141.0.14.49 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Norway

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
141.0.146.227	attackspam	prod11 ...	2020-07-12 23:29:02
141.0.146.227	attack	Invalid user gibraltar from 141.0.146.227 port 58834	2020-07-12 05:02:51
141.0.148.10	attack	5x Failed Password	2020-01-31 16:18:57
141.0.148.10	attackspam	Jan 4 13:32:28 mockhub sshd[28157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.0.148.10 ...	2020-01-05 06:00:10
141.0.148.10	attack	Dec 30 00:04:16 serwer sshd\[21077\]: Invalid user pi from 141.0.148.10 port 40742 Dec 30 00:04:16 serwer sshd\[21078\]: Invalid user pi from 141.0.148.10 port 40744 Dec 30 00:04:16 serwer sshd\[21077\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.0.148.10 Dec 30 00:04:16 serwer sshd\[21078\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.0.148.10 ...	2019-12-30 07:28:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 141.0.14.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9607
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;141.0.14.49.			IN	A

;; AUTHORITY SECTION:
.			417	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 09:19:43 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 49.14.0.141.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.14.0.141.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
2002:6baf:c290::6baf:c290	attackspam	[SatApr0405:57:22.7077462020][:error][pid5167:tid48001539942144][client2002:6baf:c290::6baf:c290:60884][client2002:6baf:c290::6baf:c290]ModSecurity:Accessdeniedwithcode403$phase2$.File"/tmp/20200404-055721-XogFobgLTr5kq9UG-mYq7AAAAIg-file-dgZbhe"rejectedbytheapproverscript"/etc/cxs/cxscgi.sh":0[file"/etc/apache2/conf.d/modsec_vendor_configs/configserver/00_configserver.conf"][line"7"][id"1010101"][msg"ConfigServerExploitScanner$cxs$triggered"][severity"CRITICAL"][hostname"ilgiornaledelticino.ch"][uri"/wp-admin/admin-post.php"][unique_id"XogFobgLTr5kq9UG-mYq7AAAAIg"]	2020-04-04 13:54:09
104.248.170.45	attackspambots	Invalid user demo from 104.248.170.45 port 56256	2020-04-04 14:23:04
222.186.175.23	attack	Apr 4 08:05:44 dcd-gentoo sshd[8257]: User root from 222.186.175.23 not allowed because none of user's groups are listed in AllowGroups Apr 4 08:05:46 dcd-gentoo sshd[8257]: error: PAM: Authentication failure for illegal user root from 222.186.175.23 Apr 4 08:05:44 dcd-gentoo sshd[8257]: User root from 222.186.175.23 not allowed because none of user's groups are listed in AllowGroups Apr 4 08:05:46 dcd-gentoo sshd[8257]: error: PAM: Authentication failure for illegal user root from 222.186.175.23 Apr 4 08:05:44 dcd-gentoo sshd[8257]: User root from 222.186.175.23 not allowed because none of user's groups are listed in AllowGroups Apr 4 08:05:46 dcd-gentoo sshd[8257]: error: PAM: Authentication failure for illegal user root from 222.186.175.23 Apr 4 08:05:46 dcd-gentoo sshd[8257]: Failed keyboard-interactive/pam for invalid user root from 222.186.175.23 port 64250 ssh2 ...	2020-04-04 14:28:14
88.198.205.13	attack	[SatApr0405:57:02.3672292020][:error][pid8916:tid47137764415232][client88.198.205.13:45499][client88.198.205.13]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\$mozilla\^\\|mozilla/[45]\\\\\\\\.[1-9]\\|\^mozilla/4\\\\\\\\.0\$$"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"426"][id"330131"][rev"3"][msg"Atomicorp.comWAFRules:MaliciousBotBlocked$FakeMozillaUserAgentStringDetected$"][severity"CRITICAL"][hostname"wp.aaaa6877.org"][uri"/wp-content/plugins/seo-by-rank-math/assets/front/css/rank-math-snippet.css"][unique_id"XogFjuWOrWOaB0QzA6HJfgAAAMY"]\,referer:wp.aaaa6877.org[SatApr0405:57:13.0287472020][:error][pid8917:tid47137791731456][client88.198.205.13:46360][client88.198.205.13]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\$mozilla\^\\|mozilla/[45]\\\\\\\\.[1-9]\\|\^mozilla/4\\\\\\\\.0\$$"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line	2020-04-04 13:59:09
49.234.91.116	attack	$f2bV_matches	2020-04-04 14:03:31
