198.54.114.242

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
198.54.114.169	attackspam	This IOC was found in a github gist: https://gist.github.com/b66feefc03dc4c17d0b7d16ca4158374 with the title "a list of ebay phishing domains that i discovered when combing through certificate data (through the .top TLD) " by ANeilan For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-06-19 21:06:56
198.54.114.47	attack	Wordpress hack xmlrpc.php	2020-05-09 18:25:20
198.54.114.94	attack	xmlrpc attack	2020-05-09 16:15:12
198.54.114.34	attackspam	xmlrpc attack	2020-05-08 03:00:54
198.54.114.41	attackbotsspam	IP blocked	2020-05-07 20:57:23
198.54.114.76	attackspambots	IP blocked	2020-05-07 20:56:05
198.54.114.34	attack	xmlrpc attack	2020-04-22 15:19:34
198.54.114.33	attackbots	$f2bV_matches	2020-03-31 20:44:13
198.54.114.108	attackspam	xmlrpc attack	2020-03-13 13:18:39
198.54.114.112	attackbotsspam	WEB_SERVER 403 Forbidden	2019-11-06 03:03:22
198.54.114.17	attackbots	?page=2+-6863+union+all+select+1,1,1,1,1,1,1,CONCAT(0x3a6f79753a,0x4244764877697569706b,0x3a70687a3a)%23	2019-11-02 00:21:48
198.54.114.112	attack	xmlrpc attack	2019-10-22 02:44:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 198.54.114.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3077
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;198.54.114.242.			IN	A

;; AUTHORITY SECTION:
.			557	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 22:56:45 CST 2022
;; MSG SIZE  rcvd: 107

Host info

242.114.54.198.in-addr.arpa domain name pointer server233-1.web-hosting.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
242.114.54.198.in-addr.arpa	name = server233-1.web-hosting.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.52.234	attackbots	Sep 29 16:40:19 lnxded63 sshd[15930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234	2019-09-29 22:57:13
220.133.145.28	attack	34567/tcp 34567/tcp [2019-09-03/29]2pkt	2019-09-29 22:55:09
49.88.112.80	attackbots	Sep 29 20:22:59 areeb-Workstation sshd[28233]: Failed password for root from 49.88.112.80 port 60556 ssh2 Sep 29 20:23:00 areeb-Workstation sshd[28233]: Failed password for root from 49.88.112.80 port 60556 ssh2 ...	2019-09-29 22:53:15
124.93.2.233	attackspam	ssh failed login	2019-09-29 22:56:37
51.75.171.150	attackbotsspam	2019-09-29T14:02:50.978652lon01.zurich-datacenter.net sshd\[10701\]: Invalid user vweru from 51.75.171.150 port 58214 2019-09-29T14:02:50.985794lon01.zurich-datacenter.net sshd\[10701\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.ip-51-75-171.eu 2019-09-29T14:02:53.014998lon01.zurich-datacenter.net sshd\[10701\]: Failed password for invalid user vweru from 51.75.171.150 port 58214 ssh2 2019-09-29T14:07:04.067313lon01.zurich-datacenter.net sshd\[10802\]: Invalid user kristine from 51.75.171.150 port 42420 2019-09-29T14:07:04.074504lon01.zurich-datacenter.net sshd\[10802\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.ip-51-75-171.eu ...	2019-09-29 22:58:07
113.131.125.133	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-09-29 23:41:26
103.3.226.228	attackspam	Sep 29 14:25:45 mail sshd\[18893\]: Invalid user finn from 103.3.226.228 Sep 29 14:25:45 mail sshd\[18893\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.3.226.228 Sep 29 14:25:47 mail sshd\[18893\]: Failed password for invalid user finn from 103.3.226.228 port 50664 ssh2 ...	2019-09-29 23:22:38
46.39.238.205	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/46.39.238.205/ RU - 1H : (906) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RU NAME ASN : ASN29124 IP : 46.39.238.205 CIDR : 46.39.232.0/21 PREFIX COUNT : 43 UNIQUE IP COUNT : 130816 WYKRYTE ATAKI Z ASN29124 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 2 INFO : Port SERVER 80 Scan Detected and Blocked by ADMIN - data recovery	2019-09-29 23:04:02
76.186.81.229	attack	Sep 29 14:57:17 eventyay sshd[19812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.186.81.229 Sep 29 14:57:19 eventyay sshd[19812]: Failed password for invalid user romain from 76.186.81.229 port 55992 ssh2 Sep 29 15:02:26 eventyay sshd[19920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.186.81.229 ...	2019-09-29 22:51:55
37.195.112.141	attack	445/tcp 445/tcp [2019-08-21/09-29]2pkt	2019-09-29 22:53:34
139.219.15.178	attackspambots	Sep 29 14:00:58 OPSO sshd\[32347\]: Invalid user webmail from 139.219.15.178 port 35332 Sep 29 14:00:58 OPSO sshd\[32347\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.15.178 Sep 29 14:01:00 OPSO sshd\[32347\]: Failed password for invalid user webmail from 139.219.15.178 port 35332 ssh2 Sep 29 14:06:59 OPSO sshd\[774\]: Invalid user mcserver from 139.219.15.178 port 46834 Sep 29 14:06:59 OPSO sshd\[774\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.15.178	2019-09-29 23:01:11
220.117.175.165	attackbots	Sep 29 04:56:27 friendsofhawaii sshd\[17685\]: Invalid user anna from 220.117.175.165 Sep 29 04:56:27 friendsofhawaii sshd\[17685\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.117.175.165 Sep 29 04:56:28 friendsofhawaii sshd\[17685\]: Failed password for invalid user anna from 220.117.175.165 port 48884 ssh2 Sep 29 05:02:14 friendsofhawaii sshd\[18222\]: Invalid user jefferson from 220.117.175.165 Sep 29 05:02:14 friendsofhawaii sshd\[18222\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.117.175.165	2019-09-29 23:14:23
190.252.253.108	attack	Sep 29 14:06:13 nextcloud sshd\[513\]: Invalid user foxi from 190.252.253.108 Sep 29 14:06:13 nextcloud sshd\[513\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.252.253.108 Sep 29 14:06:15 nextcloud sshd\[513\]: Failed password for invalid user foxi from 190.252.253.108 port 44936 ssh2 ...	2019-09-29 23:40:47
91.134.153.144	attack	Sep 29 03:22:31 hcbb sshd\[6700\]: Invalid user wei1 from 91.134.153.144 Sep 29 03:22:31 hcbb sshd\[6700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.153.144 Sep 29 03:22:33 hcbb sshd\[6700\]: Failed password for invalid user wei1 from 91.134.153.144 port 52914 ssh2 Sep 29 03:26:46 hcbb sshd\[7106\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.153.144 user=root Sep 29 03:26:49 hcbb sshd\[7106\]: Failed password for root from 91.134.153.144 port 41348 ssh2	2019-09-29 23:16:15
121.191.34.71	attackspam	2323/tcp 23/tcp... [2019-08-04/09-29]8pkt,2pt.(tcp)	2019-09-29 22:56:55

Recently Reported IPs

198.54.114.240	198.54.114.244	198.54.114.243	198.54.114.248
198.54.114.66	198.54.114.249	198.54.115.10	198.54.115.110
198.54.115.103	198.54.114.246	198.54.115.111	198.54.115.114
198.54.115.115	198.54.115.116	198.54.115.130	198.54.115.131
198.54.115.133	198.54.115.125	198.54.115.129	198.54.115.13