137.226.113.221

Basic Info

City: Aachen

Region: North Rhine-Westphalia

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
137.226.113.10	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-12 01:59:28
137.226.113.10	attackbots	Port scan denied	2020-09-11 17:50:45
137.226.113.56	attackbotsspam	4843/tcp 1883/tcp 8883/tcp... [2020-06-14/08-11]44pkt,5pt.(tcp)	2020-08-12 07:49:20
137.226.113.56	attackspam	Unauthorized connection attempt detected from IP address 137.226.113.56 to port 4840 [T]	2020-07-20 06:50:01
137.226.113.56	attackbots	Port Scan ...	2020-07-14 02:14:02
137.226.113.9	attackspambots	port scan and connect, tcp 443 (https)	2020-06-06 21:06:05
137.226.113.56	attackbots	srv02 Mass scanning activity detected Target: 102(iso-tsap) ..	2020-06-01 20:17:23
137.226.113.27	attackbots	mozilla/5.0+zgrab/0.x+(compatible;+researchscan/t12sns;++http://researchscan.comsys.rwth-aachen.de)	2020-05-31 07:27:51
137.226.113.31	attackspambots	Port Scan detected from 137.226.113.31 (DE/Germany/researchscan23.comsys.rwth-aachen.de). 5 hits in the last 35 seconds	2020-05-25 17:19:31
137.226.113.10	attack	137.226.113.10	2020-04-14 12:57:11
137.226.113.56	attack	Apr 13 15:48:24 debian-2gb-nbg1-2 kernel: \[9044698.686856\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=137.226.113.56 DST=195.201.40.59 LEN=64 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=TCP SPT=47703 DPT=102 WINDOW=65535 RES=0x00 SYN URGP=0	2020-04-14 01:14:48
137.226.113.56	attackbots	" "	2020-04-06 00:29:43
137.226.113.10	attack	Mar 5 21:51:17 debian-2gb-nbg1-2 kernel: \[5700646.129243\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=137.226.113.10 DST=195.201.40.59 LEN=1228 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=UDP SPT=50832 DPT=443 LEN=1208	2020-03-06 05:32:53
137.226.113.56	attack	Unauthorized connection attempt detected from IP address 137.226.113.56 to port 102 [J]	2020-03-03 00:36:56
137.226.113.56	attackbots	Unauthorized connection attempt detected from IP address 137.226.113.56 to port 4840 [J]	2020-03-02 02:31:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 137.226.113.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1455
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;137.226.113.221.		IN	A

