137.226.1.140 - IPInfo

Basic Info

City: Aachen

Region: North Rhine-Westphalia

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
137.226.113.10	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-12 01:59:28
137.226.113.10	attackbots	Port scan denied	2020-09-11 17:50:45
137.226.113.56	attackbotsspam	4843/tcp 1883/tcp 8883/tcp... [2020-06-14/08-11]44pkt,5pt.(tcp)	2020-08-12 07:49:20
137.226.113.56	attackspam	Unauthorized connection attempt detected from IP address 137.226.113.56 to port 4840 [T]	2020-07-20 06:50:01
137.226.113.56	attackbots	Port Scan ...	2020-07-14 02:14:02
137.226.113.9	attackspambots	port scan and connect, tcp 443 (https)	2020-06-06 21:06:05
137.226.113.56	attackbots	srv02 Mass scanning activity detected Target: 102(iso-tsap) ..	2020-06-01 20:17:23
137.226.113.27	attackbots	mozilla/5.0+zgrab/0.x+(compatible;+researchscan/t12sns;++http://researchscan.comsys.rwth-aachen.de)	2020-05-31 07:27:51
137.226.113.31	attackspambots	Port Scan detected from 137.226.113.31 (DE/Germany/researchscan23.comsys.rwth-aachen.de). 5 hits in the last 35 seconds	2020-05-25 17:19:31
137.226.113.10	attack	137.226.113.10	2020-04-14 12:57:11
137.226.113.56	attack	Apr 13 15:48:24 debian-2gb-nbg1-2 kernel: \[9044698.686856\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=137.226.113.56 DST=195.201.40.59 LEN=64 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=TCP SPT=47703 DPT=102 WINDOW=65535 RES=0x00 SYN URGP=0	2020-04-14 01:14:48
137.226.113.56	attackbots	" "	2020-04-06 00:29:43
137.226.113.10	attack	Mar 5 21:51:17 debian-2gb-nbg1-2 kernel: \[5700646.129243\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=137.226.113.10 DST=195.201.40.59 LEN=1228 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=UDP SPT=50832 DPT=443 LEN=1208	2020-03-06 05:32:53
137.226.113.56	attack	Unauthorized connection attempt detected from IP address 137.226.113.56 to port 102 [J]	2020-03-03 00:36:56
137.226.113.56	attackbots	Unauthorized connection attempt detected from IP address 137.226.113.56 to port 4840 [J]	2020-03-02 02:31:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 137.226.1.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4236
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;137.226.1.140.			IN	A

;; AUTHORITY SECTION:
.			504	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022061102 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 12 06:41:36 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 140.1.226.137.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 140.1.226.137.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.89.228.66	attackspam	srvr1: (mod_security) mod_security (id:920350) triggered by 77.89.228.66 (MD/-/static.77.89.228.66.tmg.md): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/11 04:49:37 [error] 12751#0: 37039 [client 77.89.228.66] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159979257768.597769"] [ref "o0,13v21,13"], client: 77.89.228.66, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-11 16:36:59
18.18.248.17	attack	2020-09-11T07:19[Censored Hostname] sshd[18071]: Failed password for root from 18.18.248.17 port 8432 ssh2 2020-09-11T07:19[Censored Hostname] sshd[18071]: Failed password for root from 18.18.248.17 port 8432 ssh2 2020-09-11T07:19[Censored Hostname] sshd[18071]: Failed password for root from 18.18.248.17 port 8432 ssh2[...]	2020-09-11 16:38:44
36.77.92.86	attackbotsspam	1599756826 - 09/10/2020 18:53:46 Host: 36.77.92.86/36.77.92.86 Port: 445 TCP Blocked	2020-09-11 16:45:27
45.2.251.126	attackspam	SIP/5060 Probe, BF, Hack -	2020-09-11 16:49:26
35.187.233.244	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 13 - port: 28353 proto: tcp cat: Misc Attackbytes: 60	2020-09-11 16:25:26
2.60.47.165	attackbotsspam	20/9/10@12:53:41: FAIL: Alarm-Network address from=2.60.47.165 20/9/10@12:53:41: FAIL: Alarm-Network address from=2.60.47.165 ...	2020-09-11 16:47:35
177.22.81.87	attackbots	Sep 11 03:17:21 jumpserver sshd[36163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.22.81.87 user=root Sep 11 03:17:24 jumpserver sshd[36163]: Failed password for root from 177.22.81.87 port 38366 ssh2 Sep 11 03:18:32 jumpserver sshd[36167]: Invalid user biology from 177.22.81.87 port 53220 ...	2020-09-11 16:15:17
109.70.100.34	attackbots	109.70.100.34 - - \[10/Sep/2020:18:53:56 +0200\] "GET /index.php\?id=ausland%29%2F%2A\&id=%2A%2FAS%2F%2A\&id=%2A%2FEdDk%2F%2A\&id=%2A%2FWHERE%2F%2A\&id=%2A%2F4374%3D4374%2F%2A\&id=%2A%2FAND%2F%2A\&id=%2A%2F5773%3D%28SELECT%2F%2A\&id=%2A%2F%28CASE%2F%2A\&id=%2A%2FWHEN%2F%2A\&id=%2A%2F%285773%3D5773%29%2F%2A\&id=%2A%2FTHEN%2F%2A\&id=%2A%2F5773%2F%2A\&id=%2A%2FELSE%2F%2A\&id=%2A%2F%28SELECT%2F%2A\&id=%2A%2F8460%2F%2A\&id=%2A%2FUNION%2F%2A\&id=%2A%2FSELECT%2F%2A\&id=%2A%2F3396%29%2F%2A\&id=%2A%2FEND%29%29--%2F%2A\&id=%2A%2FKduF HTTP/1.1" 200 12305 "http://www.firma-lsf.eu:80/index.php" "Googlebot $compatible Googlebot/2.1 http://www.google.com/bot.html$" ...	2020-09-11 16:40:37
40.113.124.250	attackspambots	40.113.124.250 - - [11/Sep/2020:09:28:51 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 40.113.124.250 - - [11/Sep/2020:09:28:53 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 40.113.124.250 - - [11/Sep/2020:09:28:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-11 16:22:12
116.87.91.32	attack	Port Scan ...	2020-09-11 16:48:30
119.93.115.89	attackspam	SMB Server BruteForce Attack	2020-09-11 16:46:19
173.242.122.149	attackspam	Sep 11 10:27:44 ip106 sshd[20467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.242.122.149 Sep 11 10:27:46 ip106 sshd[20467]: Failed password for invalid user lafleur from 173.242.122.149 port 50426 ssh2 ...	2020-09-11 16:43:56
27.7.157.119	attackbotsspam	Icarus honeypot on github	2020-09-11 16:26:22
190.74.211.67	attackspambots	[f2b] sshd bruteforce, retries: 1	2020-09-11 16:16:55
195.12.137.210	attackspambots	"Unauthorized connection attempt on SSHD detected"	2020-09-11 16:19:38

Recently Reported IPs

137.226.1.110	43.154.42.99	192.241.208.167	137.226.1.181
137.226.1.186	137.226.1.189	5.167.65.154	3.6.124.111
144.172.73.50	137.226.1.35	5.255.98.151	137.226.0.52
137.226.0.250	45.167.124.5	43.128.3.209	3.129.51.225
137.226.0.224	111.67.197.223	198.38.154.115	176.212.185.149