136.243.2.149 - IPInfo

Basic Info

City: Falkenstein

Region: Sachsen

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
136.243.2.41	attackspambots	hzb4 136.243.2.41 [01/Oct/2020:05:57:38 "-" "POST /wp-login.php 200 2185 136.243.2.41 [01/Oct/2020:12:14:58 "-" "GET /wp-login.php 200 1767 136.243.2.41 [01/Oct/2020:12:14:59 "-" "POST /wp-login.php 200 2151	2020-10-02 00:55:27
136.243.2.41	attackspam	hzb4 136.243.2.41 [01/Oct/2020:05:57:38 "-" "POST /wp-login.php 200 2185 136.243.2.41 [01/Oct/2020:12:14:58 "-" "GET /wp-login.php 200 1767 136.243.2.41 [01/Oct/2020:12:14:59 "-" "POST /wp-login.php 200 2151	2020-10-01 17:02:14
136.243.254.153	attackspambots	$f2bV_matches	2020-07-10 13:31:41
136.243.26.248	normal	continua inutilmente ad occupare spazio	2020-06-18 02:19:37
136.243.208.164	attackbotsspam	Scanned 64 unique addresses for 1 unique ports in 24 hours (ports 80)	2020-06-02 03:10:43
136.243.208.164	attackspam	[Mon May 25 23:26:54 2020] - Syn Flood From IP: 136.243.208.164 Port: 60000	2020-05-26 11:19:06
136.243.238.215	attackspam	SSH Brute Force	2020-05-17 07:44:26
136.243.26.248	spam	Only spam by mail.	2020-03-31 03:42:41
136.243.205.112	attackspambots	This IOC was found in a paste: https://paste.cryptolaemus.com/emotet/2020/03/23/emotet-c2-rsa-update-03-23-20-1.html with the title "Emotet C2 and RSA Key Update - 03/23/2020 09:45" For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-03-27 01:33:03
136.243.26.248	spam	Mi mandano almeno 10 mail al giorno ,tutto spam mail truffe.	2020-03-22 04:40:57
136.243.26.248	spam	Mi mandano almeno 10 mail al giorno ,tutto spam mail truffe.	2020-03-22 04:40:26
136.243.247.44	attackbots	Port Scan: TCP/22	2019-11-20 06:30:12
136.243.208.250	attack	2019-09-15T14:01:23.436562abusebot-8.cloudsearch.cf sshd\[23823\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.hostpioneers.com user=daemon	2019-09-16 02:06:01
136.243.22.123	attack	Many RDP login attempts detected by IDS script	2019-07-18 20:33:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 136.243.2.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60142
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;136.243.2.149.			IN	A

;; AUTHORITY SECTION:
.			354	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023121501 1800 900 604800 86400

;; Query time: 22 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 16 05:05:03 CST 2023
;; MSG SIZE  rcvd: 106

Host info

149.2.243.136.in-addr.arpa domain name pointer static.149.2.243.136.clients.your-server.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.2.243.136.in-addr.arpa	name = static.149.2.243.136.clients.your-server.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
162.142.125.23	attackspambots	Port scan detected	2020-09-14 19:29:21
165.227.176.208	attack	Sep 13 19:50:25 server sshd[11809]: Failed password for invalid user gitadmin from 165.227.176.208 port 39392 ssh2 Sep 13 19:50:49 server sshd[11892]: Failed password for invalid user gitadmin from 165.227.176.208 port 33326 ssh2 Sep 13 19:51:12 server sshd[11961]: Failed password for invalid user gitadmin from 165.227.176.208 port 55488 ssh2	2020-09-14 19:30:45
188.166.248.209	attackspambots	Automatically reported by fail2ban report script (mx1)	2020-09-14 19:24:25
51.37.199.219	attackspam	(sshd) Failed SSH login from 51.37.199.219 (IE/Ireland/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 14 03:08:28 optimus sshd[22194]: Invalid user zabbix from 51.37.199.219 Sep 14 03:08:28 optimus sshd[22194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.37.199.219 Sep 14 03:08:30 optimus sshd[22194]: Failed password for invalid user zabbix from 51.37.199.219 port 45278 ssh2 Sep 14 03:21:56 optimus sshd[26019]: Invalid user zabbix from 51.37.199.219 Sep 14 03:21:56 optimus sshd[26019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.37.199.219	2020-09-14 19:22:03
116.125.141.56	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-14T09:06:53Z and 2020-09-14T09:14:57Z	2020-09-14 19:27:34
106.54.236.220	attack	Time: Mon Sep 14 09:37:21 2020 +0000 IP: 106.54.236.220 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 14 09:15:20 vps3 sshd[18657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.236.220 user=root Sep 14 09:15:22 vps3 sshd[18657]: Failed password for root from 106.54.236.220 port 49070 ssh2 Sep 14 09:32:31 vps3 sshd[22586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.236.220 user=root Sep 14 09:32:33 vps3 sshd[22586]: Failed password for root from 106.54.236.220 port 44394 ssh2 Sep 14 09:37:17 vps3 sshd[23645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.236.220 user=root	2020-09-14 18:57:54
182.61.33.145	attack	Bruteforce detected by fail2ban	2020-09-14 19:28:44
193.29.15.169	attack	UDP 193.29.15.169:55957 -> port 389, len 80	2020-09-14 18:59:01
95.169.13.22	attackspambots	Sep 14 12:48:35 cho sshd[2891521]: Failed password for root from 95.169.13.22 port 43730 ssh2 Sep 14 12:52:04 cho sshd[2891725]: Invalid user bismillah from 95.169.13.22 port 50050 Sep 14 12:52:04 cho sshd[2891725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.169.13.22 Sep 14 12:52:04 cho sshd[2891725]: Invalid user bismillah from 95.169.13.22 port 50050 Sep 14 12:52:06 cho sshd[2891725]: Failed password for invalid user bismillah from 95.169.13.22 port 50050 ssh2 ...	2020-09-14 19:19:21
190.144.14.170	attackbots	Sep 14 12:59:33 myvps sshd[19075]: Failed password for root from 190.144.14.170 port 35896 ssh2 Sep 14 13:14:56 myvps sshd[5488]: Failed password for root from 190.144.14.170 port 38200 ssh2 ...	2020-09-14 19:30:30
183.57.46.131	attackbots	Port scan: Attack repeated for 24 hours	2020-09-14 19:26:14
192.35.168.238	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-09-14 19:22:56
106.12.91.36	attack	Sep 14 00:50:14 gamehost-one sshd[8015]: Failed password for root from 106.12.91.36 port 58800 ssh2 Sep 14 00:57:53 gamehost-one sshd[8604]: Failed password for root from 106.12.91.36 port 59492 ssh2 ...	2020-09-14 19:15:56
51.195.138.52	attack	Invalid user netdata from 51.195.138.52 port 54296	2020-09-14 19:17:10
185.220.102.241	attackspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-14T10:23:19Z and 2020-09-14T10:23:21Z	2020-09-14 18:47:53

Recently Reported IPs

26.30.145.182	209.25.227.63	111.90.250.150	103.141.108.187
10.44.161.169	124.217.251.24	182.120.4.238	12.123.111.112
240e:36b:6628:ca00::2c8	240e:36b:6628:ca00:7148:3d64:ba27:322e	124.6.58.219	192.241.233.35
162.216.149.178	87.249.112.81	104.255.107.131	192.185.81.173
111.193.176.166	104.122.37.246	46.39.31.173	188.39.255.38