149.129.136.212

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: Alibaba.com Singapore E-Commerce Private Limited

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	[portscan] tcp/23 [TELNET] *(RWIN=27604)(08050931)	2019-08-05 20:17:24

Comments on same subnet:

IP	Type	Details	Datetime
149.129.136.90	attackbotsspam	20 attempts against mh-ssh on air	2020-10-03 04:53:48
149.129.136.90	attackbots	20 attempts against mh-ssh on cloud	2020-10-03 00:16:13
149.129.136.90	attackbotsspam	20 attempts against mh-ssh on cloud	2020-10-02 20:47:20
149.129.136.90	attack	20 attempts against mh-ssh on cloud	2020-10-02 17:20:09
149.129.136.90	attackspam	20 attempts against mh-ssh on cloud	2020-10-02 13:42:02
149.129.136.90	attackspam	20 attempts against mh-ssh on light	2020-09-30 08:36:29
149.129.136.90	attack	20 attempts against mh-ssh on light	2020-09-30 01:25:20
149.129.136.90	attack	20 attempts against mh-ssh on light	2020-09-29 17:24:38
149.129.136.211	attackbotsspam	Unauthorised access (Aug 9) SRC=149.129.136.211 LEN=40 PREC=0x20 TTL=47 ID=22338 TCP DPT=8080 WINDOW=50376 SYN	2019-08-09 13:08:37
149.129.136.113	attackspam	Aug 8 02:23:17 DDOS Attack: SRC=149.129.136.113 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=49 DF PROTO=TCP SPT=16456 DPT=80 WINDOW=0 RES=0x00 RST URGP=0	2019-08-08 13:10:26
149.129.136.252	attackspambots	port scan and connect, tcp 23 (telnet)	2019-07-11 22:38:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.129.136.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15981
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.129.136.212.		IN	A

;; AUTHORITY SECTION:
.			2690	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080501 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 05 20:17:16 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 212.136.129.149.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 212.136.129.149.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.211.141.207	attackspambots	2019-10-03T18:40:49.939281shield sshd\[13155\]: Invalid user sprayrock11 from 129.211.141.207 port 36684 2019-10-03T18:40:49.944917shield sshd\[13155\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.141.207 2019-10-03T18:40:52.004403shield sshd\[13155\]: Failed password for invalid user sprayrock11 from 129.211.141.207 port 36684 ssh2 2019-10-03T18:41:18.287585shield sshd\[13201\]: Invalid user sprayrock11 from 129.211.141.207 port 39960 2019-10-03T18:41:18.291962shield sshd\[13201\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.141.207	2019-10-04 02:50:07
101.226.98.13	attackbots	ICMP MP Probe, Scan -	2019-10-04 02:38:07
212.129.53.177	attackspam	Oct 3 17:12:51 game-panel sshd[2607]: Failed password for games from 212.129.53.177 port 51001 ssh2 Oct 3 17:16:48 game-panel sshd[2744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.53.177 Oct 3 17:16:50 game-panel sshd[2744]: Failed password for invalid user nauthy from 212.129.53.177 port 19183 ssh2	2019-10-04 02:52:31
103.254.120.222	attackspam	Automatic report - Banned IP Access	2019-10-04 02:43:09
116.136.20.184	attackbotsspam	Automatic report - Port Scan	2019-10-04 02:46:15
222.186.15.160	attack	Oct 3 20:23:52 MK-Soft-Root1 sshd[8788]: Failed password for root from 222.186.15.160 port 47344 ssh2 Oct 3 20:23:54 MK-Soft-Root1 sshd[8788]: Failed password for root from 222.186.15.160 port 47344 ssh2 ...	2019-10-04 02:24:41
46.38.144.202	attack	Oct 3 20:04:58 mail postfix/smtpd\[8569\]: warning: unknown\[46.38.144.202\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 3 20:07:28 mail postfix/smtpd\[8267\]: warning: unknown\[46.38.144.202\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 3 20:09:58 mail postfix/smtpd\[8963\]: warning: unknown\[46.38.144.202\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 3 20:40:12 mail postfix/smtpd\[9507\]: warning: unknown\[46.38.144.202\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-10-04 02:41:22
222.161.209.130	attackspambots	[munged]::443 222.161.209.130 - - [03/Oct/2019:14:23:24 +0200] "POST /[munged]: HTTP/1.1" 200 9038 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0"	2019-10-04 02:25:09
113.167.142.32	attackbotsspam	WordPress wp-login brute force :: 113.167.142.32 0.304 BYPASS [03/Oct/2019:22:23:16 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-04 02:34:33
109.65.44.183	attackbots	SQL injection:/index.php?menu_selected=144'A=0&sub_menu_selected=1023&language=FR&ID_PRJ=63896	2019-10-04 02:18:34
95.172.68.64	attackbots	ICMP MP Probe, Scan -	2019-10-04 02:58:07
151.80.45.126	attackbotsspam	Sep 29 23:50:19 h2022099 sshd[28396]: Invalid user simon from 151.80.45.126 Sep 29 23:50:21 h2022099 sshd[28396]: Failed password for invalid user simon from 151.80.45.126 port 56728 ssh2 Sep 29 23:50:21 h2022099 sshd[28396]: Received disconnect from 151.80.45.126: 11: Bye Bye [preauth] Sep 30 00:05:37 h2022099 sshd[30720]: Invalid user rz from 151.80.45.126 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=151.80.45.126	2019-10-04 02:39:10
192.185.130.216	attack	192.185.130.216 - - [03/Oct/2019:19:28:23 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.185.130.216 - - [03/Oct/2019:19:28:25 +0200] "POST /wp-login.php HTTP/1.1" 200 1524 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.185.130.216 - - [03/Oct/2019:19:28:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.185.130.216 - - [03/Oct/2019:19:28:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1507 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.185.130.216 - - [03/Oct/2019:19:28:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.185.130.216 - - [03/Oct/2019:19:28:28 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" .	2019-10-04 02:36:04
185.176.27.118	attack	10/03/2019-14:08:06.765991 185.176.27.118 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-04 02:21:49
110.35.79.23	attackspam	Oct 3 20:12:22 MK-Soft-VM7 sshd[8670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.35.79.23 Oct 3 20:12:24 MK-Soft-VM7 sshd[8670]: Failed password for invalid user zr from 110.35.79.23 port 47884 ssh2 ...	2019-10-04 02:22:32

Recently Reported IPs

46.173.92.187	42.189.100.218	36.230.82.214	197.58.179.109
197.43.5.222	190.204.108.233	189.68.48.10	250.104.105.155
183.80.196.75	167.71.138.45	162.252.57.27	152.253.97.196
149.200.231.202	50.18.203.92	125.165.63.164	119.122.114.109
117.247.70.91	10.132.8.36	111.125.86.190	65.182.104.18