141.211.240.249

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: University of Michigan School of Nursing

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorised connection attempt detected at AUO FR1 NODE2. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-12 20:45:37
attackbots	Jun 12 05:42:13 ws26vmsma01 sshd[244452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.211.240.249 Jun 12 05:42:15 ws26vmsma01 sshd[244452]: Failed password for invalid user mandi from 141.211.240.249 port 56392 ssh2 ...	2020-06-12 17:08:22

Type

Details

Datetime

attackbots

Unauthorised connection attempt detected at AUO FR1 NODE2. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)

2020-06-12 20:45:37

attackbots

Jun 12 05:42:13 ws26vmsma01 sshd[244452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.211.240.249
Jun 12 05:42:15 ws26vmsma01 sshd[244452]: Failed password for invalid user mandi from 141.211.240.249 port 56392 ssh2
...

2020-06-12 17:08:22

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 141.211.240.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30267
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;141.211.240.249.		IN	A

;; AUTHORITY SECTION:
.			525	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061200 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 12 17:08:18 CST 2020
;; MSG SIZE  rcvd: 119

Host info

249.240.211.141.in-addr.arpa domain name pointer mattermost-test.nursing.umich.edu.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
249.240.211.141.in-addr.arpa	name = mattermost-test.nursing.umich.edu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.123.42.25	attack	Unauthorized connection attempt from IP address 124.123.42.25 on Port 445(SMB)	2020-07-11 03:09:18
151.80.16.162	attackbotsspam	RDP Bruteforce	2020-07-11 02:48:06
190.153.174.162	attack	Unauthorized connection attempt from IP address 190.153.174.162 on Port 445(SMB)	2020-07-11 02:47:37
101.109.171.123	attackbots	Unauthorized connection attempt from IP address 101.109.171.123 on Port 445(SMB)	2020-07-11 03:18:57
118.25.27.102	attackspam	$f2bV_matches	2020-07-11 02:46:16
118.27.31.145	attackspam	Cluster member 67.227.229.95 (US/United States/host.cjthedj97.me) said, DENY 118.27.31.145, Reason:[(sshd) Failed SSH login from 118.27.31.145 (JP/Japan/v118-27-31-145.hkbx.static.cnode.io): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-07-11 02:56:36
60.52.49.96	attack	Bad Request - GET /	2020-07-11 02:58:02
14.165.159.75	attackbots	Bad Request - GET /	2020-07-11 03:05:11
125.166.111.250	attackbots	Jul 10 12:31:19 IngegnereFirenze sshd[21664]: Did not receive identification string from 125.166.111.250 port 54771 ...	2020-07-11 03:12:37
170.82.246.208	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-07-11 03:04:13
217.111.239.37	attackbotsspam	2020-07-10T14:09:28.2916601495-001 sshd[32175]: Invalid user livio2 from 217.111.239.37 port 54272 2020-07-10T14:09:29.5961301495-001 sshd[32175]: Failed password for invalid user livio2 from 217.111.239.37 port 54272 ssh2 2020-07-10T14:12:22.8443621495-001 sshd[32248]: Invalid user user from 217.111.239.37 port 51296 2020-07-10T14:12:22.8521331495-001 sshd[32248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.111.239.37 2020-07-10T14:12:22.8443621495-001 sshd[32248]: Invalid user user from 217.111.239.37 port 51296 2020-07-10T14:12:24.7068301495-001 sshd[32248]: Failed password for invalid user user from 217.111.239.37 port 51296 ssh2 ...	2020-07-11 02:46:00
112.161.78.70	attackspam	Jul 10 12:41:38 ny01 sshd[16033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.161.78.70 Jul 10 12:41:40 ny01 sshd[16033]: Failed password for invalid user malika from 112.161.78.70 port 44571 ssh2 Jul 10 12:43:36 ny01 sshd[16278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.161.78.70	2020-07-11 03:07:14
111.231.192.88	attackspambots	Wordpress attack - GET /wp-login.php	2020-07-11 02:50:12
218.92.0.191	attackspambots	Jul 10 20:42:24 dcd-gentoo sshd[9906]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Jul 10 20:42:26 dcd-gentoo sshd[9906]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Jul 10 20:42:26 dcd-gentoo sshd[9906]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 38800 ssh2 ...	2020-07-11 02:51:36
103.81.86.49	attackspambots	SSH Brute-Force. Ports scanning.	2020-07-11 03:10:19

Recently Reported IPs

114.90.94.139	156.96.118.39	103.41.28.113	220.135.199.91
113.88.158.189	110.184.181.42	84.17.49.199	217.19.31.84
200.26.228.24	162.243.136.243	203.156.216.100	45.78.29.88
216.170.112.205	145.255.21.213	123.25.116.189	105.89.211.117
210.59.147.127	39.59.55.232	192.35.168.168	34.219.225.164