141.98.11.106 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Lithuania

运营商(isp): UAB Host Baltic

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack		2020-04-30 08:23:33

相同子网IP讨论:

IP	类型	评论内容	时间
141.98.11.116	botsattack	SSH bot	2025-07-08 13:05:44
141.98.11.35	botsattackproxy	Vulnerability Scanner	2025-01-23 13:58:46
141.98.11.179	attack	Malicious IP / Malware	2024-05-02 12:58:57
141.98.11.96	attack	Brute connect	2024-03-29 14:40:38
141.98.11.61	attack	Scan port	2022-07-04 12:56:10
141.98.11.51	spam	Lig	2022-06-25 06:43:55
141.98.11.65	attack	Scan Port	2022-03-25 13:51:43
141.98.11.94	attackbots		2020-05-02 07:51:03
141.98.11.113	attackbotsspam	[ER hit] Tried to deliver spam. Already well known.	2020-04-26 06:58:32
141.98.11.71	spam	Spammer	2020-04-11 07:30:34
141.98.11.12	attack	" "	2020-03-20 00:02:06
141.98.11.118	attackspambots	SpamScore above: 10.0	2020-03-17 07:26:00
141.98.11.18	attackbotsspam	Dec 17 16:21:10 grey postfix/smtpd\[5338\]: NOQUEUE: reject: RCPT from picayune.woinsta.com\[141.98.11.18\]: 554 5.7.1 Service unavailable\; Client host \[141.98.11.18\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[141.98.11.18\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-18 04:16:19
141.98.11.21	attackbotsspam	Dec 16 22:15:14 grey postfix/smtpd\[10497\]: NOQUEUE: reject: RCPT from careful.woinsta.com\[141.98.11.21\]: 554 5.7.1 Service unavailable\; Client host \[141.98.11.21\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[141.98.11.21\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-17 05:33:32
141.98.11.12	attack	" "	2019-12-06 03:21:17

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 141.98.11.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10320
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;141.98.11.106.			IN	A

;; AUTHORITY SECTION:
.			381	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042905 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 30 08:23:29 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

