131.196.14.149

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
131.196.146.126	attackspam	Apr 2 14:38:04 debian-2gb-nbg1-2 kernel: \[8090128.172011\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=131.196.146.126 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=62378 PROTO=TCP SPT=22273 DPT=26 WINDOW=17681 RES=0x00 SYN URGP=0	2020-04-03 05:53:18
131.196.146.23	attack	Automatic report - Port Scan Attack	2019-11-23 22:02:46
131.196.144.128	attack	Automatic report - Port Scan Attack	2019-08-12 04:46:31

Type

Details

Datetime

131.196.146.126

attackspam

Apr  2 14:38:04 debian-2gb-nbg1-2 kernel: \[8090128.172011\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=131.196.146.126 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=62378 PROTO=TCP SPT=22273 DPT=26 WINDOW=17681 RES=0x00 SYN URGP=0

2020-04-03 05:53:18

131.196.146.23

attack

Automatic report - Port Scan Attack

2019-11-23 22:02:46

131.196.144.128

attack

Automatic report - Port Scan Attack

2019-08-12 04:46:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.196.14.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60965
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;131.196.14.149.			IN	A

;; AUTHORITY SECTION:
.			563	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030802 1800 900 604800 86400

;; Query time: 174 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 05:31:26 CST 2022
;; MSG SIZE  rcvd: 107

