141.212.123.200

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: University of Michigan College of Engineering

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-06 02:31:35

Comments on same subnet:

IP	Type	Details	Datetime
141.212.123.188	attackbots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: researchscan698.eecs.umich.edu.	2020-10-09 03:48:51
141.212.123.188	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: researchscan698.eecs.umich.edu.	2020-10-08 19:55:32
141.212.123.185	attackspambots	Blocked by Sophos UTM Network Protection . / / proto=17 . srcport=45667 . dstport=53 DNS . (3556)	2020-10-06 05:09:59
141.212.123.185	attackbots	Blocked by Sophos UTM Network Protection . / / proto=17 . srcport=45667 . dstport=53 DNS . (3556)	2020-10-05 21:14:30
141.212.123.185	attackspambots	Blocked by Sophos UTM Network Protection . / / proto=17 . srcport=45667 . dstport=53 DNS . (3556)	2020-10-05 13:04:54
141.212.123.185	attackbotsspam	UDP 141.212.123.185:39399 -> port 53, len 76	2020-09-22 03:42:16
141.212.123.190	attack	20-Sep-2020 12:01:52.874 client @0x7f63dae4bda0 141.212.123.190#60972 (researchscan541.eecs.umich.edu): query (cache) 'researchscan541.eecs.umich.edu/A/IN' denied	2020-09-21 22:41:19
141.212.123.185	attackbotsspam	UDP 141.212.123.185:39399 -> port 53, len 76	2020-09-21 19:29:05
141.212.123.190	attack	20-Sep-2020 12:01:52.874 client @0x7f63dae4bda0 141.212.123.190#60972 (researchscan541.eecs.umich.edu): query (cache) 'researchscan541.eecs.umich.edu/A/IN' denied	2020-09-21 14:27:35
141.212.123.190	attackspambots	20-Sep-2020 12:01:52.874 client @0x7f63dae4bda0 141.212.123.190#60972 (researchscan541.eecs.umich.edu): query (cache) 'researchscan541.eecs.umich.edu/A/IN' denied	2020-09-21 06:16:44
141.212.123.186	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-09-14 21:27:45
141.212.123.186	attack	UDP 141.212.123.186:49625 -> port 53, len 76	2020-09-14 05:20:55
141.212.123.189	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-03 23:57:21
141.212.123.188	attack	UDP 141.212.123.188:55449 -> port 53, len 76	2020-09-03 23:07:50
141.212.123.189	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-03 15:27:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 141.212.123.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17218
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;141.212.123.200.		IN	A

;; AUTHORITY SECTION:
.			323	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020500 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 06 02:31:30 CST 2020
;; MSG SIZE  rcvd: 119

Host info

200.123.212.141.in-addr.arpa domain name pointer researchscan710.eecs.umich.edu.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
200.123.212.141.in-addr.arpa	name = researchscan710.eecs.umich.edu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.74.227	attackspambots	May 31 11:36:16 sshd\[31978\]: User root from 159.203.74.227 not allowed because not listed in AllowUsersMay 31 11:36:18 sshd\[31978\]: Failed password for invalid user root from 159.203.74.227 port 53800 ssh2 ...	2020-05-31 18:06:04
122.51.83.4	attackspambots	May 31 05:41:34 minden010 sshd[8559]: Failed password for root from 122.51.83.4 port 42396 ssh2 May 31 05:49:08 minden010 sshd[11049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.83.4 May 31 05:49:10 minden010 sshd[11049]: Failed password for invalid user default from 122.51.83.4 port 33822 ssh2 ...	2020-05-31 17:41:41
182.253.68.122	attackbotsspam	May 31 11:48:36 eventyay sshd[21345]: Failed password for root from 182.253.68.122 port 36680 ssh2 May 31 11:52:45 eventyay sshd[21458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.68.122 May 31 11:52:48 eventyay sshd[21458]: Failed password for invalid user student from 182.253.68.122 port 41922 ssh2 ...	2020-05-31 18:04:00
49.233.165.151	attack	May 31 11:11:19 gw1 sshd[16339]: Failed password for root from 49.233.165.151 port 59656 ssh2 ...	2020-05-31 17:50:51
222.105.177.33	attack	k+ssh-bruteforce	2020-05-31 17:47:39
138.197.43.206	attackspambots	138.197.43.206 - - [31/May/2020:05:49:22 +0200] "GET /wp-login.php HTTP/1.1" 200 6364 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.43.206 - - [31/May/2020:05:49:23 +0200] "POST /wp-login.php HTTP/1.1" 200 6615 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.43.206 - - [31/May/2020:05:49:24 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-31 17:36:31
82.64.153.14	attackbotsspam	May 31 05:30:59 ip-172-31-61-156 sshd[32093]: Failed password for root from 82.64.153.14 port 54896 ssh2 May 31 05:30:56 ip-172-31-61-156 sshd[32093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.64.153.14 user=root May 31 05:30:59 ip-172-31-61-156 sshd[32093]: Failed password for root from 82.64.153.14 port 54896 ssh2 May 31 05:33:51 ip-172-31-61-156 sshd[32234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.64.153.14 user=root May 31 05:33:54 ip-172-31-61-156 sshd[32234]: Failed password for root from 82.64.153.14 port 49962 ssh2 ...	2020-05-31 18:05:47
222.186.15.115	attackbotsspam	May 31 05:38:21 plusreed sshd[29162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root May 31 05:38:23 plusreed sshd[29162]: Failed password for root from 222.186.15.115 port 18130 ssh2 ...	2020-05-31 17:47:10
121.69.89.78	attackspambots	Invalid user Root123 from 121.69.89.78 port 48338	2020-05-31 18:00:43
191.30.83.105	attackspambots	Port probing on unauthorized port 445	2020-05-31 17:28:52
171.220.241.115	attackspambots	Invalid user admin from 171.220.241.115 port 41302	2020-05-31 17:45:23
89.248.168.51	attackbots	firewall-block, port(s): 195/tcp, 444/tcp	2020-05-31 17:33:38
186.224.238.253	attack	$f2bV_matches	2020-05-31 18:03:04
61.175.134.190	attackspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-05-31 18:02:08
5.133.146.167	attackspambots	Hits on port : 445	2020-05-31 17:51:28

Recently Reported IPs

36.82.100.251	2.89.183.131	194.187.251.115	182.253.253.31
101.96.120.177	123.126.82.7	14.191.68.94	118.201.195.226
119.92.251.105	113.187.177.250	140.238.163.130	120.131.3.89
166.223.21.148	59.92.179.18	192.126.160.129	42.213.249.166
14.236.147.6	49.15.48.90	159.65.155.255	71.70.185.44