137.226.13.13 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 137.226.13.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26746
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;137.226.13.13.			IN	A

;; AUTHORITY SECTION:
.			578	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022061102 1800 900 604800 86400

;; Query time: 124 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 12 11:02:23 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

Host 13.13.226.137.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 13.13.226.137.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
68.183.72.72	attack	Unauthorized access to SSH at 7/Nov/2019:08:10:01 +0000. Received: (SSH-2.0-libssh2_1.7.0)	2019-11-07 16:14:16
198.251.89.64	attack	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-11-07 15:52:45
170.0.100.18	attackbotsspam	Lines containing failures of 170.0.100.18 Nov 4 12:40:52 shared09 postfix/smtpd[29296]: connect from nxxxxxxx.ftgraficos.com[170.0.100.18] Nov 4 12:40:53 shared09 policyd-spf[307]: prepend Received-SPF: Softfail (mailfrom) identhostnamey=mailfrom; client-ip=170.0.100.18; helo=srv01.ftgraficos.com; envelope-from=x@x Nov x@x Nov 4 12:40:53 shared09 postfix/smtpd[29296]: disconnect from nxxxxxxx.ftgraficos.com[170.0.100.18] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=5/7 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=170.0.100.18	2019-11-07 16:07:40
120.148.159.228	attack	Nov 7 07:28:48 mail1 sshd\[22575\]: Invalid user pi from 120.148.159.228 port 50966 Nov 7 07:28:48 mail1 sshd\[22576\]: Invalid user pi from 120.148.159.228 port 50974 Nov 7 07:28:48 mail1 sshd\[22575\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.148.159.228 Nov 7 07:28:48 mail1 sshd\[22576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.148.159.228 Nov 7 07:28:51 mail1 sshd\[22575\]: Failed password for invalid user pi from 120.148.159.228 port 50966 ssh2 ...	2019-11-07 16:06:43
77.247.110.63	attack	[Thu Nov 07 13:28:38.291449 2019] [:error] [pid 19117:tid 140464925619968] [client 77.247.110.63:50635] [client 77.247.110.63] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/robots.txt"] [unique_id "XcO5lgmF7nx8HNga2aYSrQAAAJQ"] ...	2019-11-07 16:11:29
163.5.55.58	attackspambots	2019-11-07T08:51:03.492151mail01 postfix/smtpd[12878]: warning: srs.epita.fr[163.5.55.58]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-07T08:55:22.443677mail01 postfix/smtpd[19238]: warning: srs.epita.fr[163.5.55.58]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-07T08:55:38.277687mail01 postfix/smtpd[19238]: warning: srs.epita.fr[163.5.55.58]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-07 16:22:14
165.227.16.222	attackbotsspam	2019-11-07T08:11:09.779343shield sshd\[20597\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.16.222 user=root 2019-11-07T08:11:11.834291shield sshd\[20597\]: Failed password for root from 165.227.16.222 port 45218 ssh2 2019-11-07T08:14:42.271400shield sshd\[20898\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.16.222 user=root 2019-11-07T08:14:44.898746shield sshd\[20898\]: Failed password for root from 165.227.16.222 port 55010 ssh2 2019-11-07T08:18:13.611105shield sshd\[21263\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.16.222 user=root	2019-11-07 16:26:20
121.58.231.39	attackbots	Automatic report - Port Scan	2019-11-07 16:01:20
132.232.59.247	attackspam	Automatic report - Banned IP Access	2019-11-07 15:58:33
193.92.125.158	attackspambots	Email spam message	2019-11-07 15:55:38
14.189.5.102	attackspam	Nov 7 07:29:05 km20725 sshd[20500]: Did not receive identification string from 14.189.5.102 Nov 7 07:29:05 km20725 sshd[20501]: Did not receive identification string from 14.189.5.102 Nov 7 07:29:10 km20725 sshd[20503]: Address 14.189.5.102 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 7 07:29:10 km20725 sshd[20503]: Invalid user admin1 from 14.189.5.102 Nov 7 07:29:10 km20725 sshd[20503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.189.5.102 Nov 7 07:29:10 km20725 sshd[20502]: Address 14.189.5.102 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 7 07:29:10 km20725 sshd[20502]: Invalid user admin1 from 14.189.5.102 Nov 7 07:29:11 km20725 sshd[20502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.189.5.102 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.189	2019-11-07 15:52:15
220.130.10.13	attackbotsspam	Nov 7 07:26:00 localhost sshd\[77059\]: Invalid user QWERasdf from 220.130.10.13 port 18168 Nov 7 07:26:00 localhost sshd\[77059\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Nov 7 07:26:02 localhost sshd\[77059\]: Failed password for invalid user QWERasdf from 220.130.10.13 port 18168 ssh2 Nov 7 07:30:03 localhost sshd\[77158\]: Invalid user pimpin from 220.130.10.13 port 55382 Nov 7 07:30:03 localhost sshd\[77158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 ...	2019-11-07 15:47:04
46.38.144.57	attack	Nov 7 08:58:34 vmanager6029 postfix/smtpd\[1400\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 7 08:59:11 vmanager6029 postfix/smtpd\[1400\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-07 16:00:57
220.130.178.36	attackbotsspam	Nov 7 07:51:52 sshgateway sshd\[10029\]: Invalid user arie from 220.130.178.36 Nov 7 07:51:52 sshgateway sshd\[10029\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.178.36 Nov 7 07:51:54 sshgateway sshd\[10029\]: Failed password for invalid user arie from 220.130.178.36 port 44536 ssh2	2019-11-07 15:54:25
110.228.210.243	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/110.228.210.243/ CN - 1H : (645) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4837 IP : 110.228.210.243 CIDR : 110.228.0.0/14 PREFIX COUNT : 1262 UNIQUE IP COUNT : 56665856 ATTACKS DETECTED ASN4837 : 1H - 15 3H - 39 6H - 76 12H - 126 24H - 228 DateTime : 2019-11-07 07:28:56 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-07 16:00:23

最近上报的IP列表

137.226.12.242	137.226.13.11	137.226.13.60	137.226.13.67
46.18.221.226	137.226.13.119	137.226.13.117	137.226.13.122
137.226.13.197	137.226.13.226	137.226.13.235	178.62.63.165
137.226.14.132	137.226.14.131	43.154.52.45	43.128.226.107
43.154.51.208	2.56.56.190	175.204.37.8	45.175.18.254