Host info

149.14.196.131.in-addr.arpa domain name pointer host-131-196-14-149.nedetel.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.14.196.131.in-addr.arpa	name = host-131-196-14-149.nedetel.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
87.117.53.18	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 27-09-2019 13:10:42.	2019-09-28 00:31:56
51.68.215.113	attackspambots	2019-09-27T15:21:43.623936abusebot-2.cloudsearch.cf sshd\[27697\]: Invalid user tomcat from 51.68.215.113 port 51020	2019-09-27 23:54:42
134.175.153.238	attackspam	Sep 27 17:41:49 OPSO sshd\[32301\]: Invalid user nexus from 134.175.153.238 port 36654 Sep 27 17:41:49 OPSO sshd\[32301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.153.238 Sep 27 17:41:51 OPSO sshd\[32301\]: Failed password for invalid user nexus from 134.175.153.238 port 36654 ssh2 Sep 27 17:46:58 OPSO sshd\[964\]: Invalid user oracle from 134.175.153.238 port 45196 Sep 27 17:46:58 OPSO sshd\[964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.153.238	2019-09-27 23:53:39
94.97.104.135	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 27-09-2019 13:10:46.	2019-09-28 00:25:02
45.142.195.150	attack	2019-09-27T17:06:58.486475beta postfix/smtpd[10314]: warning: unknown[45.142.195.150]: SASL LOGIN authentication failed: authentication failure 2019-09-27T17:07:40.537271beta postfix/smtpd[10314]: warning: unknown[45.142.195.150]: SASL LOGIN authentication failed: authentication failure 2019-09-27T17:08:22.133804beta postfix/smtpd[10314]: warning: unknown[45.142.195.150]: SASL LOGIN authentication failed: authentication failure ...	2019-09-28 00:14:25
112.161.203.170	attackspam	Sep 27 15:34:08 venus sshd\[20942\]: Invalid user ying from 112.161.203.170 port 40340 Sep 27 15:34:08 venus sshd\[20942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.161.203.170 Sep 27 15:34:10 venus sshd\[20942\]: Failed password for invalid user ying from 112.161.203.170 port 40340 ssh2 ...	2019-09-27 23:52:59
112.13.91.29	attackbots	Sep 27 17:30:31 nextcloud sshd\[23504\]: Invalid user rosa from 112.13.91.29 Sep 27 17:30:31 nextcloud sshd\[23504\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.13.91.29 Sep 27 17:30:33 nextcloud sshd\[23504\]: Failed password for invalid user rosa from 112.13.91.29 port 3548 ssh2 ...	2019-09-28 00:08:38
61.190.99.62	attack	(mod_security) mod_security (id:230011) triggered by 61.190.99.62 (CN/China/-): 5 in the last 3600 secs	2019-09-28 00:00:29
193.32.160.141	attack	Sep 27 15:38:21 server postfix/smtpd[21477]: NOQUEUE: reject: RCPT from unknown[193.32.160.141]: 554 5.7.1 Service unavailable; Client host [193.32.160.141] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[193.32.160.142]> Sep 27 15:38:21 server postfix/smtpd[21477]: NOQUEUE: reject: RCPT from unknown[193.32.160.141]: 554 5.7.1 Service unavailable; Client host [193.32.160.141] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[193.32.160.142]>	2019-09-27 23:48:19
193.70.113.19	attackbots	Sep 24 03:00:12 vz239 sshd[12028]: Invalid user dario from 193.70.113.19 Sep 24 03:00:15 vz239 sshd[12028]: Failed password for invalid user dario from 193.70.113.19 port 39937 ssh2 Sep 24 03:00:15 vz239 sshd[12028]: Received disconnect from 193.70.113.19: 11: Bye Bye [preauth] Sep 24 03:22:13 vz239 sshd[12215]: Invalid user nvidia from 193.70.113.19 Sep 24 03:22:15 vz239 sshd[12215]: Failed password for invalid user nvidia from 193.70.113.19 port 49439 ssh2 Sep 24 03:22:15 vz239 sshd[12215]: Received disconnect from 193.70.113.19: 11: Bye Bye [preauth] Sep 24 03:25:51 vz239 sshd[12241]: Invalid user temp from 193.70.113.19 Sep 24 03:25:52 vz239 sshd[12241]: Failed password for invalid user temp from 193.70.113.19 port 42055 ssh2 Sep 24 03:25:52 vz239 sshd[12241]: Received disconnect from 193.70.113.19: 11: Bye Bye [preauth] Sep 24 03:29:38 vz239 sshd[12276]: Invalid user ftphome from 193.70.113.19 Sep 24 03:29:40 vz239 sshd[12276]: Failed password for invalid user ftph........ -------------------------------	2019-09-28 00:17:06
91.223.244.12	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 27-09-2019 13:10:45.	2019-09-28 00:27:00
95.56.105.28	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 27-09-2019 13:10:47.	2019-09-28 00:24:08
23.254.228.38	attackspam	Sep 27 14:11:42 mxgate1 postfix/postscreen[11346]: CONNECT from [23.254.228.38]:39269 to [176.31.12.44]:25 Sep 27 14:11:42 mxgate1 postfix/dnsblog[11348]: addr 23.254.228.38 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Sep 27 14:11:42 mxgate1 postfix/dnsblog[11360]: addr 23.254.228.38 listed by domain zen.spamhaus.org as 127.0.0.3 Sep 27 14:11:42 mxgate1 postfix/postscreen[11346]: PREGREET 33 after 0.1 from [23.254.228.38]:39269: EHLO 02d70053.ullserverateherps.co Sep 27 14:11:42 mxgate1 postfix/dnsblog[11347]: addr 23.254.228.38 listed by domain b.barracudacentral.org as 127.0.0.2 Sep 27 14:11:43 mxgate1 postfix/postscreen[11346]: DNSBL rank 4 for [23.254.228.38]:39269 Sep x@x Sep 27 14:11:43 mxgate1 postfix/postscreen[11346]: DISCONNECT [23.254.228.38]:39269 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=23.254.228.38	2019-09-27 23:59:16
134.209.147.198	attack	Sep 23 21:58:55 pl1server sshd[10732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.147.198 user=r.r Sep 23 21:58:56 pl1server sshd[10732]: Failed password for r.r from 134.209.147.198 port 41346 ssh2 Sep 23 21:58:57 pl1server sshd[10732]: Received disconnect from 134.209.147.198: 11: Bye Bye [preauth] Sep 23 22:09:37 pl1server sshd[13008]: Invalid user yangzhao from 134.209.147.198 Sep 23 22:09:37 pl1server sshd[13008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.147.198 Sep 23 22:09:39 pl1server sshd[13008]: Failed password for invalid user yangzhao from 134.209.147.198 port 47378 ssh2 Sep 23 22:09:39 pl1server sshd[13008]: Received disconnect from 134.209.147.198: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=134.209.147.198	2019-09-28 00:11:04
142.44.137.62	attackbots	Sep 27 21:20:57 areeb-Workstation sshd[5246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.137.62 Sep 27 21:20:59 areeb-Workstation sshd[5246]: Failed password for invalid user alex from 142.44.137.62 port 51672 ssh2 ...	2019-09-28 00:12:08

Recently Reported IPs

131.196.14.159	131.196.14.203	131.196.141.1	131.196.14.231
131.196.14.235	131.196.14.232	131.196.141.100	131.196.14.82
131.196.141.10	118.172.237.113	131.196.141.103	131.196.141.104
131.196.141.106	118.172.237.141	131.196.141.108	131.196.141.11
131.196.141.110	131.196.141.112	131.196.141.118	131.196.141.123