JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 141.98.199.231

141.98.199.231 was found in our database!

This IP was reported 74 times. Confidence of Abuse is 100%: ?

100%

ISP	365 Group LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8888
Domain Name	greencloudvps.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 141.98.199.231

Whois 141.98.199.231

IP Abuse Reports for 141.98.199.231:

This IP address has been reported a total of 74 times from 60 distinct sources. 141.98.199.231 was first reported on June 20th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-21 22:45:00 (4 hours ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇨🇭 NV	2026-06-21 04:49:55 (22 hours ago)	Invalid user admin from 141.98.199.231 port 55254	Brute-Force SSH
🇸🇬 drewf.ink	2026-06-21 02:14:20 (1 day ago)	[02:14] Port scanning. Port(s) scanned: TCP/2375	Port Scan
🇺🇸 TPI-Abuse	2026-06-21 02:06:00 (1 day ago)	(mod_security) mod_security (id:218420) triggered by 141.98.199.231 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:218420) triggered by 141.98.199.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 22:05:54.108795 2026] [security2:error] [pid 26044:tid 26044] [client 141.98.199.231:58468] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|192.64.150.105:80\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "192.64.150.105"] [uri "/hello.world"] [unique_id "ajdHAk9PKIZh8LWoKz6pXgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2026-06-21 02:04:34 (1 day ago)	tcp port scan (6 or more attempts)	Port Scan
🇩🇪 zupan	2026-06-21 01:47:44 (1 day ago)	Blocked by UFW on vps [23/tcp] \| SPT: 58613 \| TTL: 47 \| LEN: 40 \| TOS: 0x00 • Reported by: github.co ... show more Blocked by UFW on vps [23/tcp] \| SPT: 58613 \| TTL: 47 \| LEN: 40 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan IoT Targeted
Anonymous	2026-06-21 01:38:01 (1 day ago)	ET SCAN Potential SSH Scan	Port Scan
Anonymous	2026-06-21 01:37:25 (1 day ago)	2026-06-21T02:37:25.057026+01:00 vps kernel: [43745995.259652] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-06-21T02:37:25.057026+01:00 vps kernel: [43745995.259652] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=141.98.199.231 DST=54.37.14.118 LEN=40 TOS=0x00 PREC=0xA0 TTL=40 ID=11583 PROTO=TCP SPT=48731 DPT=2375 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇬🇧 knock	2026-06-21 01:21:49 (1 day ago)	Knock-Knock honeypot brute-force: SSH (3 total hits)	Brute-Force SSH
🇺🇸 MPL	2026-06-21 01:07:11 (1 day ago)	tcp/80 (2 or more attempts)	Port Scan
🇨🇭 SOC [GOLINE SA]	2026-06-21 01:04:08 (1 day ago)	FortiGate detected IPS attack from IPv4 address 141.98.199.231	Hacking
🇫🇷 Baking333	2026-06-21 00:51:59 (1 day ago)	redacted:80 141.98.199.231 - - [21/Jun/2026:01:51:54 +0100] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/ ... show more redacted:80 141.98.199.231 - - [21/Jun/2026:01:51:54 +0100] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 488 0/787 "-" "libredtail-http" redacted:80 141.98.199.231 - - [21/Jun/2026:01:51:57 +0100] "POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1" 400 488 0/147 "-" "libredtail-http" show less	Bad Web Bot Web App Attack
🇨🇦 polycoda	2026-06-21 00:48:34 (1 day ago)	AutoBlock: 📡 Port 22 Scan (Non Decay-Based)	Port Scan SSH
🇺🇸 xmission.com	2026-06-21 00:19:51 (1 day ago)	Blocked by UFW (TCP on 22) Source port: 43416 TTL: 50 Packet length: 40 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 22) Source port: 43416 TTL: 50 Packet length: 40 TOS: 0x00 This report (for 141.98.199.231) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan SSH Brute-Force
Anonymous	2026-06-20 23:34:32 (1 day ago)	2026-06-21T01:33:51.038431+02:00 141.98.199.231:35046 http-in http-in/<NOSRV> 7/-1/-1/-1/7 410 961 - ... show more 2026-06-21T01:33:51.038431+02:00 141.98.199.231:35046 http-in http-in/<NOSRV> 7/-1/-1/-1/7 410 961 - - PR-- 2/2/0/0/0 0/0 {myip:80} "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" WAF_ACTION:deny WAF_ID(s):920350,930100,930110,932230,932250,932260,949110 2026-06-21T01:33:52.544924+02:00 141.98.199.231:35054 http-in http-in/<NOSRV> 5/-1/-1/-1/5 410 961 - - PR-- 2/2/0/0/0 0/0 {myip:80} "POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1" WAF_ACTION:deny WAF_ID(s):920350,932230,932250,932260,949110 2026-06-21T01:33:57.104056+02:00 141.98.199.231:38414 http-in http-in/<NOSRV> 6/-1/-1/-1/6 410 961 - - PR-- 1/1/0/0/0 0/0 {myip:80} "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" WAF_ACTION:deny WAF_ID(s):920350,920250,933100,933120,933140,933150,933160,942151,949110 2026-06-21T01:34:02.332282+02:00 141.98.199 ... show less	Web App Attack

Showing 1 to 15 of 74 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 217.181.94.98

🇻🇳 210.211.122.97

🇬🇧 194.164.91.60

🇯🇵 160.251.206.106

🇺🇸 147.185.132.192

🇺🇸 107.150.105.5

🇺🇸 67.207.92.91

🇺🇸 17.241.227.192

🇬🇧 194.50.235.142

🇬🇧 188.240.59.12

🇰🇷 112.184.4.156

🇨🇳 111.32.153.180

🇧🇩 103.183.62.0

🇩🇪 94.26.106.201

🇩🇪 69.5.169.235

🇺🇸 67.220.180.114

🇺🇸 52.91.171.122

🇨🇲 41.205.23.59

🇩🇪 31.77.129.211

🇬🇧 31.14.254.6