106.11.98.141.in-addr.arpa domain name pointer sleeper.medyamol.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
106.11.98.141.in-addr.arpa	name = sleeper.medyamol.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
162.243.164.246	attack	Dec 17 21:39:29 kapalua sshd\[9514\]: Invalid user vecchione from 162.243.164.246 Dec 17 21:39:29 kapalua sshd\[9514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.164.246 Dec 17 21:39:31 kapalua sshd\[9514\]: Failed password for invalid user vecchione from 162.243.164.246 port 36274 ssh2 Dec 17 21:44:54 kapalua sshd\[10027\]: Invalid user toponi from 162.243.164.246 Dec 17 21:44:54 kapalua sshd\[10027\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.164.246	2019-12-18 19:00:37
23.129.64.223	attackspambots	Dec 18 07:26:42 vpn01 sshd[7870]: Failed password for root from 23.129.64.223 port 22649 ssh2 Dec 18 07:26:57 vpn01 sshd[7870]: error: maximum authentication attempts exceeded for root from 23.129.64.223 port 22649 ssh2 [preauth] ...	2019-12-18 18:56:35
158.69.196.76	attackbots	Dec 18 04:58:21 dallas01 sshd[18742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.196.76 Dec 18 04:58:23 dallas01 sshd[18742]: Failed password for invalid user apache from 158.69.196.76 port 57906 ssh2 Dec 18 05:03:19 dallas01 sshd[23276]: Failed password for root from 158.69.196.76 port 38542 ssh2	2019-12-18 19:23:03
180.142.134.243	attackbotsspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-18 19:24:55
222.186.173.215	attack	Dec 18 12:11:08 sd-53420 sshd\[8946\]: User root from 222.186.173.215 not allowed because none of user's groups are listed in AllowGroups Dec 18 12:11:13 sd-53420 sshd\[8946\]: Failed none for invalid user root from 222.186.173.215 port 11208 ssh2 Dec 18 12:11:13 sd-53420 sshd\[8946\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.215 user=root Dec 18 12:11:16 sd-53420 sshd\[8946\]: Failed password for invalid user root from 222.186.173.215 port 11208 ssh2 Dec 18 12:11:22 sd-53420 sshd\[8946\]: Failed password for invalid user root from 222.186.173.215 port 11208 ssh2 ...	2019-12-18 19:12:49
110.77.236.159	attackspam	1576650408 - 12/18/2019 07:26:48 Host: 110.77.236.159/110.77.236.159 Port: 445 TCP Blocked	2019-12-18 19:05:43
103.208.34.199	attackbots	$f2bV_matches	2019-12-18 18:58:56
52.233.184.246	attackspambots	2019-12-18T07:19:36.577022vps751288.ovh.net sshd\[15392\]: Invalid user dovecot from 52.233.184.246 port 46508 2019-12-18T07:19:36.586602vps751288.ovh.net sshd\[15392\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.233.184.246 2019-12-18T07:19:38.630058vps751288.ovh.net sshd\[15392\]: Failed password for invalid user dovecot from 52.233.184.246 port 46508 ssh2 2019-12-18T07:27:00.397014vps751288.ovh.net sshd\[15408\]: Invalid user wwwadmin from 52.233.184.246 port 53854 2019-12-18T07:27:00.404840vps751288.ovh.net sshd\[15408\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.233.184.246	2019-12-18 18:53:34
97.90.247.163	attackspam	Automatic report - Port Scan Attack	2019-12-18 19:14:13
51.38.32.230	attackspambots	--- report --- Dec 18 06:49:15 sshd: Connection from 51.38.32.230 port 52368 Dec 18 06:49:27 sshd: Failed password for backup from 51.38.32.230 port 52368 ssh2 Dec 18 06:49:27 sshd: Received disconnect from 51.38.32.230: 11: Bye Bye [preauth]	2019-12-18 19:02:10
113.14.131.26	attack	2019-12-18 00:26:24 dovecot_login authenticator failed for (kyxczto.com) [113.14.131.26]:58107 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=ler@lerctr.org) 2019-12-18 00:26:35 dovecot_login authenticator failed for (kyxczto.com) [113.14.131.26]:58536 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=ler@lerctr.org) 2019-12-18 00:26:48 dovecot_login authenticator failed for (kyxczto.com) [113.14.131.26]:59333 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=ler@lerctr.org) ...	2019-12-18 19:01:02
200.233.225.227	attack	Dec 18 11:14:11 h2065291 sshd[20020]: reveeclipse mapping checking getaddrinfo for 200-233-225-227.xd-dynamic.ctbcnetsuper.com.br [200.233.225.227] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 18 11:14:11 h2065291 sshd[20020]: Invalid user margolis from 200.233.225.227 Dec 18 11:14:11 h2065291 sshd[20020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.233.225.227 Dec 18 11:14:13 h2065291 sshd[20020]: Failed password for invalid user margolis from 200.233.225.227 port 56104 ssh2 Dec 18 11:14:13 h2065291 sshd[20020]: Received disconnect from 200.233.225.227: 11: Bye Bye [preauth] Dec 18 11:23:46 h2065291 sshd[20265]: reveeclipse mapping checking getaddrinfo for 200-233-225-227.xd-dynamic.ctbcnetsuper.com.br [200.233.225.227] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 18 11:23:46 h2065291 sshd[20265]: Invalid user mysql from 200.233.225.227 Dec 18 11:23:46 h2065291 sshd[20265]: pam_unix(sshd:auth): authentication failure; logname= uid........ -------------------------------	2019-12-18 19:10:40
40.92.68.52	attack	Dec 18 09:26:46 debian-2gb-vpn-nbg1-1 kernel: [1028771.729239] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.68.52 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=32307 DF PROTO=TCP SPT=52671 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-18 19:06:46
45.136.108.153	attackspam	Dec 18 11:09:24 h2177944 kernel: \[9538747.628971\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.153 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=55870 PROTO=TCP SPT=46198 DPT=62498 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 18 11:24:30 h2177944 kernel: \[9539653.698420\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.153 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=33977 PROTO=TCP SPT=46198 DPT=5119 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 18 11:30:33 h2177944 kernel: \[9540017.135217\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.153 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=39885 PROTO=TCP SPT=46198 DPT=3782 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 18 11:40:35 h2177944 kernel: \[9540618.767330\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.153 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=11392 PROTO=TCP SPT=46198 DPT=30028 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 18 11:46:51 h2177944 kernel: \[9540994.817063\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.153 DST=85.21	2019-12-18 18:54:24
40.92.73.44	attackspambots	Dec 18 13:43:44 debian-2gb-vpn-nbg1-1 kernel: [1044189.198909] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.73.44 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=51049 DF PROTO=TCP SPT=7699 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-18 19:29:17

最近上报的IP列表

181.30.28.111	210.73.222.200	139.59.66.101	122.51.241.67
51.255.47.133	152.136.204.232	212.92.108.64	201.111.71.209
187.86.200.13	168.235.104.230	128.199.68.99	219.242.156.148
49.247.208.185	79.36.232.129	185.131.135.119	22.2.147.10
211.154.79.62	251.140.25.188	135.110.253.149	115.162.72.90