JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 141.98.101.182

141.98.101.182 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 53%: ?

53%

ISP	M247 LTD Manchester Infrastructure
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	m247global.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	Manchester, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 141.98.101.182

Whois 141.98.101.182

IP Abuse Reports for 141.98.101.182:

This IP address has been reported a total of 49 times from 24 distinct sources. 141.98.101.182 was first reported on September 6th 2024, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-19 16:03:03 (10 hours ago)	Honeypot hit: Incoming HTTP traffic on port 81	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-19 11:57:53 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 141.98.101.182 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 141.98.101.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 07:57:47.987029 2026] [security2:error] [pid 20612:tid 20612] [client 141.98.101.182:44860] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.garyandthegroove.com"] [uri "/.env.old"] [unique_id "ajUuuz7IsRFaglg2wD7AQQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-19 05:27:21 (21 hours ago)	Automated report (2026-06-19T01:27:21-04:00). Caught probing for env file.	Hacking Web App Attack
🇨🇿 lp	2026-06-18 13:51:54 (1 day ago)	Email account brute force: 1 attempts were recorded from 141.98.101.182 2026-06-18T15:22:02+02:00 wa ... show more Email account brute force: 1 attempts were recorded from 141.98.101.182 2026-06-18T15:22:02+02:00 warning: unknown[141.98.101.182]: SASL PLAIN authentication failed: authentication failure, [email protected] show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-17 09:12:02 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 141.98.101.182 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 141.98.101.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 05:11:59.075916 2026] [security2:error] [pid 6621:tid 6621] [client 141.98.101.182:50950] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.construction.bonefrog.com"] [uri "/.hermes/.env"] [unique_id "ajJk3yIVuWHmAw6Do2iC4AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-17 08:28:30 (2 days ago)	Honeypot hit: Incoming HTTP traffic on port 81	Web App Attack Bad Web Bot
🇬🇧 OptimusGO	2026-06-17 05:22:27 (2 days ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-06-17 06:22:27 UTC Log evidence: 06/17/2026-06:22:26.646014 [] [1:1000101:2] SECURITY Port Scan Detected - Multiple Unauthorized Ports [] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 141.98.101.182:43452 -> 185.127.18.66:8088 show less	Port Scan Brute-Force
🇺🇸 TPI-Abuse	2026-06-16 05:13:39 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 141.98.101.182 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 141.98.101.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 01:13:34.449707 2026] [security2:error] [pid 18585:tid 18608] [client 141.98.101.182:34242] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "richardleeweatherman.com"] [uri "/.env.example"] [unique_id "ajDbfmPnUBEwcOOdRofTSAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 01:41:24 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 141.98.101.182 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 141.98.101.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 21:41:19.204477 2026] [security2:error] [pid 27831:tid 27831] [client 141.98.101.182:45908] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ilandman.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ilandman.com"] [uri "/telegram_messages.db"] [unique_id "ajCpvymf0vKjPtKcVziAdAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-15 23:28:26 (4 days ago)	Honeypot hit: Incoming HTTP traffic on port 81	Web App Attack Bad Web Bot
🇮🇹 VHosting	2026-06-12 02:17:54 (1 week ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇮🇱 spd.co.il	2026-05-22 09:04:11 (4 weeks ago)	Web application attack detected	Hacking Web App Attack
🇧🇷 dominioz	2026-05-22 01:24:47 (4 weeks ago)	141.98.101.182 [4100] 22:24:43 Authentication [SMTP] - Result=0, [email protected] ... show more 141.98.101.182 [4100] 22:24:43 Authentication [SMTP] - Result=0, [email protected], Method=2 ... show less	Brute-Force
🇧🇷 dominioz	2026-05-21 19:53:35 (4 weeks ago)	141.98.101.182 [4100] 16:53:32 Authentication [SMTP] - Result=0, [email protected] ... show more 141.98.101.182 [4100] 16:53:32 Authentication [SMTP] - Result=0, [email protected], Method=2 ... show less	Brute-Force
🇧🇷 dominioz	2026-05-21 18:45:41 (4 weeks ago)	141.98.101.182 [3CD0] 14:40:57 Authentication [SMTP] - Result=0, [email protected] ... show more 141.98.101.182 [3CD0] 14:40:57 Authentication [SMTP] - Result=0, [email protected], Method=2 141.98.101.182 [2B44] 15:45:38 Authentication [SMTP] - Result=0, [email protected], Method=2 ... show less	Brute-Force

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 2001:448a:b090:aea0:c565:2fbd:f2ba:3ac

🇧🇷 201.91.237.206

🇲🇽 187.192.86.153

🇨🇳 223.100.248.244

🇺🇸 209.50.168.85

🇳🇱 195.178.110.188

🇭🇺 193.68.57.43

🇨🇳 175.175.147.138

🇵🇰 175.107.32.186

🇺🇸 124.198.131.76

🇸🇬 114.119.144.29

🇨🇳 112.86.225.80

🇧🇩 103.76.46.152

🇺🇸 100.24.119.120

🇺🇸 64.62.197.93

🇨🇳 14.103.127.234

🇺🇸 13.89.124.220

🇬🇧 2a06:4880:6000::7d

🇰🇷 211.106.137.135

🇰🇷 165.154.52.159