192.241.214.163

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
192.241.214.48	attack	firewall-block, port(s): 6379/tcp	2020-10-08 06:39:57
192.241.214.142	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-08 01:02:48
192.241.214.48	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 9042 resulting in total of 71 scans from 192.241.128.0/17 block.	2020-10-07 23:00:58
192.241.214.142	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-07 17:11:35
192.241.214.48	attack	Metasploit VxWorks WDB Agent Scanner Detection	2020-10-07 15:06:12
192.241.214.46	attackbotsspam	192.241.214.46 - - - [06/Oct/2020:19:51:34 +0200] "GET /portal/redlion HTTP/1.1" 404 162 "-" "Mozilla/5.0 zgrab/0.x" "-" "-"	2020-10-07 03:06:02
192.241.214.46	attack	389/tcp 5903/tcp 3306/tcp... [2020-09-16/10-06]21pkt,19pt.(tcp),1pt.(udp)	2020-10-06 19:05:49
192.241.214.172	attack	TCP port : 5984	2020-10-05 21:39:21
192.241.214.172	attack	Port scan: Attack repeated for 24 hours	2020-10-05 13:33:03
192.241.214.172	attack	Port Scan ...	2020-10-04 05:41:00
192.241.214.172	attack	TCP (SYN) 192.241.214.172:46488 -> port 58950, len 44	2020-10-03 13:22:37
192.241.214.165	attack	Found on CINS badguys / proto=6 . srcport=52605 . dstport=49152 . (1011)	2020-10-02 02:18:43
192.241.214.165	attack	8140/tcp 58836/tcp 179/tcp... [2020-09-18/10-01]13pkt,11pt.(tcp),1pt.(udp)	2020-10-01 18:27:01
192.241.214.210	attackbotsspam	Threat Management Alert 3: Detection of a Network Scan. Signature ET SCAN Zmap User-Agent (Inbound). From: 192.241.214.210:57630, to: 192.168.x.x:80, protocol: TCP	2020-10-01 04:32:56
192.241.214.210	attack	Threat Management Alert 3: Detection of a Network Scan. Signature ET SCAN Zmap User-Agent (Inbound). From: 192.241.214.210:57630, to: 192.168.x.x:80, protocol: TCP	2020-09-30 20:45:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.241.214.163
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33295
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;192.241.214.163.		IN	A

;; AUTHORITY SECTION:
.			490	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022062400 1800 900 604800 86400

;; Query time: 22 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 24 13:55:26 CST 2022
;; MSG SIZE  rcvd: 108

Host info

163.214.241.192.in-addr.arpa domain name pointer zg-0421b-128.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
163.214.241.192.in-addr.arpa	name = zg-0421b-128.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.154.67.65	attack	$f2bV_matches	2020-04-04 21:15:02
61.50.133.43	attack	CN_MAINT-CNCGROUP-BJ_<177>1586007718 [1:2403402:56467] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 52 [Classification: Misc Attack] [Priority: 2]: {TCP} 61.50.133.43:18863	2020-04-04 21:45:32
109.66.94.192	attackspambots	Hits on port : 4567	2020-04-04 21:12:52
106.13.97.110	attackbotsspam	Apr 4 11:50:03 nxxxxxxx sshd[3493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.97.110 user=r.r Apr 4 11:50:05 nxxxxxxx sshd[3493]: Failed password for r.r from 106.13.97.110 port 38704 ssh2 Apr 4 11:50:05 nxxxxxxx sshd[3493]: Received disconnect from 106.13.97.110: 11: Bye Bye [preauth] Apr 4 11:54:08 nxxxxxxx sshd[3980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.97.110 user=r.r Apr 4 11:54:10 nxxxxxxx sshd[3980]: Failed password for r.r from 106.13.97.110 port 51016 ssh2 Apr 4 11:54:10 nxxxxxxx sshd[3980]: Received disconnect from 106.13.97.110: 11: Bye Bye [preauth] Apr 4 11:56:41 nxxxxxxx sshd[4190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.97.110 user=r.r Apr 4 11:56:43 nxxxxxxx sshd[4190]: Failed password for r.r from 106.13.97.110 port 48116 ssh2 Apr 4 11:56:43 nxxxxxxx sshd[4190]: Received disco........ -------------------------------	2020-04-04 21:53:34
106.13.47.237	attackbots	Apr 4 06:53:33 host01 sshd[1314]: Failed password for root from 106.13.47.237 port 46520 ssh2 Apr 4 06:56:57 host01 sshd[2024]: Failed password for root from 106.13.47.237 port 56652 ssh2 ...	2020-04-04 21:16:13
103.254.198.67	attackbotsspam	sshd jail - ssh hack attempt	2020-04-04 21:33:35
183.88.243.132	attack	failed_logins	2020-04-04 21:18:45
185.7.192.139	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-04 21:50:56
122.114.88.206	attackspam	$f2bV_matches	2020-04-04 21:23:16
103.91.53.30	attack	2020-04-04T13:05:14.568254dmca.cloudsearch.cf sshd[5169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.91.53.30 user=root 2020-04-04T13:05:16.704505dmca.cloudsearch.cf sshd[5169]: Failed password for root from 103.91.53.30 port 46502 ssh2 2020-04-04T13:08:59.705931dmca.cloudsearch.cf sshd[5455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.91.53.30 user=root 2020-04-04T13:09:01.731382dmca.cloudsearch.cf sshd[5455]: Failed password for root from 103.91.53.30 port 37172 ssh2 2020-04-04T13:11:28.182010dmca.cloudsearch.cf sshd[5650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.91.53.30 user=root 2020-04-04T13:11:30.328290dmca.cloudsearch.cf sshd[5650]: Failed password for root from 103.91.53.30 port 40964 ssh2 2020-04-04T13:13:45.695325dmca.cloudsearch.cf sshd[5907]: Invalid user yangtingwei from 103.91.53.30 port 44766 ...	2020-04-04 21:23:42
54.38.190.48	attack	Apr 4 09:10:51 [HOSTNAME] sshd[24075]: User removed from 54.38.190.48 not allowed because not listed in AllowUsers Apr 4 09:10:51 [HOSTNAME] sshd[24075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.190.48 user=removed Apr 4 09:10:52 [HOSTNAME] sshd[24075]: Failed password for invalid user removed from 54.38.190.48 port 49946 ssh2 ...	2020-04-04 21:36:55
202.102.79.232	attackspam	Apr 4 12:43:12 host5 sshd[28354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.102.79.232 user=root Apr 4 12:43:14 host5 sshd[28354]: Failed password for root from 202.102.79.232 port 31961 ssh2 ...	2020-04-04 21:15:48
95.128.137.176	attack	$f2bV_matches	2020-04-04 21:12:13
119.200.178.6	attackspam	Honeypot attack, port: 81, PTR: PTR record not found	2020-04-04 21:46:43
111.241.193.49	attack	1585972135 - 04/04/2020 05:48:55 Host: 111.241.193.49/111.241.193.49 Port: 445 TCP Blocked	2020-04-04 21:21:05

Recently Reported IPs

177.130.104.161	34.95.157.75	46.41.139.30	137.226.143.254
137.226.144.28	137.226.60.145	137.226.60.158	137.226.7.205
137.226.5.92	137.226.28.176	186.47.75.174	137.226.60.228
5.167.69.126	60.113.120.161	5.167.70.43	181.198.62.154
5.167.69.213	34.217.236.66	137.226.7.31	5.167.71.16