152.136.131.242

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
152.136.131.171	attack	"fail2ban match"	2020-10-06 05:06:46
152.136.131.171	attackbotsspam	Oct 5 07:15:11 ws19vmsma01 sshd[167796]: Failed password for root from 152.136.131.171 port 33086 ssh2 ...	2020-10-05 21:10:21
152.136.131.171	attack	152.136.131.171 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 5 00:37:31 server2 sshd[28463]: Failed password for root from 192.99.247.102 port 40920 ssh2 Oct 5 00:36:59 server2 sshd[27759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.56.139 user=root Oct 5 00:37:01 server2 sshd[27759]: Failed password for root from 119.29.56.139 port 36610 ssh2 Oct 5 00:39:15 server2 sshd[30062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.131.171 user=root Oct 5 00:39:02 server2 sshd[29738]: Failed password for root from 192.99.247.102 port 37322 ssh2 Oct 5 00:36:53 server2 sshd[27680]: Failed password for root from 58.87.106.192 port 51988 ssh2 IP Addresses Blocked: 192.99.247.102 (CA/Canada/-) 119.29.56.139 (CN/China/-)	2020-10-05 13:00:38
152.136.131.171	attackbots	Aug 23 20:10:13 vpn01 sshd[7993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.131.171 Aug 23 20:10:16 vpn01 sshd[7993]: Failed password for invalid user vts from 152.136.131.171 port 48780 ssh2 ...	2020-08-24 02:47:49
152.136.131.171	attack	Aug 21 00:28:18 lukav-desktop sshd\[4869\]: Invalid user luan from 152.136.131.171 Aug 21 00:28:18 lukav-desktop sshd\[4869\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.131.171 Aug 21 00:28:20 lukav-desktop sshd\[4869\]: Failed password for invalid user luan from 152.136.131.171 port 33214 ssh2 Aug 21 00:32:48 lukav-desktop sshd\[7502\]: Invalid user joomla from 152.136.131.171 Aug 21 00:32:48 lukav-desktop sshd\[7502\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.131.171	2020-08-21 05:54:53
152.136.131.171	attackspambots	Aug 18 02:02:54 NPSTNNYC01T sshd[8925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.131.171 Aug 18 02:02:56 NPSTNNYC01T sshd[8925]: Failed password for invalid user postgres from 152.136.131.171 port 59544 ssh2 Aug 18 02:07:34 NPSTNNYC01T sshd[9226]: Failed password for root from 152.136.131.171 port 51272 ssh2 ...	2020-08-18 14:10:19
152.136.131.171	attackspam	Jul 28 05:00:25 ip-172-31-61-156 sshd[10507]: Invalid user liaojp from 152.136.131.171 Jul 28 05:00:27 ip-172-31-61-156 sshd[10507]: Failed password for invalid user liaojp from 152.136.131.171 port 42352 ssh2 Jul 28 05:00:25 ip-172-31-61-156 sshd[10507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.131.171 Jul 28 05:00:25 ip-172-31-61-156 sshd[10507]: Invalid user liaojp from 152.136.131.171 Jul 28 05:00:27 ip-172-31-61-156 sshd[10507]: Failed password for invalid user liaojp from 152.136.131.171 port 42352 ssh2 ...	2020-07-28 15:28:45
152.136.131.171	attack	Invalid user saturne from 152.136.131.171 port 33514	2020-07-27 19:34:32
152.136.131.171	attack	Jul 20 17:35:41 vps333114 sshd[13579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.131.171 Jul 20 17:35:44 vps333114 sshd[13579]: Failed password for invalid user ah from 152.136.131.171 port 59482 ssh2 ...	2020-07-21 01:52:13
152.136.131.171	attackbots	Tried to acess firewall on several ports.	2020-07-19 19:43:51
152.136.131.171	attack	$f2bV_matches	2020-07-17 04:51:51
152.136.131.171	attackbotsspam	Jun 29 13:33:46 vps687878 sshd\[12787\]: Failed password for invalid user markc from 152.136.131.171 port 35464 ssh2 Jun 29 13:36:13 vps687878 sshd\[13148\]: Invalid user lena from 152.136.131.171 port 36324 Jun 29 13:36:13 vps687878 sshd\[13148\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.131.171 Jun 29 13:36:15 vps687878 sshd\[13148\]: Failed password for invalid user lena from 152.136.131.171 port 36324 ssh2 Jun 29 13:38:46 vps687878 sshd\[13387\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.131.171 user=root ...	2020-06-29 22:48:01

