141.98.11.18 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Republic of Lithuania

运营商(isp): UAB Host Baltic

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Dec 17 16:21:10 grey postfix/smtpd\[5338\]: NOQUEUE: reject: RCPT from picayune.woinsta.com\[141.98.11.18\]: 554 5.7.1 Service unavailable\; Client host \[141.98.11.18\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[141.98.11.18\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-18 04:16:19

类型

评论内容

时间

attackbotsspam

Dec 17 16:21:10 grey postfix/smtpd\[5338\]: NOQUEUE: reject: RCPT from picayune.woinsta.com\[141.98.11.18\]: 554 5.7.1 Service unavailable\; Client host \[141.98.11.18\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[141.98.11.18\]\; from=\ to=\ proto=ESMTP helo=\
...

2019-12-18 04:16:19

相同子网IP讨论:

IP	类型	评论内容	时间
141.98.11.116	botsattack	SSH bot	2025-07-08 13:05:44
141.98.11.35	botsattackproxy	Vulnerability Scanner	2025-01-23 13:58:46
141.98.11.179	attack	Malicious IP / Malware	2024-05-02 12:58:57
141.98.11.96	attack	Brute connect	2024-03-29 14:40:38
141.98.11.61	attack	Scan port	2022-07-04 12:56:10
141.98.11.51	spam	Lig	2022-06-25 06:43:55
141.98.11.65	attack	Scan Port	2022-03-25 13:51:43
141.98.11.94	attackbots		2020-05-02 07:51:03
141.98.11.106	attack		2020-04-30 08:23:33
141.98.11.113	attackbotsspam	[ER hit] Tried to deliver spam. Already well known.	2020-04-26 06:58:32
141.98.11.71	spam	Spammer	2020-04-11 07:30:34
141.98.11.12	attack	" "	2020-03-20 00:02:06
141.98.11.118	attackspambots	SpamScore above: 10.0	2020-03-17 07:26:00
141.98.11.21	attackbotsspam	Dec 16 22:15:14 grey postfix/smtpd\[10497\]: NOQUEUE: reject: RCPT from careful.woinsta.com\[141.98.11.21\]: 554 5.7.1 Service unavailable\; Client host \[141.98.11.21\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[141.98.11.21\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-17 05:33:32
141.98.11.12	attack	" "	2019-12-06 03:21:17

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 141.98.11.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1122
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;141.98.11.18.			IN	A

;; AUTHORITY SECTION:
.			555	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121701 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 18 04:16:15 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

