141.98.10.55 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Lithuania

Internet Service Provider: UAB Host Baltic

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	" "	2020-09-23 19:48:23
attackbots	SIPVicious Scanner Detection	2020-09-23 12:08:12
attack	Message meets Alert condition date=2020-09-21 time=22:00:07 devname= devid= logid="0101037131" type="event" subtype="vpn" level="error" vd="root" eventtime=1600743607040003899 tz="-0500" logdesc="IPsec ESP" msg="IPsec ESP" action="error" remip=141.98.10.55 locip= remport=5298 locport=500 outintf="wan2" cookies="N/A" user="N/A" group="N/A" xauthuser="N/A" xauthgroup="N/A" assignip=N/A vpntunnel="N/A" status="esp_error" error_num="Received ESP packet with unknown SPI." spi="4f505449" seq="4f4e5	2020-09-23 03:53:14
attack	Port Scanning, DDoS & Ransomware delivery	2020-08-31 03:45:59
attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-08-26 06:06:19
attackspam	[H1] Blocked by UFW	2020-08-14 05:22:41
attack	Triggered: repeated knocking on closed ports.	2020-08-11 05:44:43
attack	Port Scan detected from 141.98.10.55 (LT/Lithuania/-). 5 hits in the last 35 seconds	2020-08-03 02:04:09
attackbotsspam	Port Scan detected from 141.98.10.55 (LT/Lithuania/-). 5 hits in the last 40 seconds	2020-07-31 14:49:06
attack	Fail2Ban Ban Triggered	2020-06-28 19:17:27
attack	Fail2Ban Ban Triggered	2020-06-24 14:44:30
attackbotsspam	SIPVicious Scanner Detection	2020-06-07 17:28:26
attackbots	Port scan detected on ports: 1031[UDP], 1027[UDP], 1029[UDP]	2020-05-28 16:29:25
attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-22 21:24:55
attackspambots	firewall-block, port(s): 5700/udp	2020-05-21 23:51:23
attackspambots	Port scan(s) denied	2020-04-27 15:07:19
attackbots	Port Scan: Events[4] countPorts[4]: 7070 6655 8060 8050 ..	2020-04-16 05:47:33
attackspam	[MK-VM6] Blocked by UFW	2020-04-14 06:21:14
attackspam	Port scan on 17 port(s): 1010 5070 6050 10250 11000 11001 11002 11003 11004 11005 11120 11121 11122 11123 11125 11150 11600	2020-03-17 09:12:40
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-15 01:19:06
attack	Oct 11 09:03:30 mail postfix/smtpd\[18464\]: warning: unknown\[141.98.10.55\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 11 09:27:43 mail postfix/smtpd\[19376\]: warning: unknown\[141.98.10.55\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 11 09:52:12 mail postfix/smtpd\[19891\]: warning: unknown\[141.98.10.55\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 11 10:41:03 mail postfix/smtpd\[21132\]: warning: unknown\[141.98.10.55\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-10-11 17:56:40
attackspam	141.98.10.55 has been banned from MailServer for Abuse ...	2019-09-21 21:57:54
attackbotsspam	Mail system brute-force attack	2019-09-16 09:56:56
attackspambots	Unauthorized Brute Force Email Login Fail	2019-09-16 01:10:39
attack	2019-09-10T21:02:35.487063ns1.unifynetsol.net postfix/smtpd\[30388\]: warning: unknown\[141.98.10.55\]: SASL LOGIN authentication failed: authentication failure 2019-09-10T21:46:18.066768ns1.unifynetsol.net postfix/smtpd\[32226\]: warning: unknown\[141.98.10.55\]: SASL LOGIN authentication failed: authentication failure 2019-09-10T22:29:36.768424ns1.unifynetsol.net postfix/smtpd\[1928\]: warning: unknown\[141.98.10.55\]: SASL LOGIN authentication failed: authentication failure 2019-09-10T23:12:52.306722ns1.unifynetsol.net postfix/smtpd\[2430\]: warning: unknown\[141.98.10.55\]: SASL LOGIN authentication failed: authentication failure 2019-09-10T23:56:02.030855ns1.unifynetsol.net postfix/smtpd\[4678\]: warning: unknown\[141.98.10.55\]: SASL LOGIN authentication failed: authentication failure	2019-09-11 02:31:06
attackbots	Rude login attack (5 tries in 1d)	2019-09-10 12:10:08
attackbotsspam	2019-09-07T02:52:18.628679ns1.unifynetsol.net postfix/smtpd\[29480\]: warning: unknown\[141.98.10.55\]: SASL LOGIN authentication failed: authentication failure 2019-09-07T03:31:30.300203ns1.unifynetsol.net postfix/smtpd\[29462\]: warning: unknown\[141.98.10.55\]: SASL LOGIN authentication failed: authentication failure 2019-09-07T04:11:04.588604ns1.unifynetsol.net postfix/smtpd\[3820\]: warning: unknown\[141.98.10.55\]: SASL LOGIN authentication failed: authentication failure 2019-09-07T04:50:52.109478ns1.unifynetsol.net postfix/smtpd\[7592\]: warning: unknown\[141.98.10.55\]: SASL LOGIN authentication failed: authentication failure 2019-09-07T05:30:26.990420ns1.unifynetsol.net postfix/smtpd\[18742\]: warning: unknown\[141.98.10.55\]: SASL LOGIN authentication failed: authentication failure	2019-09-07 08:24:14

