192.241.214.52

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	TCP (SYN) 192.241.214.52:52200 -> port 445, len 40	2020-07-14 04:30:51

Comments on same subnet:

IP	Type	Details	Datetime
192.241.214.48	attack	firewall-block, port(s): 6379/tcp	2020-10-08 06:39:57
192.241.214.142	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-08 01:02:48
192.241.214.48	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 9042 resulting in total of 71 scans from 192.241.128.0/17 block.	2020-10-07 23:00:58
192.241.214.142	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-07 17:11:35
192.241.214.48	attack	Metasploit VxWorks WDB Agent Scanner Detection	2020-10-07 15:06:12
192.241.214.46	attackbotsspam	192.241.214.46 - - - [06/Oct/2020:19:51:34 +0200] "GET /portal/redlion HTTP/1.1" 404 162 "-" "Mozilla/5.0 zgrab/0.x" "-" "-"	2020-10-07 03:06:02
192.241.214.46	attack	389/tcp 5903/tcp 3306/tcp... [2020-09-16/10-06]21pkt,19pt.(tcp),1pt.(udp)	2020-10-06 19:05:49
192.241.214.172	attack	TCP port : 5984	2020-10-05 21:39:21
192.241.214.172	attack	Port scan: Attack repeated for 24 hours	2020-10-05 13:33:03
192.241.214.172	attack	Port Scan ...	2020-10-04 05:41:00
192.241.214.172	attack	TCP (SYN) 192.241.214.172:46488 -> port 58950, len 44	2020-10-03 13:22:37
192.241.214.165	attack	Found on CINS badguys / proto=6 . srcport=52605 . dstport=49152 . (1011)	2020-10-02 02:18:43
192.241.214.165	attack	8140/tcp 58836/tcp 179/tcp... [2020-09-18/10-01]13pkt,11pt.(tcp),1pt.(udp)	2020-10-01 18:27:01
192.241.214.210	attackbotsspam	Threat Management Alert 3: Detection of a Network Scan. Signature ET SCAN Zmap User-Agent (Inbound). From: 192.241.214.210:57630, to: 192.168.x.x:80, protocol: TCP	2020-10-01 04:32:56
192.241.214.210	attack	Threat Management Alert 3: Detection of a Network Scan. Signature ET SCAN Zmap User-Agent (Inbound). From: 192.241.214.210:57630, to: 192.168.x.x:80, protocol: TCP	2020-09-30 20:45:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.241.214.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40051
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.241.214.52.			IN	A

;; AUTHORITY SECTION:
.			251	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071301 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jul 14 04:30:48 CST 2020
;; MSG SIZE  rcvd: 118

