192.241.214.114

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	03/09/2020-23:51:30.824593 192.241.214.114 Protocol: 17 GPL SNMP public access udp	2020-03-10 15:33:15

Comments on same subnet:

IP	Type	Details	Datetime
192.241.214.48	attack	firewall-block, port(s): 6379/tcp	2020-10-08 06:39:57
192.241.214.142	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-08 01:02:48
192.241.214.48	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 9042 resulting in total of 71 scans from 192.241.128.0/17 block.	2020-10-07 23:00:58
192.241.214.142	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-07 17:11:35
192.241.214.48	attack	Metasploit VxWorks WDB Agent Scanner Detection	2020-10-07 15:06:12
192.241.214.46	attackbotsspam	192.241.214.46 - - - [06/Oct/2020:19:51:34 +0200] "GET /portal/redlion HTTP/1.1" 404 162 "-" "Mozilla/5.0 zgrab/0.x" "-" "-"	2020-10-07 03:06:02
192.241.214.46	attack	389/tcp 5903/tcp 3306/tcp... [2020-09-16/10-06]21pkt,19pt.(tcp),1pt.(udp)	2020-10-06 19:05:49
192.241.214.172	attack	TCP port : 5984	2020-10-05 21:39:21
192.241.214.172	attack	Port scan: Attack repeated for 24 hours	2020-10-05 13:33:03
192.241.214.172	attack	Port Scan ...	2020-10-04 05:41:00
192.241.214.172	attack	TCP (SYN) 192.241.214.172:46488 -> port 58950, len 44	2020-10-03 13:22:37
192.241.214.165	attack	Found on CINS badguys / proto=6 . srcport=52605 . dstport=49152 . (1011)	2020-10-02 02:18:43
192.241.214.165	attack	8140/tcp 58836/tcp 179/tcp... [2020-09-18/10-01]13pkt,11pt.(tcp),1pt.(udp)	2020-10-01 18:27:01
192.241.214.210	attackbotsspam	Threat Management Alert 3: Detection of a Network Scan. Signature ET SCAN Zmap User-Agent (Inbound). From: 192.241.214.210:57630, to: 192.168.x.x:80, protocol: TCP	2020-10-01 04:32:56
192.241.214.210	attack	Threat Management Alert 3: Detection of a Network Scan. Signature ET SCAN Zmap User-Agent (Inbound). From: 192.241.214.210:57630, to: 192.168.x.x:80, protocol: TCP	2020-09-30 20:45:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.241.214.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63869
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.241.214.114.		IN	A

;; AUTHORITY SECTION:
.			561	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031000 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 10 15:33:10 CST 2020
;; MSG SIZE  rcvd: 119

Host info

114.214.241.192.in-addr.arpa domain name pointer zg-0229i-329.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
114.214.241.192.in-addr.arpa	name = zg-0229i-329.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
203.130.242.68	attackspam	Feb 27 21:56:31 marvibiene sshd[8025]: Invalid user fisnet from 203.130.242.68 port 53616 Feb 27 21:56:31 marvibiene sshd[8025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 Feb 27 21:56:31 marvibiene sshd[8025]: Invalid user fisnet from 203.130.242.68 port 53616 Feb 27 21:56:33 marvibiene sshd[8025]: Failed password for invalid user fisnet from 203.130.242.68 port 53616 ssh2 ...	2020-02-28 06:17:59
185.143.223.173	attackspambots	Feb 27 21:53:40 grey postfix/smtpd\[23308\]: NOQUEUE: reject: RCPT from unknown\[185.143.223.173\]: 554 5.7.1 Service unavailable\; Client host \[185.143.223.173\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[185.143.223.173\]\; from=\ to=\ proto=ESMTP helo=\<\[185.143.223.170\]\>Feb 27 21:53:40 grey postfix/smtpd\[23308\]: NOQUEUE: reject: RCPT from unknown\[185.143.223.173\]: 554 5.7.1 Service unavailable\; Client host \[185.143.223.173\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[185.143.223.173\]\; from=\ to=\ proto=ESMTP helo=\<\[185.143.223.170\]\> ...	2020-02-28 06:07:44
49.88.112.112	attack	February 27 2020, 22:33:10 [sshd] - Banned from the Cipher Host hosting platform by Fail2ban.	2020-02-28 06:33:16
128.199.186.14	attackbots	VNC brute force attack detected by fail2ban	2020-02-28 06:06:38
188.162.231.81	attackbots	suspicious action Thu, 27 Feb 2020 11:18:53 -0300	2020-02-28 06:11:08
107.174.244.116	attackbotsspam	$f2bV_matches	2020-02-28 06:22:26
177.106.145.133	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-02-28 06:27:32
188.162.186.195	attack	1582813101 - 02/27/2020 15:18:21 Host: 188.162.186.195/188.162.186.195 Port: 445 TCP Blocked	2020-02-28 06:26:30
122.116.13.209	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-02-28 06:13:47
108.29.77.74	attackbotsspam	suspicious action Thu, 27 Feb 2020 11:18:06 -0300	2020-02-28 06:35:39
49.88.112.74	attack	Feb 27 20:24:39 MK-Soft-VM7 sshd[9204]: Failed password for root from 49.88.112.74 port 60753 ssh2 Feb 27 20:24:41 MK-Soft-VM7 sshd[9204]: Failed password for root from 49.88.112.74 port 60753 ssh2 ...	2020-02-28 06:37:30
106.12.159.235	attackbotsspam	Feb 27 10:29:36 php1 sshd\[20501\]: Invalid user user from 106.12.159.235 Feb 27 10:29:36 php1 sshd\[20501\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.159.235 Feb 27 10:29:38 php1 sshd\[20501\]: Failed password for invalid user user from 106.12.159.235 port 33084 ssh2 Feb 27 10:36:24 php1 sshd\[21186\]: Invalid user admin from 106.12.159.235 Feb 27 10:36:24 php1 sshd\[21186\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.159.235	2020-02-28 06:36:24
94.97.249.97	attackspambots	Unauthorized connection attempt detected from IP address 94.97.249.97 to port 445	2020-02-28 06:17:47
217.26.213.71	attack	Trojan detected from mail	2020-02-28 06:00:57
73.142.31.185	attackbotsspam	DATE:2020-02-27 15:16:51, IP:73.142.31.185, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-28 06:03:11

Recently Reported IPs

113.170.223.225	69.94.134.252	63.82.48.169	63.82.48.30
63.81.87.142	45.146.202.245	55.213.141.133	13.79.184.116
209.141.52.137	5.156.117.199	116.97.73.81	188.166.61.152
117.247.91.189	123.16.252.113	195.58.57.118	192.210.177.242
210.179.127.134	103.141.253.2	198.46.177.58	179.36.116.37