137.226.113.31

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): RWTH Aachen University

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Port Scan detected from 137.226.113.31 (DE/Germany/researchscan23.comsys.rwth-aachen.de). 5 hits in the last 35 seconds	2020-05-25 17:19:31
attackbotsspam	443/udp 443/udp 443/udp... [2019-08-05/10-05]132pkt,1pt.(udp)	2019-10-05 18:43:21
attackspam	443/udp 443/udp 443/udp... [2019-05-09/07-07]36pkt,1pt.(udp)	2019-07-07 16:54:50

类型

评论内容

时间

attackspambots

*Port Scan* detected from 137.226.113.31 (DE/Germany/researchscan23.comsys.rwth-aachen.de). 5 hits in the last 35 seconds

2020-05-25 17:19:31

attackbotsspam

443/udp 443/udp 443/udp...
[2019-08-05/10-05]132pkt,1pt.(udp)

2019-10-05 18:43:21

attackspam

443/udp 443/udp 443/udp...
[2019-05-09/07-07]36pkt,1pt.(udp)

2019-07-07 16:54:50

相同子网IP讨论:

IP	类型	评论内容	时间
137.226.113.10	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-12 01:59:28
137.226.113.10	attackbots	Port scan denied	2020-09-11 17:50:45
137.226.113.56	attackbotsspam	4843/tcp 1883/tcp 8883/tcp... [2020-06-14/08-11]44pkt,5pt.(tcp)	2020-08-12 07:49:20
137.226.113.56	attackspam	Unauthorized connection attempt detected from IP address 137.226.113.56 to port 4840 [T]	2020-07-20 06:50:01
137.226.113.56	attackbots	Port Scan ...	2020-07-14 02:14:02
137.226.113.9	attackspambots	port scan and connect, tcp 443 (https)	2020-06-06 21:06:05
137.226.113.56	attackbots	srv02 Mass scanning activity detected Target: 102(iso-tsap) ..	2020-06-01 20:17:23
137.226.113.27	attackbots	mozilla/5.0+zgrab/0.x+(compatible;+researchscan/t12sns;++http://researchscan.comsys.rwth-aachen.de)	2020-05-31 07:27:51
137.226.113.10	attack	137.226.113.10	2020-04-14 12:57:11
137.226.113.56	attack	Apr 13 15:48:24 debian-2gb-nbg1-2 kernel: \[9044698.686856\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=137.226.113.56 DST=195.201.40.59 LEN=64 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=TCP SPT=47703 DPT=102 WINDOW=65535 RES=0x00 SYN URGP=0	2020-04-14 01:14:48
137.226.113.56	attackbots	" "	2020-04-06 00:29:43
137.226.113.10	attack	Mar 5 21:51:17 debian-2gb-nbg1-2 kernel: \[5700646.129243\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=137.226.113.10 DST=195.201.40.59 LEN=1228 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=UDP SPT=50832 DPT=443 LEN=1208	2020-03-06 05:32:53
137.226.113.56	attack	Unauthorized connection attempt detected from IP address 137.226.113.56 to port 102 [J]	2020-03-03 00:36:56
137.226.113.56	attackbots	Unauthorized connection attempt detected from IP address 137.226.113.56 to port 4840 [J]	2020-03-02 02:31:27
137.226.113.9	attack	Unauthorized connection attempt detected from IP address 137.226.113.9 to port 443 [J]	2020-02-29 17:00:22

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 137.226.113.31
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51271
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;137.226.113.31.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070700 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 07 16:54:42 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