Host info

52.214.241.192.in-addr.arpa domain name pointer zg-0708a-59.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.214.241.192.in-addr.arpa	name = zg-0708a-59.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.88.112.66	attack	Dec 28 19:54:13 firewall sshd[27949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.66 user=root Dec 28 19:54:14 firewall sshd[27949]: Failed password for root from 49.88.112.66 port 54367 ssh2 Dec 28 19:54:17 firewall sshd[27949]: Failed password for root from 49.88.112.66 port 54367 ssh2 ...	2019-12-29 07:26:03
50.62.208.74	attack	Automatic report - XMLRPC Attack	2019-12-29 07:56:18
91.119.83.71	attack	Lines containing failures of 91.119.83.71 Dec 28 16:07:31 kmh-vmh-001-fsn05 sshd[29564]: Invalid user www from 91.119.83.71 port 41427 Dec 28 16:07:31 kmh-vmh-001-fsn05 sshd[29564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.119.83.71 Dec 28 16:07:33 kmh-vmh-001-fsn05 sshd[29564]: Failed password for invalid user www from 91.119.83.71 port 41427 ssh2 Dec 28 16:07:35 kmh-vmh-001-fsn05 sshd[29564]: Received disconnect from 91.119.83.71 port 41427:11: Bye Bye [preauth] Dec 28 16:07:35 kmh-vmh-001-fsn05 sshd[29564]: Disconnected from invalid user www 91.119.83.71 port 41427 [preauth] Dec 28 16:24:28 kmh-vmh-001-fsn05 sshd[32380]: Invalid user stalin from 91.119.83.71 port 64697 Dec 28 16:24:28 kmh-vmh-001-fsn05 sshd[32380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.119.83.71 Dec 28 16:24:30 kmh-vmh-001-fsn05 sshd[32380]: Failed password for invalid user stalin from 91.119.83.71........ ------------------------------	2019-12-29 07:35:37
67.55.118.171	attackspam	Automatic report - XMLRPC Attack	2019-12-29 07:25:40
222.186.175.155	attack	Dec 28 13:25:14 sachi sshd\[11881\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.155 user=root Dec 28 13:25:16 sachi sshd\[11881\]: Failed password for root from 222.186.175.155 port 63396 ssh2 Dec 28 13:25:32 sachi sshd\[11891\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.155 user=root Dec 28 13:25:34 sachi sshd\[11891\]: Failed password for root from 222.186.175.155 port 19952 ssh2 Dec 28 13:25:38 sachi sshd\[11891\]: Failed password for root from 222.186.175.155 port 19952 ssh2	2019-12-29 07:27:06
49.68.61.158	attackspambots	Dec 28 23:37:08 grey postfix/smtpd\[9930\]: NOQUEUE: reject: RCPT from unknown\[49.68.61.158\]: 554 5.7.1 Service unavailable\; Client host \[49.68.61.158\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[49.68.61.158\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-29 07:32:09
196.52.43.131	attackspam	Unauthorized connection attempt detected from IP address 196.52.43.131 to port 22	2019-12-29 07:57:41
119.254.12.66	attackspambots	Dec 28 18:10:13 plusreed sshd[3106]: Invalid user search from 119.254.12.66 ...	2019-12-29 07:28:51
157.245.184.146	attack	RDP Brute-Force (Grieskirchen RZ1)	2019-12-29 07:40:24
151.217.70.218	attackbots	firewall-block, port(s): 5900/tcp	2019-12-29 07:57:11
62.234.83.138	attack	Dec 29 00:31:08 vps691689 sshd[13597]: Failed password for root from 62.234.83.138 port 36890 ssh2 Dec 29 00:33:45 vps691689 sshd[13690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.83.138 ...	2019-12-29 07:46:09
201.27.137.59	attackbotsspam	Unauthorized connection attempt detected from IP address 201.27.137.59 to port 81	2019-12-29 08:03:20
122.51.73.25	attackbotsspam	Lines containing failures of 122.51.73.25 Dec 23 11:14:23 MAKserver06 sshd[21640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.73.25 user=mysql Dec 23 11:14:25 MAKserver06 sshd[21640]: Failed password for mysql from 122.51.73.25 port 45300 ssh2 Dec 23 11:14:27 MAKserver06 sshd[21640]: Received disconnect from 122.51.73.25 port 45300:11: Bye Bye [preauth] Dec 23 11:14:27 MAKserver06 sshd[21640]: Disconnected from authenticating user mysql 122.51.73.25 port 45300 [preauth] Dec 23 11:43:09 MAKserver06 sshd[5091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.73.25 user=r.r Dec 23 11:43:11 MAKserver06 sshd[5091]: Failed password for r.r from 122.51.73.25 port 44272 ssh2 Dec 23 11:43:11 MAKserver06 sshd[5091]: Received disconnect from 122.51.73.25 port 44272:11: Bye Bye [preauth] Dec 23 11:43:11 MAKserver06 sshd[5091]: Disconnected from authenticating user r.r 122.51.73.25 po........ ------------------------------	2019-12-29 07:52:30
49.233.183.7	attackbots	Dec 29 00:31:08 ns3110291 sshd\[7948\]: Invalid user wagstaff from 49.233.183.7 Dec 29 00:31:08 ns3110291 sshd\[7948\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.183.7 Dec 29 00:31:09 ns3110291 sshd\[7948\]: Failed password for invalid user wagstaff from 49.233.183.7 port 48608 ssh2 Dec 29 00:34:26 ns3110291 sshd\[8068\]: Invalid user agodawski from 49.233.183.7 Dec 29 00:34:26 ns3110291 sshd\[8068\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.183.7 ...	2019-12-29 07:50:28
114.204.218.154	attackspam	Dec 28 23:51:11 51-15-180-239 sshd[26503]: Invalid user test from 114.204.218.154 port 48187 ...	2019-12-29 07:42:21

Recently Reported IPs

13.238.154.159	137.247.187.202	113.104.226.1	181.57.205.82
8.17.206.208	85.254.75.188	46.46.42.160	118.172.205.94
37.144.112.187	202.55.184.18	14.163.32.108	190.186.194.74
107.151.81.4	192.241.235.145	186.4.160.250	177.153.19.188
161.202.162.180	77.109.30.115	104.99.29.143	114.199.118.74