;; AUTHORITY SECTION:
.			329	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022061102 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 12 09:16:40 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 221.113.226.137.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 221.113.226.137.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.213.19.83	attackbots	xmlrpc attack	2019-09-06 23:15:54
167.71.41.110	attackbots	Sep 6 17:09:54 lenivpn01 kernel: \[15410.694924\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=167.71.41.110 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=32300 DF PROTO=TCP SPT=52830 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Sep 6 17:09:55 lenivpn01 kernel: \[15411.724858\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=167.71.41.110 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=32301 DF PROTO=TCP SPT=52830 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Sep 6 17:09:57 lenivpn01 kernel: \[15413.741001\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=167.71.41.110 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=32302 DF PROTO=TCP SPT=52830 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 ...	2019-09-06 23:24:12
185.230.125.48	attackspam	B: Magento admin pass test (wrong country)	2019-09-06 22:23:25
222.64.159.156	attack	Sep 6 04:39:34 sachi sshd\[25303\]: Invalid user redbot from 222.64.159.156 Sep 6 04:39:34 sachi sshd\[25303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.64.159.156 Sep 6 04:39:35 sachi sshd\[25303\]: Failed password for invalid user redbot from 222.64.159.156 port 53560 ssh2 Sep 6 04:45:12 sachi sshd\[25785\]: Invalid user postgres from 222.64.159.156 Sep 6 04:45:12 sachi sshd\[25785\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.64.159.156	2019-09-06 22:59:36
37.110.44.235	attackbots	C2,WP GET /wp-login.php	2019-09-06 22:18:52
193.32.163.182	attackspambots	Automatic report - Banned IP Access	2019-09-06 22:27:09
112.85.42.232	attack	sep 06 17:16:19 raspberrypi sshd[2314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.232 user=root sep 06 17:16:22 raspberrypi sshd[2314]: Failed password for root from 112.85.42.232 port 53257 ssh2 sep 06 17:16:22 raspberrypi dhcpcd[447]: eth0: Router Advertisement from fe80::fa8e:85ff:fede:826a sep 06 17:16:25 sshd[2314]: Failed password for root from 112.85.42.232 port 53257 ssh2 sep 06 17:16:29 sshd[2314]: Failed password for root from 112.85.42.232 port 53257 ssh2 sep 06 17:16:31 sshd[2314]: Received disconnect from 112.85.42.232 port 53257:11: [preauth] sep 06 17:16:31 sshd[2314]: Disconnected from authenticating user root 112.85.42.232 port 53257 [preauth] sep 06 17:16:31 sshd[2314]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.232 user=root	2019-09-06 23:19:33
35.164.50.83	attackspambots	WordPress wp-login brute force :: 35.164.50.83 0.180 BYPASS [07/Sep/2019:00:11:45 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-06 22:29:18
187.87.38.63	attackspam	Sep 6 16:46:53 lenivpn01 kernel: \[14029.871393\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=187.87.38.63 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=6086 DF PROTO=TCP SPT=45734 DPT=22 WINDOW=14600 RES=0x00 SYN URGP=0 Sep 6 16:46:54 lenivpn01 kernel: \[14030.870726\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=187.87.38.63 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=6087 DF PROTO=TCP SPT=45734 DPT=22 WINDOW=14600 RES=0x00 SYN URGP=0 Sep 6 16:46:56 lenivpn01 kernel: \[14032.883191\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=187.87.38.63 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=6088 DF PROTO=TCP SPT=45734 DPT=22 WINDOW=14600 RES=0x00 SYN URGP=0 ...	2019-09-06 22:49:06
200.5.229.58	attack	Sep 6 04:06:00 auw2 sshd\[31275\]: Invalid user minecraft from 200.5.229.58 Sep 6 04:06:00 auw2 sshd\[31275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.5.229.58 Sep 6 04:06:02 auw2 sshd\[31275\]: Failed password for invalid user minecraft from 200.5.229.58 port 55975 ssh2 Sep 6 04:11:40 auw2 sshd\[31942\]: Invalid user hadoop from 200.5.229.58 Sep 6 04:11:40 auw2 sshd\[31942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.5.229.58	2019-09-06 22:22:50
106.12.24.108	attack	Sep 6 16:30:01 SilenceServices sshd[13444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.24.108 Sep 6 16:30:03 SilenceServices sshd[13444]: Failed password for invalid user gitolite3 from 106.12.24.108 port 49454 ssh2 Sep 6 16:36:17 SilenceServices sshd[15776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.24.108	2019-09-06 22:49:58
92.63.194.70	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-06 22:44:18
2.32.86.50	attack	Sep 6 16:24:19 eventyay sshd[6182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.32.86.50 Sep 6 16:24:21 eventyay sshd[6182]: Failed password for invalid user sinusbot from 2.32.86.50 port 59768 ssh2 Sep 6 16:28:33 eventyay sshd[6233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.32.86.50 ...	2019-09-06 22:40:30
89.254.148.26	attack	Sep 6 04:23:48 tdfoods sshd\[15920\]: Invalid user admin1 from 89.254.148.26 Sep 6 04:23:48 tdfoods sshd\[15920\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.254.148.26 Sep 6 04:23:50 tdfoods sshd\[15920\]: Failed password for invalid user admin1 from 89.254.148.26 port 34254 ssh2 Sep 6 04:28:02 tdfoods sshd\[16280\]: Invalid user demo from 89.254.148.26 Sep 6 04:28:02 tdfoods sshd\[16280\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.254.148.26	2019-09-06 22:39:32
180.97.31.28	attackbots	Sep 6 04:24:42 kapalua sshd\[23284\]: Invalid user git from 180.97.31.28 Sep 6 04:24:42 kapalua sshd\[23284\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.31.28 Sep 6 04:24:44 kapalua sshd\[23284\]: Failed password for invalid user git from 180.97.31.28 port 52529 ssh2 Sep 6 04:28:11 kapalua sshd\[23576\]: Invalid user ubuntu from 180.97.31.28 Sep 6 04:28:11 kapalua sshd\[23576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.31.28	2019-09-06 22:46:23

Recently Reported IPs

137.226.113.159	137.226.115.39	137.226.114.74	137.226.115.89
137.226.117.69	137.226.113.13	137.226.180.58	137.226.180.112
137.226.181.35	137.226.181.67	137.226.181.90	137.226.181.105
137.226.181.15	137.226.181.58	13.37.219.229	137.226.115.180
137.226.116.238	137.226.113.14	137.226.181.216	137.226.9.24