141.98.80.242 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: FlyServers S.A.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	[MK-VM6] Blocked by UFW	2020-08-31 23:15:23
attackbotsspam	[MK-VM2] Blocked by UFW	2020-08-26 23:58:46
attackbots	Aug 23 23:54:37 [host] kernel: [3886479.751378] [U Aug 23 23:55:11 [host] kernel: [3886513.671300] [U Aug 23 23:58:29 [host] kernel: [3886711.514569] [U Aug 23 23:59:16 [host] kernel: [3886759.115957] [U Aug 24 00:08:04 [host] kernel: [3887287.065812] [U Aug 24 00:10:28 [host] kernel: [3887431.235186] [U	2020-08-24 06:11:26
attackbots	Triggered: repeated knocking on closed ports.	2020-08-23 07:20:54
attackbotsspam	[MK-VM1] Blocked by UFW	2020-08-13 06:57:20

Comments on same subnet:

IP	Type	Details	Datetime
141.98.80.73	attackbotsspam	Oct 13 20:36:42 mail postfix/smtpd\[2755\]: warning: unknown\[141.98.80.73\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 13 21:07:45 mail postfix/smtpd\[3739\]: warning: unknown\[141.98.80.73\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 13 21:08:05 mail postfix/smtpd\[3743\]: warning: unknown\[141.98.80.73\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 13 21:08:21 mail postfix/smtpd\[3743\]: warning: unknown\[141.98.80.73\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-10-14 03:24:10
141.98.80.73	attack	Oct 13 12:10:32 mail postfix/smtpd\[17486\]: warning: unknown\[141.98.80.73\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 13 12:10:52 mail postfix/smtpd\[17603\]: warning: unknown\[141.98.80.73\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 13 12:11:11 mail postfix/smtpd\[17486\]: warning: unknown\[141.98.80.73\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 13 12:42:04 mail postfix/smtpd\[18268\]: warning: unknown\[141.98.80.73\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-10-13 18:42:16
141.98.80.72	attackbotsspam	2020-10-11 20:00:28 dovecot_login authenticator failed for \(\[141.98.80.72\]\) \[141.98.80.72\]: 535 Incorrect authentication data \(set_id=ben@benjaminhauck.com\) 2020-10-11 20:00:36 dovecot_login authenticator failed for \(\[141.98.80.72\]\) \[141.98.80.72\]: 535 Incorrect authentication data 2020-10-11 20:00:45 dovecot_login authenticator failed for \(\[141.98.80.72\]\) \[141.98.80.72\]: 535 Incorrect authentication data 2020-10-11 20:00:51 dovecot_login authenticator failed for \(\[141.98.80.72\]\) \[141.98.80.72\]: 535 Incorrect authentication data 2020-10-11 20:01:03 dovecot_login authenticator failed for \(\[141.98.80.72\]\) \[141.98.80.72\]: 535 Incorrect authentication data ...	2020-10-12 02:02:30
141.98.80.22	attackbots	Fail2Ban Ban Triggered	2020-10-12 00:23:22
141.98.80.72	attackbotsspam	Brute Force attack - banned by Fail2Ban	2020-10-11 17:52:34
141.98.80.22	attackbotsspam	[H1.VM1] Blocked by UFW	2020-10-11 16:21:12
141.98.80.22	attackbots	port scan hacking	2020-10-11 09:40:14
141.98.80.22	attack	Tried to scan TCP Port but the Antivirus refused. More than 20 times within a few months.	2020-10-11 07:04:39
141.98.80.39	attackbotsspam	\x03 400 0 "-" "-"	2020-10-10 02:08:44
141.98.80.39	attack	Found on Binary Defense / proto=6 . srcport=65528 . dstport=53 DNS . (757)	2020-10-09 17:53:14
141.98.80.190	attackspambots	Exim brute force attack (multiple auth failures).	2020-10-09 07:22:48
141.98.80.22	attackspambots	UTC 10/08/2020 18:12:24 - 83 - Security Services - Alert - 141.98.80.22, 65534, X1 - xxx.xxx.xxx.xxx, 8651, X1 - tcp - TCP scanned port list, 8691, 8611, 8671, 8601, 8661, 8641, 8681, 8631, 8621, 8651 - Probable port scan detected	2020-10-09 05:32:34
141.98.80.190	attackbots	Oct 8 17:35:05 relay postfix/smtpd\[8860\]: warning: unknown\[141.98.80.190\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 8 17:35:26 relay postfix/smtpd\[4144\]: warning: unknown\[141.98.80.190\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 8 17:40:26 relay postfix/smtpd\[5072\]: warning: unknown\[141.98.80.190\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 8 17:40:45 relay postfix/smtpd\[4145\]: warning: unknown\[141.98.80.190\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 8 17:46:12 relay postfix/smtpd\[8861\]: warning: unknown\[141.98.80.190\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-08 23:51:58
141.98.80.22	attackbotsspam	scans 10 times in preceeding hours on the ports (in chronological order) 8601 8611 8621 8631 8641 8651 8661 8671 8681 8691	2020-10-08 21:47:16
141.98.80.22	attack	tcp port scan	2020-10-08 13:41:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 141.98.80.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8045
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;141.98.80.242.			IN	A

;; AUTHORITY SECTION:
.			340	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081203 1800 900 604800 86400