49.233.192.233	attackbotsspam	Apr 4 06:29:59 eventyay sshd[16811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.192.233 Apr 4 06:30:01 eventyay sshd[16811]: Failed password for invalid user idcfo123 from 49.233.192.233 port 35244 ssh2 Apr 4 06:34:38 eventyay sshd[17651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.192.233 ...	2020-04-04 13:56:45
71.189.47.10	attack	Apr 4 10:52:47 webhost01 sshd[31405]: Failed password for root from 71.189.47.10 port 10026 ssh2 ...	2020-04-04 14:14:15
103.215.139.101	attack	Apr 4 07:18:00 ewelt sshd[7302]: Invalid user cy from 103.215.139.101 port 42362 Apr 4 07:18:00 ewelt sshd[7302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.215.139.101 Apr 4 07:18:00 ewelt sshd[7302]: Invalid user cy from 103.215.139.101 port 42362 Apr 4 07:18:02 ewelt sshd[7302]: Failed password for invalid user cy from 103.215.139.101 port 42362 ssh2 ...	2020-04-04 14:38:39
123.30.149.76	attack	Apr 3 23:56:56 Tower sshd[14948]: Connection from 123.30.149.76 port 55856 on 192.168.10.220 port 22 rdomain "" Apr 3 23:56:58 Tower sshd[14948]: Invalid user maojiayuan from 123.30.149.76 port 55856 Apr 3 23:56:58 Tower sshd[14948]: error: Could not get shadow information for NOUSER Apr 3 23:56:58 Tower sshd[14948]: Failed password for invalid user maojiayuan from 123.30.149.76 port 55856 ssh2 Apr 3 23:56:58 Tower sshd[14948]: Received disconnect from 123.30.149.76 port 55856:11: Bye Bye [preauth] Apr 3 23:56:58 Tower sshd[14948]: Disconnected from invalid user maojiayuan 123.30.149.76 port 55856 [preauth]	2020-04-04 14:01:42
66.70.205.186	attackspambots	Apr 4 06:22:47 vps58358 sshd\[23093\]: Invalid user xu from 66.70.205.186Apr 4 06:22:49 vps58358 sshd\[23093\]: Failed password for invalid user xu from 66.70.205.186 port 47017 ssh2Apr 4 06:25:47 vps58358 sshd\[23128\]: Invalid user rl from 66.70.205.186Apr 4 06:25:49 vps58358 sshd\[23128\]: Failed password for invalid user rl from 66.70.205.186 port 40552 ssh2Apr 4 06:27:48 vps58358 sshd\[23159\]: Failed password for root from 66.70.205.186 port 57563 ssh2Apr 4 06:29:53 vps58358 sshd\[23181\]: Failed password for root from 66.70.205.186 port 46342 ssh2 ...	2020-04-04 13:56:12
188.166.5.84	attackbotsspam	Invalid user sunil from 188.166.5.84 port 52744	2020-04-04 14:30:57
222.186.42.155	attackspambots	(sshd) Failed SSH login from 222.186.42.155 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 4 07:27:08 amsweb01 sshd[9374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root Apr 4 07:27:10 amsweb01 sshd[9374]: Failed password for root from 222.186.42.155 port 54735 ssh2 Apr 4 07:27:12 amsweb01 sshd[9374]: Failed password for root from 222.186.42.155 port 54735 ssh2 Apr 4 07:27:14 amsweb01 sshd[9374]: Failed password for root from 222.186.42.155 port 54735 ssh2 Apr 4 07:56:35 amsweb01 sshd[12881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root	2020-04-04 13:58:06
103.100.210.151	attack	SSH Bruteforce attack	2020-04-04 14:39:38
222.186.42.137	attackbotsspam	Apr 4 09:23:45 server2 sshd\[3452\]: User root from 222.186.42.137 not allowed because not listed in AllowUsers Apr 4 09:25:02 server2 sshd\[3486\]: User root from 222.186.42.137 not allowed because not listed in AllowUsers Apr 4 09:25:14 server2 sshd\[3672\]: User root from 222.186.42.137 not allowed because not listed in AllowUsers Apr 4 09:31:00 server2 sshd\[4028\]: User root from 222.186.42.137 not allowed because not listed in AllowUsers Apr 4 09:31:02 server2 sshd\[4030\]: User root from 222.186.42.137 not allowed because not listed in AllowUsers Apr 4 09:31:08 server2 sshd\[4054\]: User root from 222.186.42.137 not allowed because not listed in AllowUsers	2020-04-04 14:43:07
83.110.5.148	attackspambots	Unauthorised access (Apr 4) SRC=83.110.5.148 LEN=44 TTL=54 ID=55704 TCP DPT=23 WINDOW=14160 SYN	2020-04-04 14:19:50

Recently Reported IPs

141.0.14.5	141.0.14.50	141.0.14.51	141.0.14.52
141.0.14.53	141.0.14.55	141.0.14.54	141.0.14.56
141.0.14.57	141.0.14.58	141.0.14.59	141.0.14.6
141.0.14.61	141.0.14.62	141.0.14.60	118.96.133.228
141.0.14.64	141.0.14.63	141.0.14.65	141.0.14.66