141.212.123.191

Basic Info

City: Ann Arbor

Region: Michigan

Country: United States

Internet Service Provider: University of Michigan College of Engineering

Hostname: unknown

Organization: University of Michigan

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port Scan: UDP/53	2019-08-05 11:56:37

Comments on same subnet:

IP	Type	Details	Datetime
141.212.123.188	attackbots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: researchscan698.eecs.umich.edu.	2020-10-09 03:48:51
141.212.123.188	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: researchscan698.eecs.umich.edu.	2020-10-08 19:55:32
141.212.123.185	attackspambots	Blocked by Sophos UTM Network Protection . / / proto=17 . srcport=45667 . dstport=53 DNS . (3556)	2020-10-06 05:09:59
141.212.123.185	attackbots	Blocked by Sophos UTM Network Protection . / / proto=17 . srcport=45667 . dstport=53 DNS . (3556)	2020-10-05 21:14:30
141.212.123.185	attackspambots	Blocked by Sophos UTM Network Protection . / / proto=17 . srcport=45667 . dstport=53 DNS . (3556)	2020-10-05 13:04:54
141.212.123.185	attackbotsspam	UDP 141.212.123.185:39399 -> port 53, len 76	2020-09-22 03:42:16
141.212.123.190	attack	20-Sep-2020 12:01:52.874 client @0x7f63dae4bda0 141.212.123.190#60972 (researchscan541.eecs.umich.edu): query (cache) 'researchscan541.eecs.umich.edu/A/IN' denied	2020-09-21 22:41:19
141.212.123.185	attackbotsspam	UDP 141.212.123.185:39399 -> port 53, len 76	2020-09-21 19:29:05
141.212.123.190	attack	20-Sep-2020 12:01:52.874 client @0x7f63dae4bda0 141.212.123.190#60972 (researchscan541.eecs.umich.edu): query (cache) 'researchscan541.eecs.umich.edu/A/IN' denied	2020-09-21 14:27:35
141.212.123.190	attackspambots	20-Sep-2020 12:01:52.874 client @0x7f63dae4bda0 141.212.123.190#60972 (researchscan541.eecs.umich.edu): query (cache) 'researchscan541.eecs.umich.edu/A/IN' denied	2020-09-21 06:16:44
141.212.123.186	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-09-14 21:27:45
141.212.123.186	attack	UDP 141.212.123.186:49625 -> port 53, len 76	2020-09-14 05:20:55
141.212.123.189	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-03 23:57:21
141.212.123.188	attack	UDP 141.212.123.188:55449 -> port 53, len 76	2020-09-03 23:07:50
141.212.123.189	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-03 15:27:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 141.212.123.191
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45986
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;141.212.123.191.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071701 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 18 02:54:31 CST 2019
;; MSG SIZE  rcvd: 119

Host info

191.123.212.141.in-addr.arpa domain name pointer researchscan701.eecs.umich.edu.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
191.123.212.141.in-addr.arpa	name = researchscan701.eecs.umich.edu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
142.111.118.66	attack	TCP port 445 (SMB) attempt blocked by firewall. [2019-07-02 15:57:19]	2019-07-03 00:37:04
181.231.55.102	attack	Trying to deliver email spam, but blocked by RBL	2019-07-03 00:40:29
202.91.82.54	attackbotsspam	$f2bV_matches	2019-07-03 01:12:10
139.99.201.74	attack	139.99.201.74 - - [02/Jul/2019:15:52:37 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.201.74 - - [02/Jul/2019:15:52:38 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.201.74 - - [02/Jul/2019:15:52:38 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.201.74 - - [02/Jul/2019:15:52:39 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.201.74 - - [02/Jul/2019:15:52:40 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.201.74 - - [02/Jul/2019:15:52:41 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-03 01:03:55
183.87.35.162	attackbots	2019-07-02T16:35:31.049312abusebot-6.cloudsearch.cf sshd\[21764\]: Invalid user cdoran from 183.87.35.162 port 40576	2019-07-03 00:36:03
117.232.105.98	attack	" "	2019-07-03 00:25:59
193.112.72.180	attack	2019-07-02T13:58:13.525489abusebot-4.cloudsearch.cf sshd\[31314\]: Invalid user lois from 193.112.72.180 port 36892	2019-07-03 00:37:26
125.22.76.77	attack	Jul 2 16:56:23 MK-Soft-Root1 sshd\[23456\]: Invalid user wferlitz from 125.22.76.77 port 28187 Jul 2 16:56:23 MK-Soft-Root1 sshd\[23456\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.22.76.77 Jul 2 16:56:25 MK-Soft-Root1 sshd\[23456\]: Failed password for invalid user wferlitz from 125.22.76.77 port 28187 ssh2 ...	2019-07-03 01:14:46
91.121.211.34	attack	2019-07-02 01:41:39 server sshd[39119]: Failed password for invalid user apache from 91.121.211.34 port 34348 ssh2	2019-07-03 00:43:31
54.37.14.3	attack	Automatic report - Web App Attack	2019-07-03 01:05:30
191.102.123.132	attack	scan z	2019-07-03 00:40:07
118.25.128.19	attack	Jul 2 15:54:25 core01 sshd\[15760\]: Invalid user deployer from 118.25.128.19 port 40876 Jul 2 15:54:25 core01 sshd\[15760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.128.19 ...	2019-07-03 01:13:37
146.148.21.114	attackbots	port scan and connect, tcp 80 (http)	2019-07-03 00:39:26
190.128.159.118	attackbots	$f2bV_matches	2019-07-03 01:15:09
94.61.130.90	attackspambots	Multiple failed RDP login attempts	2019-07-03 00:36:33

Recently Reported IPs

2a02:560:427d:5a00:2d9a:bd1c:7492:d850	199.174.52.243	83.169.227.148	196.219.231.180
185.140.243.156	163.143.95.200	54.214.111.233	192.83.130.175
147.144.226.63	75.182.143.22	168.68.196.11	155.138.136.219
81.213.65.72	23.250.30.215	213.122.197.3	3.150.149.71
113.141.189.247	1.225.248.112	234.143.239.55	186.43.139.36