.190 port 39590 ssh2 2020-09-07T12:22:38.046458abusebot-2.cloudsearch.cf sshd[3365]: Failed password for root from 46.182.106.190 port 39590 ssh2 2020-09-07T12:22:33.807046abusebot-2.cloudsearch.cf sshd[3365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=tor-exit.critical.cat user=root 2020-09-07T12:22:35.605553abusebot-2.cloudsearch.cf sshd[3365]: Failed password for root from 46.182.106.190 port 39590 ssh2 2020-09-07T12:22:38.046458abusebot-2.cloudsearch.cf sshd[3365]: Failed password for root from 46.182.106.190 port 39590 ssh2 2020-09-07T12:22:33.807046abusebot-2.cloudsearch.cf sshd[3365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 ...	2020-09-07 20:47:40
116.247.81.99	attack	Sep 7 06:01:31 dignus sshd[1999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.247.81.99 user=root Sep 7 06:01:33 dignus sshd[1999]: Failed password for root from 116.247.81.99 port 58101 ssh2 Sep 7 06:06:11 dignus sshd[2279]: Invalid user apache from 116.247.81.99 port 57338 Sep 7 06:06:11 dignus sshd[2279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.247.81.99 Sep 7 06:06:13 dignus sshd[2279]: Failed password for invalid user apache from 116.247.81.99 port 57338 ssh2 ...	2020-09-07 21:10:39
141.98.9.164	attack	Sep 7 10:23:45 scw-6657dc sshd[26650]: Invalid user admin from 141.98.9.164 port 40925 Sep 7 10:23:45 scw-6657dc sshd[26650]: Invalid user admin from 141.98.9.164 port 40925 Sep 7 10:23:45 scw-6657dc sshd[26650]: Failed none for invalid user admin from 141.98.9.164 port 40925 ssh2 ...	2020-09-07 21:07:09
124.205.118.165	attackspambots	SIP/5060 Probe, BF, Hack -	2020-09-07 20:34:43
222.186.42.155	attackspambots	Sep 7 14:32:17 abendstille sshd\[8336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root Sep 7 14:32:19 abendstille sshd\[8336\]: Failed password for root from 222.186.42.155 port 19189 ssh2 Sep 7 14:32:26 abendstille sshd\[8640\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root Sep 7 14:32:27 abendstille sshd\[8640\]: Failed password for root from 222.186.42.155 port 38994 ssh2 Sep 7 14:32:29 abendstille sshd\[8640\]: Failed password for root from 222.186.42.155 port 38994 ssh2 ...	2020-09-07 20:36:28
203.168.20.126	attackspam	port scan and connect, tcp 8080 (http-proxy)	2020-09-07 20:42:19
36.99.180.242	attackspambots	(sshd) Failed SSH login from 36.99.180.242 (CN/China/-): 5 in the last 3600 secs	2020-09-07 20:33:53

Recently Reported IPs

26.30.145.182	209.25.227.63	111.90.250.150	103.141.108.187
10.44.161.169	124.217.251.24	182.120.4.238	12.123.111.112
240e:36b:6628:ca00::2c8	240e:36b:6628:ca00:7148:3d64:ba27:322e	124.6.58.219	192.241.233.35
162.216.149.178	87.249.112.81	104.255.107.131	192.185.81.173
111.193.176.166	104.122.37.246	46.39.31.173	188.39.255.38