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 152.136.131.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57378
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;152.136.131.242.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060401 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 05 09:03:43 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 242.131.136.152.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 242.131.136.152.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
161.35.53.235	attackbotsspam	161.35.53.235 - - [04/Jun/2020:16:00:07 -0600] "GET /wp-login.php HTTP/1.1" 301 468 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-05 08:30:51
124.156.211.253	attackspambots	2020-06-05T03:51:07.908320shield sshd\[15400\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.211.253 user=root 2020-06-05T03:51:10.154508shield sshd\[15400\]: Failed password for root from 124.156.211.253 port 38884 ssh2 2020-06-05T03:55:02.627790shield sshd\[16932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.211.253 user=root 2020-06-05T03:55:04.130418shield sshd\[16932\]: Failed password for root from 124.156.211.253 port 42828 ssh2 2020-06-05T03:58:49.059623shield sshd\[18499\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.211.253 user=root	2020-06-05 12:10:41
2401:78c0::2004	attackbotsspam	LGS,WP GET /v2/wp-includes/wlwmanifest.xml	2020-06-05 08:27:15
185.175.93.23	attack	SmallBizIT.US 3 packets to tcp(5925,5929,5936)	2020-06-05 12:01:48
77.247.181.162	attack	[MK-Root1] Blocked by UFW	2020-06-05 12:02:56
201.206.194.33	attackbotsspam	Hits on port : 445	2020-06-05 08:32:27
152.136.213.72	attack	Jun 5 03:49:12 ip-172-31-61-156 sshd[19254]: Failed password for root from 152.136.213.72 port 35992 ssh2 Jun 5 03:53:48 ip-172-31-61-156 sshd[19475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.213.72 user=root Jun 5 03:53:49 ip-172-31-61-156 sshd[19475]: Failed password for root from 152.136.213.72 port 57980 ssh2 Jun 5 03:58:18 ip-172-31-61-156 sshd[19708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.213.72 user=root Jun 5 03:58:20 ip-172-31-61-156 sshd[19708]: Failed password for root from 152.136.213.72 port 51728 ssh2 ...	2020-06-05 12:28:45
67.205.180.70	attackspambots	" "	2020-06-05 12:20:50
95.140.43.97	attack	Brute force attempt	2020-06-05 08:26:39
46.34.180.63	attack	(IR/Iran/-) SMTP Bruteforcing attempts	2020-06-05 12:12:08
46.232.129.5	attack	(PL/Poland/-) SMTP Bruteforcing attempts	2020-06-05 12:16:08
123.31.27.102	attackbotsspam	DATE:2020-06-04 22:19:06, IP:123.31.27.102, PORT:ssh SSH brute force auth (docker-dc)	2020-06-05 08:27:41
115.159.214.247	attackspam	Jun 5 05:56:05 * sshd[28611]: Failed password for root from 115.159.214.247 port 39690 ssh2	2020-06-05 12:28:08
14.124.100.127	attack	SSH bruteforce	2020-06-05 12:14:36
188.166.150.17	attack	Jun 5 05:52:17 vps687878 sshd\[20734\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.150.17 user=root Jun 5 05:52:19 vps687878 sshd\[20734\]: Failed password for root from 188.166.150.17 port 36603 ssh2 Jun 5 05:55:43 vps687878 sshd\[21130\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.150.17 user=root Jun 5 05:55:45 vps687878 sshd\[21130\]: Failed password for root from 188.166.150.17 port 38244 ssh2 Jun 5 05:59:10 vps687878 sshd\[21356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.150.17 user=root ...	2020-06-05 12:00:17

Recently Reported IPs

221.147.33.217	80.250.14.236	113.160.5.34	24.39.154.234
186.208.181.132	115.94.231.12	200.85.4.121	1.9.196.82
31.24.150.238	111.73.45.155	35.206.178.35	122.55.51.146
73.105.86.145	220.191.231.194	54.99.168.152	88.149.55.120
190.186.59.22	121.200.48.58	77.39.117.115	177.54.224.245