150.136.111.213

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Oracle Public Cloud

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Invalid user jenkins from 150.136.111.213 port 33300	2020-07-18 20:39:41
attackbots	Jun 22 09:40:54 vps sshd[133138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.111.213 user=root Jun 22 09:40:56 vps sshd[133138]: Failed password for root from 150.136.111.213 port 43730 ssh2 Jun 22 09:44:15 vps sshd[145536]: Invalid user musicbot from 150.136.111.213 port 43272 Jun 22 09:44:15 vps sshd[145536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.111.213 Jun 22 09:44:17 vps sshd[145536]: Failed password for invalid user musicbot from 150.136.111.213 port 43272 ssh2 ...	2020-06-22 15:56:42
attackspam	Jun 6 08:20:09 lukav-desktop sshd\[15891\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.111.213 user=root Jun 6 08:20:11 lukav-desktop sshd\[15891\]: Failed password for root from 150.136.111.213 port 39184 ssh2 Jun 6 08:23:49 lukav-desktop sshd\[15919\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.111.213 user=root Jun 6 08:23:52 lukav-desktop sshd\[15919\]: Failed password for root from 150.136.111.213 port 43736 ssh2 Jun 6 08:27:32 lukav-desktop sshd\[15957\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.111.213 user=root	2020-06-06 13:33:18
attack	May 31 13:49:47 pixelmemory sshd[876242]: Failed password for root from 150.136.111.213 port 56394 ssh2 May 31 13:51:24 pixelmemory sshd[881024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.111.213 user=root May 31 13:51:26 pixelmemory sshd[881024]: Failed password for root from 150.136.111.213 port 57422 ssh2 May 31 13:53:04 pixelmemory sshd[886954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.111.213 user=root May 31 13:53:06 pixelmemory sshd[886954]: Failed password for root from 150.136.111.213 port 58446 ssh2 ...	2020-06-01 05:12:33
attack	Invalid user daniel from 150.136.111.213 port 41566	2020-05-27 00:48:39

Comments on same subnet:

IP	Type	Details	Datetime
150.136.111.169	attackbots	Fail2Ban Ban Triggered HTTP Exploit Attempt	2020-05-02 15:19:36
150.136.111.229	attackbots	Apr 12 12:10:57 web8 sshd\[25485\]: Invalid user wp-user from 150.136.111.229 Apr 12 12:10:57 web8 sshd\[25485\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.111.229 Apr 12 12:10:59 web8 sshd\[25485\]: Failed password for invalid user wp-user from 150.136.111.229 port 40114 ssh2 Apr 12 12:15:36 web8 sshd\[27940\]: Invalid user richards from 150.136.111.229 Apr 12 12:15:36 web8 sshd\[27940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.111.229	2020-04-12 20:42:45

Type

Details

Datetime

150.136.111.169

attackbots

Fail2Ban Ban Triggered
HTTP Exploit Attempt

2020-05-02 15:19:36

150.136.111.229

attackbots

Apr 12 12:10:57 web8 sshd\[25485\]: Invalid user wp-user from 150.136.111.229
Apr 12 12:10:57 web8 sshd\[25485\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.111.229
Apr 12 12:10:59 web8 sshd\[25485\]: Failed password for invalid user wp-user from 150.136.111.229 port 40114 ssh2
Apr 12 12:15:36 web8 sshd\[27940\]: Invalid user richards from 150.136.111.229
Apr 12 12:15:36 web8 sshd\[27940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.111.229

2020-04-12 20:42:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 150.136.111.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44261
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;150.136.111.213.		IN	A