;; Query time: 130 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 13 06:57:15 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 242.80.98.141.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.80.98.141.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
206.189.206.155	attackbotsspam	Aug 3 13:08:53 ns37 sshd[27121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.206.155 Aug 3 13:08:55 ns37 sshd[27121]: Failed password for invalid user dkauffman from 206.189.206.155 port 41150 ssh2 Aug 3 13:09:12 ns37 sshd[27261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.206.155	2019-08-03 19:13:21
178.62.30.135	attackbots	Aug 3 12:39:57 lnxded64 sshd[14733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.30.135 Aug 3 12:40:00 lnxded64 sshd[14733]: Failed password for invalid user alex from 178.62.30.135 port 60822 ssh2 Aug 3 12:46:01 lnxded64 sshd[16262]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.30.135	2019-08-03 18:56:53
89.163.190.128	attack	Aug 2 19:14:07 hurricane sshd[15999]: Invalid user vikas from 89.163.190.128 port 35974 Aug 2 19:14:07 hurricane sshd[15999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.163.190.128 Aug 2 19:14:09 hurricane sshd[15999]: Failed password for invalid user vikas from 89.163.190.128 port 35974 ssh2 Aug 2 19:14:10 hurricane sshd[15999]: Received disconnect from 89.163.190.128 port 35974:11: Bye Bye [preauth] Aug 2 19:14:10 hurricane sshd[15999]: Disconnected from 89.163.190.128 port 35974 [preauth] Aug 2 19:27:33 hurricane sshd[16047]: Invalid user www from 89.163.190.128 port 54990 Aug 2 19:27:33 hurricane sshd[16047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.163.190.128 Aug 2 19:27:36 hurricane sshd[16047]: Failed password for invalid user www from 89.163.190.128 port 54990 ssh2 Aug 2 19:27:36 hurricane sshd[16047]: Received disconnect from 89.163.190.128 port 54990:11:........ -------------------------------	2019-08-03 18:53:33
3.92.211.210	attackbots	port scan and connect, tcp 21 (ftp)	2019-08-03 18:52:44
129.204.40.157	attackspambots	Aug 2 21:43:20 cac1d2 sshd\[18735\]: Invalid user arbaiah from 129.204.40.157 port 42906 Aug 2 21:43:20 cac1d2 sshd\[18735\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.40.157 Aug 2 21:43:23 cac1d2 sshd\[18735\]: Failed password for invalid user arbaiah from 129.204.40.157 port 42906 ssh2 ...	2019-08-03 19:27:12
134.209.106.64	attackbotsspam	Invalid user abel from 134.209.106.64 port 37554	2019-08-03 19:26:42
148.70.11.143	attackbotsspam	Aug 3 10:29:23 unicornsoft sshd\[14557\]: Invalid user aish from 148.70.11.143 Aug 3 10:29:23 unicornsoft sshd\[14557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.11.143 Aug 3 10:29:24 unicornsoft sshd\[14557\]: Failed password for invalid user aish from 148.70.11.143 port 39038 ssh2	2019-08-03 19:02:15
90.63.174.128	attackspam	Automatic report - Port Scan Attack	2019-08-03 18:54:41
51.75.147.100	attackbots	Aug 3 09:49:32 ns341937 sshd[16389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.147.100 Aug 3 09:49:35 ns341937 sshd[16389]: Failed password for invalid user matt from 51.75.147.100 port 33110 ssh2 Aug 3 09:57:41 ns341937 sshd[18073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.147.100 ...	2019-08-03 19:27:32
104.238.96.152	attackbotsspam	Automatic report - Banned IP Access	2019-08-03 19:33:18
51.75.204.92	attackbots	Aug 3 06:34:16 mail sshd\[6851\]: Failed password for root from 51.75.204.92 port 54364 ssh2 Aug 3 06:51:09 mail sshd\[7048\]: Invalid user jia from 51.75.204.92 port 34626 ...	2019-08-03 19:11:27
191.34.162.186	attackbots	2019-08-03T08:27:13.029025abusebot-7.cloudsearch.cf sshd\[15309\]: Invalid user ralf from 191.34.162.186 port 37558	2019-08-03 19:28:51
49.234.44.48	attackbots	Aug 3 10:51:21 microserver sshd[58304]: Invalid user ofsaa from 49.234.44.48 port 45964 Aug 3 10:51:21 microserver sshd[58304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.44.48 Aug 3 10:51:23 microserver sshd[58304]: Failed password for invalid user ofsaa from 49.234.44.48 port 45964 ssh2 Aug 3 10:56:39 microserver sshd[58991]: Invalid user mehaque from 49.234.44.48 port 40248 Aug 3 10:56:39 microserver sshd[58991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.44.48 Aug 3 11:07:25 microserver sshd[60367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.44.48 user=root Aug 3 11:07:28 microserver sshd[60367]: Failed password for root from 49.234.44.48 port 57002 ssh2 Aug 3 11:14:06 microserver sshd[61137]: Invalid user abt from 49.234.44.48 port 51324 Aug 3 11:14:06 microserver sshd[61137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=	2019-08-03 18:56:09
118.70.182.185	attackspambots	Aug 3 09:24:03 lnxded63 sshd[31464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.182.185	2019-08-03 19:35:17
142.93.179.95	attackbotsspam	SSH Brute Force	2019-08-03 19:37:55

Recently Reported IPs

118.174.196.31	203.205.32.58	106.233.5.58	164.163.147.231
211.113.141.75	180.212.148.35	103.43.154.83	98.95.253.127
147.32.243.98	89.136.63.69	185.55.97.148	142.67.62.56
49.23.28.242	143.32.204.2	197.175.178.126	155.151.146.124
222.90.229.194	66.85.125.64	10.33.221.111	251.34.97.199