AbuseIPDB » 137.226.113.44

Check an IP Address, Domain Name, or Subnet

e.g. 3.236.70.233, microsoft.com, or 5.188.10.0/24

137.226.113.44 was found in our database!

This IP was reported 1,594 times. Confidence of Abuse is 0%: ?

ISP	RWTH Aachen University
Usage Type	University/College/School
Hostname(s)	researchscan36.comsys.rwth-aachen.de
Domain Name	rwth-aachen.de
Country	Germany
City	Aachen, Nordrhein-Westfalen

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Important Note: 137.226.113.44 is an IP address from within our whitelist. Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

According to our records, this IP belongs to the subnet 137.226.113.0/26, identified as: "netray.io Internet Observatory"

Report 137.226.113.44

Whois 137.226.113.44

IP Abuse Reports for 137.226.113.44:

This IP address has been reported a total of 1,594 times from 99 distinct sources. 137.226.113.44 was first reported on June 18th 2021, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	Date	Comment	Categories
Anonymous	01 Feb 2023	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
Anonymous	31 Jan 2023	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
Anonymous	30 Jan 2023	Port scan - 20 hits (greater than 5)	Port Scan
Anonymous	30 Jan 2023	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
Anonymous	29 Jan 2023	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
Anonymous	28 Jan 2023	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
Anonymous	27 Jan 2023	port scan and connect, tcp 443 (https)	Port Scan
pa4080	27 Jan 2023	Detected by ModSecurity. Request URI: /welcome.php	Hacking Web App Attack
10dencehispahard SL	27 Jan 2023	Suspicious activity detected by Modsecurity [Suspicious IP found on 8 servers 8 times. Reincident by ... show moreSuspicious activity detected by Modsecurity [Suspicious IP found on 8 servers 8 times. Reincident by 4. Rules:] show less	Port Scan Web App Attack
Emily	27 Jan 2023	Jan 27 18:07:56 box kernel: [1119364.626094] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=137.226.113.4 ... show moreJan 27 18:07:56 box kernel: [1119364.626094] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=137.226.113.44 DST=[munged] LEN=1280 TOS=0x00 PREC=0x00 TTL=52 ID=40059 DF PROTO=UDP SPT=45046 DPT=443 LEN=1260 Jan 27 18:07:57 box kernel: [1119365.626227] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=137.226.113.44 DST=[munged] LEN=1280 TOS=0x00 PREC=0x00 TTL=52 ID=40060 DF PROTO=UDP SPT=45046 DPT=443 LEN=1260 Jan 27 18:07:59 box kernel: [1119367.626303] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=137.226.113.44 DST=[munged] LEN=1280 TOS=0x00 PREC=0x00 TTL=52 ID=40061 DF PROTO=UDP SPT=45046 DPT=443 LEN=1260 Jan 27 18:08:36 box kernel: [1119404.280453] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=137.226.113.44 DST=[munged] LEN=1280 TOS=0x00 PREC=0x00 TTL=52 ID=47768 DF PROTO=UDP SPT=58495 DPT=443 LEN=1260 Jan 27 18:08:37 box kernel: [1119405.280427] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=137.226.113.44 DST=[munged] LEN=1280 TOS=0x00 PREC=0x00 TTL=52 ID=47769 DF PROTO=UDP SPT=58495 DPT=443 LEN=1260 show less	Port Scan
el-brujo	27 Jan 2023	27/Jan/2023:16:56:07 +0100Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 137.226 ... show more27/Jan/2023:16:56:07 +0100Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 137.226.113.44] ModSecurity: Warning. Matched phrase "zgrab" at REQUEST_HEADERS:User-Agent. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "54"] [id "913100"] [msg "Found User-Agent associated with security scanner"] [data "Matched Data: zgrab found within REQUEST_HEADERS:User-Agent: mozilla/5.0 zgrab/0.x (compatible; researchscan/http; +http://researchscan.comsys.rwth-aachen.de)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-scanner"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/118/224/541/310"] [tag "PCI/6.5.10"] [hostname "www.offroadcup.org"] [uri "/"] [unique_id "Y9P0F0xywI08rgOlMCE8dAAAAE0"] ... show less	Hacking
ISPLtd	27 Jan 2023	Jan 27 11:22:32 SRC=137.226.113.44 PROTO=UDP SPT=45406 DPT=443 Jan 27 11:22:33 SRC=137.226.113 ... show moreJan 27 11:22:32 SRC=137.226.113.44 PROTO=UDP SPT=45406 DPT=443 Jan 27 11:22:33 SRC=137.226.113.44 PROTO=UDP SPT=45406 DPT=443 Jan 27 11:22:35 SRC=137.226.113.44 PROTO=UDP SPT=45406 DPT=443 ... show less	Port Scan
el-brujo	27 Jan 2023	27/Jan/2023:15:51:20 +0100Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 137.226 ... show more27/Jan/2023:15:51:20 +0100Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 137.226.113.44] ModSecurity: Warning. Matched phrase "zgrab" at REQUEST_HEADERS:User-Agent. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "54"] [id "913100"] [msg "Found User-Agent associated with security scanner"] [data "Matched Data: zgrab found within REQUEST_HEADERS:User-Agent: mozilla/5.0 zgrab/0.x (compatible; researchscan/http; +http://researchscan.comsys.rwth-aachen.de)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-scanner"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/118/224/541/310"] [tag "PCI/6.5.10"] [hostname "www.el-hacker.org"] [uri "/"] [unique_id "Y9Pk6N0k69CdXNA2J6-BpQAB0QM"] ... show less	Hacking
Anonymous	27 Jan 2023	Triggered: repeated knocking on closed ports.	Port Scan
el-brujo	27 Jan 2023	27/Jan/2023:12:34:42 +0100Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 137.226 ... show more27/Jan/2023:12:34:42 +0100Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 137.226.113.44] ModSecurity: Warning. Matched phrase "zgrab" at REQUEST_HEADERS:User-Agent. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "54"] [id "913100"] [msg "Found User-Agent associated with security scanner"] [data "Matched Data: zgrab found within REQUEST_HEADERS:User-Agent: mozilla/5.0 zgrab/0.x (compatible; researchscan/http; +http://researchscan.comsys.rwth-aachen.de)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-scanner"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/118/224/541/310"] [tag "PCI/6.5.10"] [hostname "www.elhacker.info"] [uri "/"] [unique_id "[email protected]"] ... show less	Hacking