192.241.214.20

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Found on CINS badguys / proto=6 . srcport=38666 . dstport=4200 . (2005)	2020-09-29 01:55:52
attack	firewall-block, port(s): 109/tcp	2020-09-28 18:01:48

Comments on same subnet:

IP	Type	Details	Datetime
192.241.214.48	attack	firewall-block, port(s): 6379/tcp	2020-10-08 06:39:57
192.241.214.142	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-08 01:02:48
192.241.214.48	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 9042 resulting in total of 71 scans from 192.241.128.0/17 block.	2020-10-07 23:00:58
192.241.214.142	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-07 17:11:35
192.241.214.48	attack	Metasploit VxWorks WDB Agent Scanner Detection	2020-10-07 15:06:12
192.241.214.46	attackbotsspam	192.241.214.46 - - - [06/Oct/2020:19:51:34 +0200] "GET /portal/redlion HTTP/1.1" 404 162 "-" "Mozilla/5.0 zgrab/0.x" "-" "-"	2020-10-07 03:06:02
192.241.214.46	attack	389/tcp 5903/tcp 3306/tcp... [2020-09-16/10-06]21pkt,19pt.(tcp),1pt.(udp)	2020-10-06 19:05:49
192.241.214.172	attack	TCP port : 5984	2020-10-05 21:39:21
192.241.214.172	attack	Port scan: Attack repeated for 24 hours	2020-10-05 13:33:03
192.241.214.172	attack	Port Scan ...	2020-10-04 05:41:00
192.241.214.172	attack	TCP (SYN) 192.241.214.172:46488 -> port 58950, len 44	2020-10-03 13:22:37
192.241.214.165	attack	Found on CINS badguys / proto=6 . srcport=52605 . dstport=49152 . (1011)	2020-10-02 02:18:43
192.241.214.165	attack	8140/tcp 58836/tcp 179/tcp... [2020-09-18/10-01]13pkt,11pt.(tcp),1pt.(udp)	2020-10-01 18:27:01
192.241.214.210	attackbotsspam	Threat Management Alert 3: Detection of a Network Scan. Signature ET SCAN Zmap User-Agent (Inbound). From: 192.241.214.210:57630, to: 192.168.x.x:80, protocol: TCP	2020-10-01 04:32:56
192.241.214.210	attack	Threat Management Alert 3: Detection of a Network Scan. Signature ET SCAN Zmap User-Agent (Inbound). From: 192.241.214.210:57630, to: 192.168.x.x:80, protocol: TCP	2020-09-30 20:45:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.241.214.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56362
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.241.214.20.			IN	A

;; AUTHORITY SECTION:
.			214	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092800 1800 900 604800 86400

;; Query time: 92 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 28 18:01:45 CST 2020
;; MSG SIZE  rcvd: 118

Host info

20.214.241.192.in-addr.arpa domain name pointer zg-0915a-49.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.214.241.192.in-addr.arpa	name = zg-0915a-49.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
221.163.8.108	attack	Dec 28 07:12:27 game-panel sshd[27979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.163.8.108 Dec 28 07:12:29 game-panel sshd[27979]: Failed password for invalid user madeline from 221.163.8.108 port 39320 ssh2 Dec 28 07:13:37 game-panel sshd[28025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.163.8.108	2019-12-28 16:43:45
222.186.180.17	attack	2019-12-28T08:48:08.170236hub.schaetter.us sshd\[9243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root 2019-12-28T08:48:10.498037hub.schaetter.us sshd\[9243\]: Failed password for root from 222.186.180.17 port 65292 ssh2 2019-12-28T08:48:13.480780hub.schaetter.us sshd\[9243\]: Failed password for root from 222.186.180.17 port 65292 ssh2 2019-12-28T08:48:16.874971hub.schaetter.us sshd\[9243\]: Failed password for root from 222.186.180.17 port 65292 ssh2 2019-12-28T08:48:20.148826hub.schaetter.us sshd\[9243\]: Failed password for root from 222.186.180.17 port 65292 ssh2 ...	2019-12-28 17:02:14
5.18.163.58	attackbotsspam	Honeypot attack, port: 23, PTR: 5x18x163x58.static-business.iz.ertelecom.ru.	2019-12-28 17:04:43
45.113.76.26	attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-28 17:01:25
45.114.158.142	attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-28 16:43:08
185.175.93.14	attackbotsspam	12/28/2019-09:04:23.569581 185.175.93.14 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-12-28 16:47:35
103.139.45.133	attack	" "	2019-12-28 16:56:30
152.32.96.165	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-28 16:51:59
167.114.226.137	attack	Dec 28 07:25:14 legacy sshd[1517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.226.137 Dec 28 07:25:16 legacy sshd[1517]: Failed password for invalid user yodha from 167.114.226.137 port 44757 ssh2 Dec 28 07:27:40 legacy sshd[1585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.226.137 ...	2019-12-28 16:39:14
122.117.224.23	attackbotsspam	Honeypot attack, port: 23, PTR: 122-117-224-23.HINET-IP.hinet.net.	2019-12-28 17:10:29
210.158.48.28	attack	Dec 28 09:21:55 server sshd\[9655\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.nansho.octv.ne.jp user=uucp Dec 28 09:21:57 server sshd\[9655\]: Failed password for uucp from 210.158.48.28 port 23895 ssh2 Dec 28 09:25:53 server sshd\[10527\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.nansho.octv.ne.jp user=root Dec 28 09:25:55 server sshd\[10527\]: Failed password for root from 210.158.48.28 port 47671 ssh2 Dec 28 09:27:21 server sshd\[10685\]: Invalid user chod from 210.158.48.28 ...	2019-12-28 16:48:24
187.162.215.80	attackbotsspam	Automatic report - Port Scan Attack	2019-12-28 17:06:14
110.172.132.131	attack	12/28/2019-01:27:34.289558 110.172.132.131 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-12-28 16:42:09
62.168.141.253	attack	Invalid user pi from 62.168.141.253 port 58448	2019-12-28 16:37:35
218.92.0.175	attackspambots	Dec 22 22:38:44 microserver sshd[62307]: Failed none for root from 218.92.0.175 port 42954 ssh2 Dec 22 22:38:44 microserver sshd[62307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.175 user=root Dec 22 22:38:46 microserver sshd[62307]: Failed password for root from 218.92.0.175 port 42954 ssh2 Dec 22 22:38:49 microserver sshd[62307]: Failed password for root from 218.92.0.175 port 42954 ssh2 Dec 22 22:38:53 microserver sshd[62307]: Failed password for root from 218.92.0.175 port 42954 ssh2 Dec 24 15:29:38 microserver sshd[21287]: Failed none for root from 218.92.0.175 port 5223 ssh2 Dec 24 15:29:39 microserver sshd[21287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.175 user=root Dec 24 15:29:42 microserver sshd[21287]: Failed password for root from 218.92.0.175 port 5223 ssh2 Dec 24 15:29:46 microserver sshd[21287]: Failed password for root from 218.92.0.175 port 5223 ssh2 Dec 24 15:29:49 microserver s	2019-12-28 17:04:58

Recently Reported IPs

36.22.223.26	242.108.83.101	221.215.115.3	146.132.80.246
211.60.107.13	161.51.14.30	252.30.170.98	201.246.111.125
62.226.109.181	76.238.252.221	47.20.93.225	34.127.196.18
30.203.52.167	38.147.51.21	32.76.177.178	88.116.234.232
117.52.56.24	201.242.57.14	34.59.62.54	97.176.122.27