192.241.214.99

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 192.241.214.99 to port 2077	2020-02-26 05:21:47

Comments on same subnet:

IP	Type	Details	Datetime
192.241.214.48	attack	firewall-block, port(s): 6379/tcp	2020-10-08 06:39:57
192.241.214.142	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-08 01:02:48
192.241.214.48	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 9042 resulting in total of 71 scans from 192.241.128.0/17 block.	2020-10-07 23:00:58
192.241.214.142	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-07 17:11:35
192.241.214.48	attack	Metasploit VxWorks WDB Agent Scanner Detection	2020-10-07 15:06:12
192.241.214.46	attackbotsspam	192.241.214.46 - - - [06/Oct/2020:19:51:34 +0200] "GET /portal/redlion HTTP/1.1" 404 162 "-" "Mozilla/5.0 zgrab/0.x" "-" "-"	2020-10-07 03:06:02
192.241.214.46	attack	389/tcp 5903/tcp 3306/tcp... [2020-09-16/10-06]21pkt,19pt.(tcp),1pt.(udp)	2020-10-06 19:05:49
192.241.214.172	attack	TCP port : 5984	2020-10-05 21:39:21
192.241.214.172	attack	Port scan: Attack repeated for 24 hours	2020-10-05 13:33:03
192.241.214.172	attack	Port Scan ...	2020-10-04 05:41:00
192.241.214.172	attack	TCP (SYN) 192.241.214.172:46488 -> port 58950, len 44	2020-10-03 13:22:37
192.241.214.165	attack	Found on CINS badguys / proto=6 . srcport=52605 . dstport=49152 . (1011)	2020-10-02 02:18:43
192.241.214.165	attack	8140/tcp 58836/tcp 179/tcp... [2020-09-18/10-01]13pkt,11pt.(tcp),1pt.(udp)	2020-10-01 18:27:01
192.241.214.210	attackbotsspam	Threat Management Alert 3: Detection of a Network Scan. Signature ET SCAN Zmap User-Agent (Inbound). From: 192.241.214.210:57630, to: 192.168.x.x:80, protocol: TCP	2020-10-01 04:32:56
192.241.214.210	attack	Threat Management Alert 3: Detection of a Network Scan. Signature ET SCAN Zmap User-Agent (Inbound). From: 192.241.214.210:57630, to: 192.168.x.x:80, protocol: TCP	2020-09-30 20:45:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.241.214.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45801
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.241.214.99.			IN	A

;; AUTHORITY SECTION:
.			155	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022501 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 26 05:21:44 CST 2020
;; MSG SIZE  rcvd: 118

Host info

99.214.241.192.in-addr.arpa domain name pointer zg0213a-72.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
99.214.241.192.in-addr.arpa	name = zg0213a-72.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.16.197.149	attackspambots	Invalid user guest from 201.16.197.149 port 57124	2019-12-29 04:32:24
34.215.175.245	attackspambots	Unauthorized connection attempt detected from IP address 34.215.175.245 to port 8984	2019-12-29 04:02:20
182.61.105.104	attackbots	SSH authentication failure x 6 reported by Fail2Ban ...	2019-12-29 04:24:29
190.246.205.208	attackbots	Dec 28 16:47:33 server sshd\[2444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.246.205.208 user=root Dec 28 16:47:35 server sshd\[2444\]: Failed password for root from 190.246.205.208 port 42578 ssh2 Dec 28 17:09:05 server sshd\[6367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.246.205.208 user=root Dec 28 17:09:07 server sshd\[6367\]: Failed password for root from 190.246.205.208 port 52180 ssh2 Dec 28 17:27:48 server sshd\[10266\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.246.205.208 user=root ...	2019-12-29 04:15:48
190.181.2.248	attackbots	Unauthorized connection attempt detected from IP address 190.181.2.248 to port 445	2019-12-29 04:06:17
31.134.121.89	attack	Unauthorized connection attempt detected from IP address 31.134.121.89 to port 445	2019-12-29 04:02:45
203.162.2.247	attackbots	Dec 28 16:42:34 zeus sshd[32301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.162.2.247 Dec 28 16:42:36 zeus sshd[32301]: Failed password for invalid user fedder from 203.162.2.247 port 38120 ssh2 Dec 28 16:45:55 zeus sshd[32382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.162.2.247 Dec 28 16:45:56 zeus sshd[32382]: Failed password for invalid user 123456 from 203.162.2.247 port 37842 ssh2	2019-12-29 04:36:19
54.176.188.51	attack	$f2bV_matches	2019-12-29 04:13:13
106.12.98.7	attackspambots	Invalid user us from 106.12.98.7 port 51932	2019-12-29 04:10:30
202.131.126.142	attack	Dec 28 16:26:06 sshgateway sshd\[4126\]: Invalid user fleuchaus from 202.131.126.142 Dec 28 16:26:06 sshgateway sshd\[4126\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.126.142 Dec 28 16:26:08 sshgateway sshd\[4126\]: Failed password for invalid user fleuchaus from 202.131.126.142 port 56758 ssh2	2019-12-29 04:21:44
181.60.78.129	attackbots	3389BruteforceFW23	2019-12-29 04:12:14
89.248.168.102	attackbotsspam	WordPress (CMS) attack attempts. Date: 2019 Dec 28. 13:07:50 Source IP: 89.248.168.102 Portion of the log(s): 89.248.168.102 - [28/Dec/2019:13:07:49 +0100] "GET /sitio/wp-login.php HTTP/1.1" 404 548 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" 89.248.168.102 - [28/Dec/2019:13:07:49 +0100] GET /sites/wp-login.php 89.248.168.102 - [28/Dec/2019:13:07:47 +0100] GET /site/wp-login.php 89.248.168.102 - [28/Dec/2019:13:07:47 +0100] GET /news/wp-login.php 89.248.168.102 - [28/Dec/2019:13:07:47 +0100] GET /new/wp-login.php 89.248.168.102 - [28/Dec/2019:13:07:47 +0100] GET /web/wp-login.php 89.248.168.102 - [28/Dec/2019:13:07:47 +0100] GET /wpmu/wp-login.php 89.248.168.102 - [28/Dec/2019:13:07:47 +0100] GET /wp/wp-login.php 89.248.168.102 - [28/Dec/2019:13:07:46 +0100] GET /press/wp-login.php 89.248.168.102 - [28/Dec/2019:13:07:45 +0100] GET /wordpress/wp-login.php 89.248.168.102 - [28/Dec/2019:13:07:45 +0100] GET /home/wp-login.php ....	2019-12-29 04:30:22
179.181.19.113	attackbotsspam	Unauthorized connection attempt detected from IP address 179.181.19.113 to port 445	2019-12-29 04:08:25
104.37.86.14	attackbots	Attempted WordPress login: "GET /wp-login.php"	2019-12-29 04:16:34
202.107.227.42	attackspam	Fail2Ban Ban Triggered	2019-12-29 04:31:55

Recently Reported IPs

89.218.244.106	96.55.138.77	61.164.22.41	99.245.112.106
59.126.80.127	159.16.0.125	223.17.34.131	115.57.138.204
86.248.194.100	69.177.192.184	88.129.171.94	63.163.70.149
40.82.99.172	116.101.248.49	149.175.13.90	86.142.61.133
203.218.253.151	101.140.17.49	202.150.139.168	69.235.83.175