;; AUTHORITY SECTION:
.			588	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052601 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 27 00:48:36 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 213.111.136.150.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 213.111.136.150.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.244.146.115	attackbots	port scan and connect, tcp 80 (http)	2019-10-06 12:35:16
51.68.82.218	attackbots	Oct 6 06:36:36 localhost sshd\[3872\]: Invalid user P@\$\$W0RD2017 from 51.68.82.218 port 50798 Oct 6 06:36:36 localhost sshd\[3872\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.82.218 Oct 6 06:36:38 localhost sshd\[3872\]: Failed password for invalid user P@\$\$W0RD2017 from 51.68.82.218 port 50798 ssh2	2019-10-06 12:44:38
95.183.53.13	attack	Oct 6 04:05:56 web8 sshd\[6574\]: Invalid user hadoop from 95.183.53.13 Oct 6 04:05:56 web8 sshd\[6574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.183.53.13 Oct 6 04:05:57 web8 sshd\[6574\]: Failed password for invalid user hadoop from 95.183.53.13 port 37956 ssh2 Oct 6 04:11:01 web8 sshd\[9235\]: Invalid user do from 95.183.53.13 Oct 6 04:11:01 web8 sshd\[9235\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.183.53.13	2019-10-06 12:26:41
142.93.222.197	attack	Oct 6 06:53:32 pkdns2 sshd\[11604\]: Address 142.93.222.197 maps to jira-support.terasoftware.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Oct 6 06:53:35 pkdns2 sshd\[11604\]: Failed password for root from 142.93.222.197 port 45024 ssh2Oct 6 06:57:39 pkdns2 sshd\[11835\]: Address 142.93.222.197 maps to jira-support.terasoftware.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Oct 6 06:57:41 pkdns2 sshd\[11835\]: Failed password for root from 142.93.222.197 port 56662 ssh2Oct 6 07:01:43 pkdns2 sshd\[12072\]: Address 142.93.222.197 maps to jira-support.terasoftware.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Oct 6 07:01:43 pkdns2 sshd\[12072\]: Invalid user 12345 from 142.93.222.197 ...	2019-10-06 12:12:54
92.118.38.37	attackspam	Oct 6 06:24:09 relay postfix/smtpd\[19110\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 6 06:24:24 relay postfix/smtpd\[11179\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 6 06:24:42 relay postfix/smtpd\[9073\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 6 06:24:57 relay postfix/smtpd\[14564\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 6 06:25:16 relay postfix/smtpd\[19111\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-06 12:27:11
209.126.76.137	attackspam	Port Scan detected from 209.126.76.137 (US/United States/U137.datasoft.ws). 4 hits in the last 195 seconds	2019-10-06 12:30:37
203.160.132.4	attack	Apr 26 04:37:29 vtv3 sshd\[32453\]: Invalid user test from 203.160.132.4 port 52198 Apr 26 04:37:29 vtv3 sshd\[32453\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.160.132.4 Apr 26 04:37:31 vtv3 sshd\[32453\]: Failed password for invalid user test from 203.160.132.4 port 52198 ssh2 Apr 26 04:43:58 vtv3 sshd\[3150\]: Invalid user ibmadrc from 203.160.132.4 port 45484 Apr 26 04:43:58 vtv3 sshd\[3150\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.160.132.4 Apr 26 04:56:20 vtv3 sshd\[9362\]: Invalid user alexk from 203.160.132.4 port 34314 Apr 26 04:56:20 vtv3 sshd\[9362\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.160.132.4 Apr 26 04:56:22 vtv3 sshd\[9362\]: Failed password for invalid user alexk from 203.160.132.4 port 34314 ssh2 Apr 26 04:59:28 vtv3 sshd\[10614\]: Invalid user chong from 203.160.132.4 port 59750 Apr 26 04:59:28 vtv3 sshd\[10614\]: pam_unix\(	2019-10-06 12:17:31
14.248.83.163	attack	Oct 5 18:08:49 hanapaa sshd\[30773\]: Invalid user Hospital123 from 14.248.83.163 Oct 5 18:08:49 hanapaa sshd\[30773\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.248.83.163 Oct 5 18:08:51 hanapaa sshd\[30773\]: Failed password for invalid user Hospital123 from 14.248.83.163 port 34760 ssh2 Oct 5 18:13:27 hanapaa sshd\[31262\]: Invalid user Hospital123 from 14.248.83.163 Oct 5 18:13:27 hanapaa sshd\[31262\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.248.83.163	2019-10-06 12:21:41
159.203.201.168	attackspambots	400 BAD REQUEST	2019-10-06 12:19:53
51.75.147.100	attack	$f2bV_matches	2019-10-06 12:30:19
220.176.196.40	attackbots	Dovecot Brute-Force	2019-10-06 12:17:19
222.186.15.110	attackspambots	Oct 6 06:39:20 MK-Soft-VM4 sshd[13339]: Failed password for root from 222.186.15.110 port 62016 ssh2 Oct 6 06:39:22 MK-Soft-VM4 sshd[13339]: Failed password for root from 222.186.15.110 port 62016 ssh2 ...	2019-10-06 12:39:42
152.136.27.94	attackbotsspam	2019-10-06 02:52:08,065 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 152.136.27.94 2019-10-06 03:28:15,814 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 152.136.27.94 2019-10-06 04:02:48,347 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 152.136.27.94 2019-10-06 05:22:45,950 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 152.136.27.94 2019-10-06 05:54:32,657 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 152.136.27.94 ...	2019-10-06 12:47:00
148.70.77.22	attack	2019-10-06T00:00:55.2403031495-001 sshd\[24817\]: Failed password for invalid user \^YHN\&UJM from 148.70.77.22 port 49560 ssh2 2019-10-06T00:11:36.7396461495-001 sshd\[25799\]: Invalid user P@55W0RD2018 from 148.70.77.22 port 42916 2019-10-06T00:11:36.7427961495-001 sshd\[25799\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.22 2019-10-06T00:11:38.4157711495-001 sshd\[25799\]: Failed password for invalid user P@55W0RD2018 from 148.70.77.22 port 42916 ssh2 2019-10-06T00:16:56.7825391495-001 sshd\[26240\]: Invalid user P@55W0RD2018 from 148.70.77.22 port 53708 2019-10-06T00:16:56.7896571495-001 sshd\[26240\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.22 ...	2019-10-06 12:51:30
182.180.50.167	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 06-10-2019 04:55:16.	2019-10-06 12:16:07

Recently Reported IPs

123.206.23.106	115.135.143.184	93.78.45.31	76.169.171.13
86.96.55.208	78.14.77.180	103.231.91.136	171.38.150.144
178.238.238.221	189.109.49.138	49.233.10.41	103.216.223.11
36.26.246.49	189.32.252.99	78.149.218.1	47.115.54.160
113.161.150.177	190.206.136.211	1.202.115.173	183.4.30.133