136.243.2.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
136.243.2.41	attackspambots	hzb4 136.243.2.41 [01/Oct/2020:05:57:38 "-" "POST /wp-login.php 200 2185 136.243.2.41 [01/Oct/2020:12:14:58 "-" "GET /wp-login.php 200 1767 136.243.2.41 [01/Oct/2020:12:14:59 "-" "POST /wp-login.php 200 2151	2020-10-02 00:55:27
136.243.2.41	attackspam	hzb4 136.243.2.41 [01/Oct/2020:05:57:38 "-" "POST /wp-login.php 200 2185 136.243.2.41 [01/Oct/2020:12:14:58 "-" "GET /wp-login.php 200 1767 136.243.2.41 [01/Oct/2020:12:14:59 "-" "POST /wp-login.php 200 2151	2020-10-01 17:02:14
136.243.254.153	attackspambots	$f2bV_matches	2020-07-10 13:31:41
136.243.26.248	normal	continua inutilmente ad occupare spazio	2020-06-18 02:19:37
136.243.208.164	attackbotsspam	Scanned 64 unique addresses for 1 unique ports in 24 hours (ports 80)	2020-06-02 03:10:43
136.243.208.164	attackspam	[Mon May 25 23:26:54 2020] - Syn Flood From IP: 136.243.208.164 Port: 60000	2020-05-26 11:19:06
136.243.238.215	attackspam	SSH Brute Force	2020-05-17 07:44:26
136.243.26.248	spam	Only spam by mail.	2020-03-31 03:42:41
136.243.205.112	attackspambots	This IOC was found in a paste: https://paste.cryptolaemus.com/emotet/2020/03/23/emotet-c2-rsa-update-03-23-20-1.html with the title "Emotet C2 and RSA Key Update - 03/23/2020 09:45" For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-03-27 01:33:03
136.243.26.248	spam	Mi mandano almeno 10 mail al giorno ,tutto spam mail truffe.	2020-03-22 04:40:57
136.243.26.248	spam	Mi mandano almeno 10 mail al giorno ,tutto spam mail truffe.	2020-03-22 04:40:26
136.243.247.44	attackbots	Port Scan: TCP/22	2019-11-20 06:30:12
136.243.208.250	attack	2019-09-15T14:01:23.436562abusebot-8.cloudsearch.cf sshd\[23823\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.hostpioneers.com user=daemon	2019-09-16 02:06:01
136.243.22.123	attack	Many RDP login attempts detected by IDS script	2019-07-18 20:33:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 136.243.2.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32854
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;136.243.2.142.			IN	A

;; AUTHORITY SECTION:
.			183	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022000 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 20 21:21:00 CST 2022
;; MSG SIZE  rcvd: 106

Host info

142.2.243.136.in-addr.arpa domain name pointer server.sprybyte.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.2.243.136.in-addr.arpa	name = server.sprybyte.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.155	attackbots	Dec 27 16:52:51 sd-53420 sshd\[21157\]: User root from 222.186.175.155 not allowed because none of user's groups are listed in AllowGroups Dec 27 16:52:51 sd-53420 sshd\[21157\]: Failed none for invalid user root from 222.186.175.155 port 60888 ssh2 Dec 27 16:52:51 sd-53420 sshd\[21157\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.155 user=root Dec 27 16:52:53 sd-53420 sshd\[21157\]: Failed password for invalid user root from 222.186.175.155 port 60888 ssh2 Dec 27 16:52:56 sd-53420 sshd\[21157\]: Failed password for invalid user root from 222.186.175.155 port 60888 ssh2 ...	2019-12-27 23:56:59
41.21.200.252	attackbotsspam	Automatic report - SSH Brute-Force Attack	2019-12-28 00:03:04
31.168.211.250	attack	Unauthorized connection attempt detected from IP address 31.168.211.250 to port 5555	2019-12-28 00:03:26
24.4.128.213	attackbots	script kiddes love the honey pot - so many fails	2019-12-27 23:35:10
159.203.201.0	attackbotsspam	12/27/2019-09:52:28.433934 159.203.201.0 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-12-27 23:27:59
14.46.217.114	attack	REQUESTED PAGE: /editBlackAndWhiteList	2019-12-27 23:48:15
114.134.185.109	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-27 23:52:36
46.38.144.17	attackspambots	Dec 27 16:55:12 relay postfix/smtpd\[18066\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 27 16:55:52 relay postfix/smtpd\[21881\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 27 16:56:40 relay postfix/smtpd\[18066\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 27 16:57:24 relay postfix/smtpd\[21989\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 27 16:58:07 relay postfix/smtpd\[18066\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-12-27 23:59:16
185.85.239.195	attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-12-28 00:06:30
59.72.122.148	attack	Dec 27 05:43:35 web9 sshd\[2884\]: Invalid user dough from 59.72.122.148 Dec 27 05:43:35 web9 sshd\[2884\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.72.122.148 Dec 27 05:43:36 web9 sshd\[2884\]: Failed password for invalid user dough from 59.72.122.148 port 46602 ssh2 Dec 27 05:46:58 web9 sshd\[3469\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.72.122.148 user=root Dec 27 05:47:00 web9 sshd\[3469\]: Failed password for root from 59.72.122.148 port 41688 ssh2	2019-12-27 23:47:46
114.64.253.157	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-27 23:26:16
181.48.225.126	attackspam	Dec 27 15:49:48 minden010 sshd[6234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.225.126 Dec 27 15:49:50 minden010 sshd[6234]: Failed password for invalid user buffiesbest from 181.48.225.126 port 56900 ssh2 Dec 27 15:52:05 minden010 sshd[7032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.225.126 ...	2019-12-27 23:32:24
14.233.154.197	attackspam	Dec 27 15:43:52 linuxrulz sshd[6828]: Invalid user guest from 14.233.154.197 port 53396 Dec 27 15:43:52 linuxrulz sshd[6828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.233.154.197 Dec 27 15:43:54 linuxrulz sshd[6828]: Failed password for invalid user guest from 14.233.154.197 port 53396 ssh2 Dec 27 15:43:54 linuxrulz sshd[6828]: Connection closed by 14.233.154.197 port 53396 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.233.154.197	2019-12-27 23:58:29
186.67.248.8	attack	Dec 27 16:53:38 vps691689 sshd[14414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.67.248.8 Dec 27 16:53:40 vps691689 sshd[14414]: Failed password for invalid user student from 186.67.248.8 port 46203 ssh2 Dec 27 17:01:36 vps691689 sshd[14571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.67.248.8 ...	2019-12-28 00:04:45
221.163.8.108	attackspam	Dec 27 10:40:30 plusreed sshd[13356]: Invalid user test from 221.163.8.108 ...	2019-12-27 23:54:44

Recently Reported IPs

136.243.18.157	136.243.2.112	136.243.225.164	136.243.235.108
136.243.237.169	136.243.235.86	136.243.223.252	136.243.22.87
136.243.238.36	104.22.23.163	136.243.24.105	136.243.24.13
136.243.25.78	136.243.249.30	149.46.151.61	104.22.23.164
205.23.87.169	104.22.23.169	104.22.23.178	104.22.23.184