Comments on same subnet:

IP	Type	Details	Datetime
141.98.10.151	botsattackproxy	Bot attacker IP	2025-05-22 13:03:51
141.98.10.142	proxy	Hijacked server for pharmacy fraud proxy host. 400 EvaPharmacy domains resolve to 141.98.10.142 examples abbeclarinda.ru abigaleede.ru adancassie.ru addiesusan.ru adelaidastephi.ru adelicerebeca.ru . . . karlottegisella.ru karlottenananne.ru karolajanith.ru karonmarjory.ru kathylenka.ru	2020-11-16 04:52:05
141.98.10.143	attackbots	101 times SMTP brute-force	2020-10-13 01:38:52
141.98.10.143	attackspambots	2020-10-12T01:45:33.656187linuxbox-skyline auth[41790]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=dreamweaver rhost=141.98.10.143 ...	2020-10-12 17:01:52
141.98.10.143	attackbots	2020-10-11T14:46:00.980148linuxbox-skyline auth[33941]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=lexmark rhost=141.98.10.143 ...	2020-10-12 05:29:58
141.98.10.143	attackspambots	2020-10-11T07:15:58.824676linuxbox-skyline auth[29215]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=1111111 rhost=141.98.10.143 ...	2020-10-11 21:36:19
141.98.10.143	attack	2020-10-11T06:45:46.209309www postfix/smtpd[8507]: warning: unknown[141.98.10.143]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-10-11T06:55:47.337873www postfix/smtpd[8776]: warning: unknown[141.98.10.143]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-10-11T07:05:40.010493www postfix/smtpd[9308]: warning: unknown[141.98.10.143]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-11 13:33:06
141.98.10.143	attack	2020-10-10T16:48:57.696595linuxbox-skyline auth[20259]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=h.yamaguch rhost=141.98.10.143 ...	2020-10-11 06:57:15
141.98.10.136	attackbots	Oct 10 18:38:05 srv01 postfix/smtpd\[16156\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 18:38:09 srv01 postfix/smtpd\[3227\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 18:38:09 srv01 postfix/smtpd\[15720\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 18:38:09 srv01 postfix/smtpd\[15998\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 18:47:24 srv01 postfix/smtpd\[21907\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-11 01:22:55
141.98.10.192	attackspam	Sep 20 16:13:59 hidden postfix/postscreen[57206]: DNSBL rank 3 for [141.98.10.192]:61003	2020-10-11 01:20:17
141.98.10.136	attackspam	Oct 10 10:32:46 srv01 postfix/smtpd\[12654\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 10:32:50 srv01 postfix/smtpd\[15452\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 10:32:50 srv01 postfix/smtpd\[15454\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 10:32:50 srv01 postfix/smtpd\[15453\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 10:42:08 srv01 postfix/smtpd\[18147\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-10 17:15:16
141.98.10.192	attackbotsspam	Sep 20 16:13:59 hidden postfix/postscreen[57206]: DNSBL rank 3 for [141.98.10.192]:61003	2020-10-10 17:12:12
141.98.10.136	attackbotsspam	Rude login attack (105 tries in 1d)	2020-10-08 00:07:05
141.98.10.136	attack	Oct 7 10:03:37 srv01 postfix/smtpd\[11912\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 10:03:37 srv01 postfix/smtpd\[16131\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 10:03:41 srv01 postfix/smtpd\[18900\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 10:03:41 srv01 postfix/smtpd\[18901\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 10:12:41 srv01 postfix/smtpd\[20896\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-07 16:14:01
141.98.10.212	attackspambots	Oct 6 23:30:49 scw-6657dc sshd[540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.212 Oct 6 23:30:49 scw-6657dc sshd[540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.212 Oct 6 23:30:51 scw-6657dc sshd[540]: Failed password for invalid user Administrator from 141.98.10.212 port 40937 ssh2 ...	2020-10-07 07:59:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 141.98.10.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43905
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;141.98.10.55.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 07 08:24:08 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 55.10.98.141.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 55.10.98.141.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.49.224.156	attack	Jun 28 06:03:20 scw-focused-cartwright sshd[3609]: Failed password for root from 37.49.224.156 port 47974 ssh2	2020-06-28 14:25:36