18.11.98.141.in-addr.arpa domain name pointer picayune.woinsta.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
18.11.98.141.in-addr.arpa	name = picayune.woinsta.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
184.105.139.105	attack	UDP 184.105.139.105:18113 -> port 19, len 29	2020-06-01 17:53:58
223.255.28.203	attackbots	prod6 ...	2020-06-01 17:43:16
124.70.166.15	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-06-01 18:16:12
222.186.175.215	attack	Jun 1 06:05:02 NPSTNNYC01T sshd[16037]: Failed password for root from 222.186.175.215 port 26946 ssh2 Jun 1 06:05:06 NPSTNNYC01T sshd[16037]: Failed password for root from 222.186.175.215 port 26946 ssh2 Jun 1 06:05:15 NPSTNNYC01T sshd[16037]: error: maximum authentication attempts exceeded for root from 222.186.175.215 port 26946 ssh2 [preauth] ...	2020-06-01 18:13:00
112.85.42.238	attackspambots	Jun 1 06:11:32 web01 sshd[31504]: Failed password for root from 112.85.42.238 port 44038 ssh2 Jun 1 06:11:35 web01 sshd[31504]: Failed password for root from 112.85.42.238 port 44038 ssh2 ...	2020-06-01 17:40:14
47.111.246.143	attack	Jun 1 02:59:13 www6-3 sshd[16825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.111.246.143 user=r.r Jun 1 02:59:15 www6-3 sshd[16825]: Failed password for r.r from 47.111.246.143 port 47760 ssh2 Jun 1 02:59:15 www6-3 sshd[16825]: Received disconnect from 47.111.246.143 port 47760:11: Bye Bye [preauth] Jun 1 02:59:15 www6-3 sshd[16825]: Disconnected from 47.111.246.143 port 47760 [preauth] Jun 1 03:14:36 www6-3 sshd[18225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.111.246.143 user=r.r Jun 1 03:14:39 www6-3 sshd[18225]: Failed password for r.r from 47.111.246.143 port 55986 ssh2 Jun 1 03:14:39 www6-3 sshd[18225]: Received disconnect from 47.111.246.143 port 55986:11: Bye Bye [preauth] Jun 1 03:14:39 www6-3 sshd[18225]: Disconnected from 47.111.246.143 port 55986 [preauth] Jun 1 03:16:05 www6-3 sshd[18364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 ........ -------------------------------	2020-06-01 18:15:02
125.132.73.28	attackspambots	Jun 1 07:49:40 vpn01 sshd[3372]: Failed password for root from 125.132.73.28 port 58775 ssh2 ...	2020-06-01 17:56:11
51.254.137.206	attackbotsspam	2020-06-01T09:45:14.502231shield sshd\[31835\]: Invalid user phpmyadmin from 51.254.137.206 port 60003 2020-06-01T09:45:14.505904shield sshd\[31835\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.ip-51-254-137.eu 2020-06-01T09:45:16.067171shield sshd\[31835\]: Failed password for invalid user phpmyadmin from 51.254.137.206 port 60003 ssh2 2020-06-01T09:46:25.930924shield sshd\[32090\]: Invalid user php from 51.254.137.206 port 44440 2020-06-01T09:46:25.934609shield sshd\[32090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.ip-51-254-137.eu	2020-06-01 17:54:34
111.229.64.133	attack	Jun 1 08:14:25 piServer sshd[4856]: Failed password for root from 111.229.64.133 port 57592 ssh2 Jun 1 08:19:06 piServer sshd[5249]: Failed password for root from 111.229.64.133 port 52122 ssh2 ...	2020-06-01 17:42:15
35.209.49.216	attackbotsspam	LGS,WP GET /v2/wp-includes/wlwmanifest.xml	2020-06-01 17:37:12
123.21.232.192	attackspam	2020-06-0105:45:501jfbOR-0003zF-Gc\<=info@whatsup2013.chH=\(localhost\)[123.21.229.100]:47000P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3016id=2acd7b282308222ab6b305a94e3a100ca24d16@whatsup2013.chT="totony.flores9"fortony.flores9@yahoo.comwilliamg70@gmail.comrsayago60@gmail.com2020-06-0105:46:261jfbP6-00044N-Rc\<=info@whatsup2013.chH=\(localhost\)[113.172.165.239]:56435P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2980id=a58440131833e6eacd883e6d995ed4d8eb9a73ab@whatsup2013.chT="toalbertoperez67"foralbertoperez67@icloud.comdmt3@gmx.commikebrewer@497gmail.com2020-06-0105:46:371jfbPI-00046e-HD\<=info@whatsup2013.chH=\(localhost\)[123.21.232.192]:41139P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3035id=2af64013183319118d883e9275012b37218d97@whatsup2013.chT="tocristianponce"forcristianponce@hotmail.comjimmywint14@gmail.comaskew.terence@yahoo.com2020-06-0105:46:231jfbP4-00	2020-06-01 17:48:46
185.244.234.80	attack	Excessive Port-Scanning	2020-06-01 17:47:47
195.54.160.180	attack	Jun 1 05:11:45 stark sshd[19074]: User root not allowed because account is locked Jun 1 05:11:46 stark sshd[19074]: Connection closed by 195.54.160.180 port 48297 [preauth] Jun 1 05:11:46 stark sshd[19076]: User root not allowed because account is locked Jun 1 05:11:46 stark sshd[19076]: Connection closed by 195.54.160.180 port 48918 [preauth]	2020-06-01 17:39:23
112.78.178.121	attack	1590983211 - 06/01/2020 05:46:51 Host: 112.78.178.121/112.78.178.121 Port: 445 TCP Blocked	2020-06-01 18:14:36
187.178.83.5	attackbots	Brute-Force	2020-06-01 18:02:38

最近上报的IP列表

139.20.126.0	179.4.41.209	14.171.169.116	181.159.243.52
23.40.122.7	149.88.218.28	2.77.215.231	209.200.0.84
3.243.58.175	40.92.20.74	134.21.145.222	24.4.125.238
178.62.23.60	110.161.28.57	130.212.82.51	103.34.21.217
111.93.7.2	112.134.106.26	59.190.199.22	153.188.230.148