DigitalOcean

[Bentley]

I have a 2019 Model S, and on April 11, 2021, beginning at 1:27 AM, I received twelve notifications (once per minute) from my Synology router with the following information: “The connection from Tesla_Model_S to 192.241.211[.]46 has been blocked for security reasons (Malicious).”

IP WHOIS Lookup shows that the IP address is registered to DigitalOcean, LLC in New York, NY.

I am not running any third-party software such as TeslaFi, etc. Does anyone know why the vehicle is reaching out to this IP address?

Thanks!

 

[rooter]

The car runs Ubongo and is trying to get the correct time. Your router is mistaken.

If you can, whitelist that IP, or get a more effective router.

 

[Tim FitzGerald]

The car runs Ubongo and is trying to get the correct time. Your router is mistaken.

If you can, whitelist that IP, or get a more effective router.

Umbongo! Don't you mean Ubuntu?

 

[rooter]

Ubongo/Ubuntu, potato/potahto, 'knock her up'/'make her pregnant', same thing.

Not much respect for the OS in my world.

 

[recluce]

That specific IP maps to mx.danb.email, which indicates a mail server running at this address. Digital Ocean is just the owner of the network on which this mail server is located, they could be contacted if the owner of that mail server really was malicious - I did not find any reports of negative reputation. But why would your Model S send emails to that server?

More information: https://dnslytics.com/ip/192.241.211.46

BTW: disregard the nonsense from rooter. While Tesla is using Linux, it is not using Ubuntu.

 

[rooter]

That specific IP maps to mx.danb.email, which indicates a mail server running at this address. Digital Ocean is just the owner of the network on which this mail server is located, they could be contacted if the owner of that mail server really was malicious - I did not find any reports of negative reputation. But why would your Model S send emails to that server?

More information: https://dnslytics.com/ip/192.241.211.46

BTW: disregard the nonsense from rooter. While Tesla is using Linux, it is not using Ubuntu.

No sh*t it's mx.danb.email. But if you had any sense you would have found that this is in the chain to Ubuntu NTP servers. No the car is not 'trying to send an email', lol.

You are wrong recluce, about several things. Putting you on Ignore. Some know just enough to be dangerous, or at least embarrass themselves. Do me a favor and put me on Ignore.

 

[petebocken]

FYI - This morning I had my Ubiquiti UDM IPS block traffic at IP 192.241.211.46:123 which resolves to mx.danb.email. It occurred on my Tesla Wall Connector. I've only had IPS enabled since Nov 9, so it's possible this NTP server check-in happens every month (if that is indeed what this is).