31.113.226.137.in-addr.arpa domain name pointer researchscan23.comsys.rwth-aachen.de.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
31.113.226.137.in-addr.arpa	name = researchscan23.comsys.rwth-aachen.de.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
122.176.49.139	attackbotsspam	Jun 30 11:36:49 sshd\[27369\]: Invalid user developer from 122.176.49.139Jun 30 11:36:51 sshd\[27369\]: Failed password for invalid user developer from 122.176.49.139 port 50548 ssh2 ...	2020-06-30 19:48:33
139.199.18.194	attackbotsspam	Invalid user git from 139.199.18.194 port 52336	2020-06-30 19:23:06
212.251.48.146	attackbots	Jun 30 10:42:30 web8 sshd\[22621\]: Invalid user pi from 212.251.48.146 Jun 30 10:42:30 web8 sshd\[22622\]: Invalid user pi from 212.251.48.146 Jun 30 10:42:31 web8 sshd\[22621\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.251.48.146 Jun 30 10:42:31 web8 sshd\[22622\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.251.48.146 Jun 30 10:42:33 web8 sshd\[22621\]: Failed password for invalid user pi from 212.251.48.146 port 38298 ssh2	2020-06-30 19:37:17
150.136.167.228	attack	Jun 30 05:48:18 host sshd[29333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.167.228 user=root Jun 30 05:48:20 host sshd[29333]: Failed password for root from 150.136.167.228 port 44464 ssh2 ...	2020-06-30 19:45:38
185.39.10.43	attackbots	Jun 30 13:31:29 debian-2gb-nbg1-2 kernel: \[15775327.991304\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.39.10.43 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=34045 PROTO=TCP SPT=52995 DPT=19797 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-30 19:44:16
60.167.178.182	attack	Jun 30 10:56:59 piServer sshd[25149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.167.178.182 Jun 30 10:57:01 piServer sshd[25149]: Failed password for invalid user indo from 60.167.178.182 port 37436 ssh2 Jun 30 11:03:17 piServer sshd[25653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.167.178.182 ...	2020-06-30 19:19:06
1.34.144.128	attack	2020-06-30T12:59:49.099137galaxy.wi.uni-potsdam.de sshd[1938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1-34-144-128.hinet-ip.hinet.net user=root 2020-06-30T12:59:51.239213galaxy.wi.uni-potsdam.de sshd[1938]: Failed password for root from 1.34.144.128 port 41324 ssh2 2020-06-30T13:01:07.621086galaxy.wi.uni-potsdam.de sshd[2113]: Invalid user bob from 1.34.144.128 port 61986 2020-06-30T13:01:07.626253galaxy.wi.uni-potsdam.de sshd[2113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1-34-144-128.hinet-ip.hinet.net 2020-06-30T13:01:07.621086galaxy.wi.uni-potsdam.de sshd[2113]: Invalid user bob from 1.34.144.128 port 61986 2020-06-30T13:01:09.474722galaxy.wi.uni-potsdam.de sshd[2113]: Failed password for invalid user bob from 1.34.144.128 port 61986 ssh2 2020-06-30T13:02:26.226124galaxy.wi.uni-potsdam.de sshd[2226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos ...	2020-06-30 19:28:35
193.228.108.122	attackspam	2020-06-30T08:33:38.822218mail.csmailer.org sshd[16787]: Invalid user bb from 193.228.108.122 port 35596 2020-06-30T08:33:38.824788mail.csmailer.org sshd[16787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.228.108.122 2020-06-30T08:33:38.822218mail.csmailer.org sshd[16787]: Invalid user bb from 193.228.108.122 port 35596 2020-06-30T08:33:40.859567mail.csmailer.org sshd[16787]: Failed password for invalid user bb from 193.228.108.122 port 35596 ssh2 2020-06-30T08:37:20.153053mail.csmailer.org sshd[17339]: Invalid user student4 from 193.228.108.122 port 45226 ...	2020-06-30 19:18:04
103.78.215.150	attackspambots	$f2bV_matches	2020-06-30 19:18:32
185.220.103.5	attackbots	Automatic report - Banned IP Access	2020-06-30 19:27:58
51.145.44.149	attack	Jun 30 12:38:40 cdc sshd[16300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.145.44.149 user=root Jun 30 12:38:42 cdc sshd[16300]: Failed password for invalid user root from 51.145.44.149 port 64236 ssh2	2020-06-30 19:46:53
51.38.129.120	attack	Brute-force attempt banned	2020-06-30 19:13:59
31.220.2.100	attackspambots	Jun 30 06:18:20 mailman sshd[27996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.220.2.100 user=root	2020-06-30 19:20:19
45.122.220.157	attackbots	45.122.220.157 - - [30/Jun/2020:08:07:57 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.122.220.157 - - [30/Jun/2020:08:07:59 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.122.220.157 - - [30/Jun/2020:08:08:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-30 19:55:15
80.82.70.215	attackbots	Jun 30 13:18:52 debian-2gb-nbg1-2 kernel: \[15774570.675969\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.70.215 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=22626 PROTO=TCP SPT=52088 DPT=14438 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-30 19:26:15

最近上报的IP列表

201.132.234.180	154.216.56.93	221.230.24.233	29.102.72.8
156.19.55.202	2001:630:201:f1f6:5518:bd74:b032:a08f	37.187.8.224	98.216.157.112
190.129.64.102	131.222.253.101	144.217.191.147	103.73.162.5
102.165.35.102	115.238.95.194	177.44.17.196	3.92.99.160
124.112.111.108	103.5.183.41	149.248.8.217	5.135.120.247