114.106.150.149

Basic Info

City: Chuzhou

Region: Anhui

Country: China

Internet Service Provider: ChinaNet Anhui Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 114.106.150.149 to port 6656 [T]	2020-01-27 05:34:33

Comments on same subnet:

IP	Type	Details	Datetime
114.106.150.105	attackspam	(pop3d) Failed POP3 login from 114.106.150.105 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jul 4 00:32:57 ir1 dovecot[2885757]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=114.106.150.105, lip=5.63.12.44, session=	2020-07-04 04:49:54
114.106.150.56	attackspam	Unauthorized connection attempt detected from IP address 114.106.150.56 to port 6656 [T]	2020-01-30 08:44:29
114.106.150.38	attackspam	Unauthorized connection attempt detected from IP address 114.106.150.38 to port 6656 [T]	2020-01-29 20:24:42
114.106.150.198	attackbotsspam	/download/file.php?id=160&sid=173620f71161811c4fd91df279cfaf8c	2019-11-23 21:59:37
114.106.150.103	attackbotsspam	2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x 2019-08-10 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=114.106.150.103	2019-08-11 03:22:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.106.150.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3467
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.106.150.149.		IN	A

;; AUTHORITY SECTION:
.			391	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012601 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 27 05:34:29 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 149.150.106.114.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.150.106.114.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.38.144.202	attackspambots	2020-01-26 00:00:19 -> 2020-01-26 12:00:35 : [46.38.144.202]:41688 connection denied (globally) - 4 login attempts	2020-01-26 19:19:22
87.103.213.56	attack	Unauthorized connection attempt from IP address 87.103.213.56 on Port 445(SMB)	2020-01-26 18:59:10
138.122.109.113	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 26-01-2020 04:45:14.	2020-01-26 18:53:29
95.135.138.207	attackspam	Unauthorized connection attempt from IP address 95.135.138.207 on Port 445(SMB)	2020-01-26 18:54:29
93.174.95.41	attack	Jan 26 11:26:50 h2177944 kernel: \[3232661.952038\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=93.174.95.41 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=12835 PROTO=TCP SPT=57905 DPT=1341 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 26 11:26:50 h2177944 kernel: \[3232661.952052\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=93.174.95.41 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=12835 PROTO=TCP SPT=57905 DPT=1341 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 26 11:31:44 h2177944 kernel: \[3232954.999927\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=93.174.95.41 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=60578 PROTO=TCP SPT=57905 DPT=43031 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 26 11:31:44 h2177944 kernel: \[3232954.999941\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=93.174.95.41 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=60578 PROTO=TCP SPT=57905 DPT=43031 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 26 11:54:48 h2177944 kernel: \[3234339.428327\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=93.174.95.41 DST=85.214.117.9 LE	2020-01-26 19:23:09
196.200.181.6	attack	Unauthorized connection attempt from IP address 196.200.181.6 on Port 445(SMB)	2020-01-26 18:46:21
210.212.194.6	attack	2020-1-26 11:36:58 AM: ssh bruteforce [3 failed attempts]	2020-01-26 19:07:08
41.191.192.63	attackbots	Unauthorized connection attempt from IP address 41.191.192.63 on Port 445(SMB)	2020-01-26 19:01:34
49.247.203.22	attackbotsspam	Jan 26 09:27:13 ourumov-web sshd\[19518\]: Invalid user scanner from 49.247.203.22 port 33276 Jan 26 09:27:13 ourumov-web sshd\[19518\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.247.203.22 Jan 26 09:27:15 ourumov-web sshd\[19518\]: Failed password for invalid user scanner from 49.247.203.22 port 33276 ssh2 ...	2020-01-26 19:06:21
37.117.99.154	attack	SSH-bruteforce attempts	2020-01-26 19:09:14
45.143.220.158	attackbotsspam	[2020-01-26 05:34:48] NOTICE[1148][C-00002bc0] chan_sip.c: Call from '' (45.143.220.158:64991) to extension '01146322648733' rejected because extension not found in context 'public'. [2020-01-26 05:34:48] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-26T05:34:48.491-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="01146322648733",SessionID="0x7fd82c4bece8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.158/64991",ACLName="no_extension_match" [2020-01-26 05:37:54] NOTICE[1148][C-00002bc8] chan_sip.c: Call from '' (45.143.220.158:50395) to extension '901146322648733' rejected because extension not found in context 'public'. [2020-01-26 05:37:54] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-26T05:37:54.704-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="901146322648733",SessionID="0x7fd82c538db8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-01-26 18:47:27
122.51.101.136	attackspam	Unauthorized connection attempt detected from IP address 122.51.101.136 to port 2220 [J]	2020-01-26 19:04:48
5.210.19.253	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 26-01-2020 04:45:16.	2020-01-26 18:49:09
222.186.15.33	attackspambots	Jan 26 06:51:56 firewall sshd[7997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.33 user=root Jan 26 06:51:58 firewall sshd[7997]: Failed password for root from 222.186.15.33 port 33316 ssh2 Jan 26 06:52:01 firewall sshd[7997]: Failed password for root from 222.186.15.33 port 33316 ssh2 ...	2020-01-26 18:43:36
45.55.88.94	attack	Jan 26 08:48:39 vpn01 sshd[6487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.88.94 Jan 26 08:48:41 vpn01 sshd[6487]: Failed password for invalid user nero from 45.55.88.94 port 48521 ssh2 ...	2020-01-26 18:59:37

Recently Reported IPs

5.10.200.81	114.99.131.226	169.232.163.25	110.196.52.36
86.17.49.25	113.88.82.58	112.85.193.97	58.235.216.43
112.84.49.193	82.203.160.117	108.109.133.64	111.72.96.236
211.177.1.254	71.188.97.101	174.56.229.49	216.8.168.83
122.84.167.146	106.111.28.94	106.56.90.234	106.46.204.151