136.243.53.56 Threat Intelligence and Host Information

Jul 23, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 136.243.53.56 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

Tags: RDP
JARM: 27d27d27d29d27d00042d42d000000c2e0293a1b1651a6ff2a5a0cba2b4d7f
View other sources: Spamhaus VirusTotal

Country: Germany
Network:
Noticed: 7 times
Protocols Attacked: SSH

Malware Detected on Host

Count: 19 76872274fdd37a0a8a1d4580cff5b77f2fe01aa506d209c9fc6bbb230cd1c1f7 f0576e92b23468febe47928fd18529906585bb33812a76c2914000e6238997ba 2842fe7252e319f115e24aa964499913a1d2378089b490280af83996bc482796 d40c3d256d839c1285423e79f746f7a20da06e6e555d0e130acf8936622efc34 eeac39b61199daa509ac411747e03ec62bf8cd4d7faedc2021798a1c1127efc6 58edf4e8f9bd39b84c54273ca1652f4e1fa212068a1d52ffd496fa3b36a968dd c4bca66ccff1f9256f525cb163c89134d78055fefe2845b526d98c15be1a5619 bd82cae31f430aa0156bb8c404413dbd91cd331e4871b64e75a05503fea2b557 c6c4d1bae0916b97c2665ee871936cfa8df8112ee40200a96b65778ef8acb81a ff665aa6217c63bd50a7eeb14de2931ca0166253ad8b7151ef37452aee9f03a8

Open Ports Detected

1500 21 22 443 80

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2024-6387 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

NetRange: 136.243.0.0 - 136.243.255.255
CIDR: 136.243.0.0/16
NetName: RIPE-ERX-136-243-0-0
NetHandle: NET-136-243-0-0-1
Parent: NET136 (NET-136-0-0-0-0)
NetType: Early Registrations, Transferred to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate: 2004-04-14
Updated: 2025-02-10
Ref: https://rdap.arin.net/registry/ip/136.243.0.0
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: abuse@ripe.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN

Links to attack logs

****** ****** ******

Share on: