217.141.0.214 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: Amica & C. S.r.l.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 01:22:17,806 INFO [shellcode_manager] (217.141.0.214) no match, writing hexdump (5fd458f17add5b0726fa4a4f5281c6eb :2249352) - MS17010 (EternalBlue)	2019-06-26 22:35:43

Type

Details

Datetime

attackspambots

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 01:22:17,806 INFO [shellcode_manager] (217.141.0.214) no match, writing hexdump (5fd458f17add5b0726fa4a4f5281c6eb :2249352) - MS17010 (EternalBlue)

2019-06-26 22:35:43

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 217.141.0.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32975
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;217.141.0.214.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062600 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 26 22:35:29 CST 2019
;; MSG SIZE  rcvd: 117

Host info

214.0.141.217.in-addr.arpa domain name pointer host214-0-static.141-217-b.business.telecomitalia.it.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
214.0.141.217.in-addr.arpa	name = host214-0-static.141-217-b.business.telecomitalia.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.71.53.34	attackspambots	Unauthorised access (Dec 22) SRC=182.71.53.34 LEN=40 TTL=247 ID=36227 TCP DPT=1433 WINDOW=1024 SYN Unauthorised access (Dec 15) SRC=182.71.53.34 LEN=40 TTL=244 ID=22288 TCP DPT=445 WINDOW=1024 SYN	2019-12-22 09:15:47
159.65.11.106	attackbots	Detected by Maltrail	2019-12-22 08:50:19
178.150.141.93	attackspambots	Registration form abuse	2019-12-22 09:07:38
51.68.226.118	attackspambots	Detected by Maltrail	2019-12-22 08:53:41
133.130.89.210	attack	SSH Brute-Force attacks	2019-12-22 09:09:43
58.216.8.186	attackbotsspam	" "	2019-12-22 08:56:22
159.203.73.181	attack	Dec 21 14:40:45 sachi sshd\[31429\]: Invalid user togasaki from 159.203.73.181 Dec 21 14:40:45 sachi sshd\[31429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=joinlincoln.org Dec 21 14:40:47 sachi sshd\[31429\]: Failed password for invalid user togasaki from 159.203.73.181 port 59744 ssh2 Dec 21 14:45:38 sachi sshd\[31819\]: Invalid user wouters from 159.203.73.181 Dec 21 14:45:38 sachi sshd\[31819\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=joinlincoln.org	2019-12-22 08:58:44
107.170.124.172	attackbotsspam	Dec 21 23:39:06 l02a sshd[23077]: Invalid user nfs from 107.170.124.172 Dec 21 23:39:06 l02a sshd[23077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.124.172 Dec 21 23:39:06 l02a sshd[23077]: Invalid user nfs from 107.170.124.172 Dec 21 23:39:08 l02a sshd[23077]: Failed password for invalid user nfs from 107.170.124.172 port 55750 ssh2	2019-12-22 08:51:57
217.61.2.97	attack	Invalid user ellie from 217.61.2.97 port 49814	2019-12-22 09:07:25
50.7.8.227	attackspambots	Dec 22 03:40:01 server sshd\[505\]: Invalid user rikardsen from 50.7.8.227 Dec 22 03:40:01 server sshd\[505\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.7.8.227 Dec 22 03:40:03 server sshd\[505\]: Failed password for invalid user rikardsen from 50.7.8.227 port 34319 ssh2 Dec 22 03:50:38 server sshd\[4145\]: Invalid user key from 50.7.8.227 Dec 22 03:50:38 server sshd\[4145\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.7.8.227 ...	2019-12-22 09:20:09
61.227.139.218	attack	Unauthorised access (Dec 22) SRC=61.227.139.218 LEN=52 TTL=108 ID=32183 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-22 09:14:33
218.92.0.171	attackbotsspam	Dec 21 15:11:31 php1 sshd\[32034\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root Dec 21 15:11:33 php1 sshd\[32034\]: Failed password for root from 218.92.0.171 port 1404 ssh2 Dec 21 15:11:56 php1 sshd\[32071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root Dec 21 15:11:58 php1 sshd\[32071\]: Failed password for root from 218.92.0.171 port 40710 ssh2 Dec 21 15:12:00 php1 sshd\[32071\]: Failed password for root from 218.92.0.171 port 40710 ssh2	2019-12-22 09:15:00
150.95.83.93	attackspam	Dec 22 01:39:48 dcd-gentoo sshd[7333]: Invalid user guest from 150.95.83.93 port 46536 Dec 22 01:41:06 dcd-gentoo sshd[7454]: Invalid user deploy from 150.95.83.93 port 48762 Dec 22 01:42:17 dcd-gentoo sshd[7523]: Invalid user demo from 150.95.83.93 port 50988 ...	2019-12-22 08:57:23
178.33.136.21	attack	Dec 22 01:38:22 MK-Soft-Root2 sshd[9213]: Failed password for root from 178.33.136.21 port 34374 ssh2 ...	2019-12-22 09:20:22
104.244.72.73	attackbotsspam	Automatically reported by fail2ban report script (powermetal_old)	2019-12-22 09:19:40

Recently Reported IPs

1.170.55.86	45.115.60.234	182.148.122.3	168.195.198.200
111.75.222.141	191.249.113.131	178.46.214.21	189.53.35.78
195.252.39.213	195.175.11.46	178.197.227.152	148.163.173.131
31.4.241.84	222.78.255.253	222.139.16.130	139.99.220.57
37.172.34.100	116.98.90.173	182.232.21.220	123.103.247.182