132.145.160.32	attack	2020-06-27T23:35:56.973700linuxbox-skyline sshd[302283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.160.32 user=root 2020-06-27T23:35:59.207408linuxbox-skyline sshd[302283]: Failed password for root from 132.145.160.32 port 54482 ssh2 ...	2020-06-28 14:43:05
129.213.194.239	attackspam	Jun 28 05:49:26 piServer sshd[17622]: Failed password for root from 129.213.194.239 port 49318 ssh2 Jun 28 05:53:59 piServer sshd[18109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.194.239 Jun 28 05:54:02 piServer sshd[18109]: Failed password for invalid user ashmit from 129.213.194.239 port 48530 ssh2 ...	2020-06-28 14:49:17
118.24.7.98	attackspam	prod8 ...	2020-06-28 14:55:31
157.230.47.241	attack	Jun 28 08:31:44 PorscheCustomer sshd[9691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.47.241 Jun 28 08:31:46 PorscheCustomer sshd[9691]: Failed password for invalid user kalista from 157.230.47.241 port 54060 ssh2 Jun 28 08:35:42 PorscheCustomer sshd[9810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.47.241 ...	2020-06-28 14:45:14
218.92.0.145	attack	Jun 28 01:58:25 NPSTNNYC01T sshd[8259]: Failed password for root from 218.92.0.145 port 30824 ssh2 Jun 28 01:58:29 NPSTNNYC01T sshd[8259]: Failed password for root from 218.92.0.145 port 30824 ssh2 Jun 28 01:58:32 NPSTNNYC01T sshd[8259]: Failed password for root from 218.92.0.145 port 30824 ssh2 Jun 28 01:58:39 NPSTNNYC01T sshd[8259]: error: maximum authentication attempts exceeded for root from 218.92.0.145 port 30824 ssh2 [preauth] ...	2020-06-28 14:33:43
223.99.248.117	attackspam	Jun 28 07:01:55 srv-ubuntu-dev3 sshd[58941]: Invalid user karla from 223.99.248.117 Jun 28 07:01:55 srv-ubuntu-dev3 sshd[58941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.99.248.117 Jun 28 07:01:55 srv-ubuntu-dev3 sshd[58941]: Invalid user karla from 223.99.248.117 Jun 28 07:01:57 srv-ubuntu-dev3 sshd[58941]: Failed password for invalid user karla from 223.99.248.117 port 38380 ssh2 Jun 28 07:05:32 srv-ubuntu-dev3 sshd[59508]: Invalid user admin from 223.99.248.117 Jun 28 07:05:32 srv-ubuntu-dev3 sshd[59508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.99.248.117 Jun 28 07:05:32 srv-ubuntu-dev3 sshd[59508]: Invalid user admin from 223.99.248.117 Jun 28 07:05:34 srv-ubuntu-dev3 sshd[59508]: Failed password for invalid user admin from 223.99.248.117 port 57530 ssh2 Jun 28 07:09:04 srv-ubuntu-dev3 sshd[60148]: Invalid user julia from 223.99.248.117 ...	2020-06-28 14:19:33
104.208.29.86	attackspambots	Jun 28 08:32:25 serwer sshd\[13285\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.208.29.86 user=root Jun 28 08:32:25 serwer sshd\[13287\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.208.29.86 user=root Jun 28 08:32:27 serwer sshd\[13285\]: Failed password for root from 104.208.29.86 port 49879 ssh2 Jun 28 08:32:27 serwer sshd\[13287\]: Failed password for root from 104.208.29.86 port 49953 ssh2 ...	2020-06-28 14:48:31
139.199.18.200	attackbotsspam	Jun 28 08:20:13 eventyay sshd[19094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 Jun 28 08:20:15 eventyay sshd[19094]: Failed password for invalid user kerry from 139.199.18.200 port 58510 ssh2 Jun 28 08:23:49 eventyay sshd[19189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.18.200 ...	2020-06-28 14:56:56
64.113.103.196	attackspam	(sshd) Failed SSH login from 64.113.103.196 (US/United States/196.103-113-64.ftth.swbr.surewest.net): 5 in the last 300 secs	2020-06-28 14:16:20
88.214.26.90	attack	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-06-28T05:11:56Z and 2020-06-28T06:19:51Z	2020-06-28 14:22:27
185.86.164.102	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-06-28 14:48:47
103.45.251.204	attack	Invalid user tomcat from 103.45.251.204 port 36026	2020-06-28 14:27:41
197.234.57.142	attackbots	Activity: Failed log on (Failure message: Error validating credentials due to invalid username or password.)	2020-06-28 14:29:38
112.85.42.176	attackbots	Jun 28 08:39:24 minden010 sshd[29227]: Failed password for root from 112.85.42.176 port 55352 ssh2 Jun 28 08:39:41 minden010 sshd[29318]: Failed password for root from 112.85.42.176 port 17919 ssh2 Jun 28 08:39:44 minden010 sshd[29318]: Failed password for root from 112.85.42.176 port 17919 ssh2 ...	2020-06-28 14:48:06

Recently Reported IPs

36.152.65.199	204.218.118.107	190.230.171.87	139.59.155.91
84.165.38.69	53.65.120.25	216.217.133.74	221.238.223.76
170.102.153.89	65.212.98.70	13.59.80.228	63.83.73.182
149.129.175.132	144.217.217.179	35.246.74.194	218.205.113.204
16.83.19.175	70.81.120.44	78.47.25.21	27.166.80.2