144.91.64.57 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Contabo GmbH

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2019-12-19 23:12:59

Comments on same subnet:

IP	Type	Details	Datetime
144.91.64.169	attackspam	2020-06-17T08:28:51.722037shield sshd\[6133\]: Invalid user zouyh from 144.91.64.169 port 47212 2020-06-17T08:28:51.725725shield sshd\[6133\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi297175.contaboserver.net 2020-06-17T08:28:53.565042shield sshd\[6133\]: Failed password for invalid user zouyh from 144.91.64.169 port 47212 ssh2 2020-06-17T08:30:14.155440shield sshd\[6246\]: Invalid user z from 144.91.64.169 port 38034 2020-06-17T08:30:14.158110shield sshd\[6246\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi297175.contaboserver.net	2020-06-17 17:08:24
144.91.64.169	attack	2020-06-16T00:27:03.154814shield sshd\[17732\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi297175.contaboserver.net user=root 2020-06-16T00:27:05.554520shield sshd\[17732\]: Failed password for root from 144.91.64.169 port 59788 ssh2 2020-06-16T00:28:26.726747shield sshd\[17886\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi297175.contaboserver.net user=root 2020-06-16T00:28:29.517176shield sshd\[17886\]: Failed password for root from 144.91.64.169 port 51394 ssh2 2020-06-16T00:29:51.358214shield sshd\[17978\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi297175.contaboserver.net user=root	2020-06-16 08:35:44
144.91.64.3	attackbots	Mar 24 07:38:07 game-panel sshd[24985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.91.64.3 Mar 24 07:38:09 game-panel sshd[24985]: Failed password for invalid user giselle from 144.91.64.3 port 35916 ssh2 Mar 24 07:41:55 game-panel sshd[25250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.91.64.3	2020-03-24 15:51:16
144.91.64.3	attackspambots	$f2bV_matches	2020-03-20 08:51:23
144.91.64.3	attackspambots	Mar 16 07:10:51 legacy sshd[25417]: Failed password for root from 144.91.64.3 port 55030 ssh2 Mar 16 07:16:32 legacy sshd[25444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.91.64.3 Mar 16 07:16:34 legacy sshd[25444]: Failed password for invalid user cactiuser from 144.91.64.3 port 55418 ssh2 ...	2020-03-16 20:43:22
144.91.64.194	attack	Honeypot attack, port: 81, PTR: ip-194-64-91-144.static.contabo.net.	2019-10-21 04:46:35
144.91.64.207	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-06 05:19:10
144.91.64.167	attackbotsspam	$f2bV_matches	2019-10-05 23:25:56
144.91.64.161	attackbots	miraniessen.de 144.91.64.161 \[09/Sep/2019:08:21:07 +0200\] "POST /wp-login.php HTTP/1.1" 200 5972 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" miraniessen.de 144.91.64.161 \[09/Sep/2019:08:21:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 5976 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-09-09 15:19:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 144.91.64.57
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8237
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;144.91.64.57.			IN	A

;; AUTHORITY SECTION:
.			421	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121900 1800 900 604800 86400

;; Query time: 77 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 19 23:12:55 CST 2019
;; MSG SIZE  rcvd: 116

Host info

57.64.91.144.in-addr.arpa domain name pointer vmi297071.contaboserver.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
57.64.91.144.in-addr.arpa	name = vmi297071.contaboserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.234.39.194	attackbots	Invalid user edy from 49.234.39.194 port 41670	2020-06-06 01:49:45
13.82.218.20	attackspam	Invalid user inma from 13.82.218.20 port 35700	2020-06-06 01:58:09
41.34.196.83	attack	Invalid user admin from 41.34.196.83 port 39076	2020-06-06 01:53:03
163.172.42.21	attack	Jun 5 10:53:29 debian sshd[12279]: Unable to negotiate with 163.172.42.21 port 55414: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Jun 5 10:53:36 debian sshd[12295]: Unable to negotiate with 163.172.42.21 port 40750: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] ...	2020-06-06 01:23:15
94.78.89.13	attackbots	Invalid user admin from 94.78.89.13 port 49685	2020-06-06 01:43:57
157.230.38.112	attackspambots	2020-06-05T18:00:09.877658struts4.enskede.local sshd\[10608\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.38.112 user=root 2020-06-05T18:00:13.766232struts4.enskede.local sshd\[10608\]: Failed password for root from 157.230.38.112 port 51042 ssh2 2020-06-05T18:04:00.720975struts4.enskede.local sshd\[10650\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.38.112 user=root 2020-06-05T18:04:03.676367struts4.enskede.local sshd\[10650\]: Failed password for root from 157.230.38.112 port 52324 ssh2 2020-06-05T18:07:55.127563struts4.enskede.local sshd\[10697\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.38.112 user=root ...	2020-06-06 01:24:21
14.169.207.209	attack	Invalid user admin from 14.169.207.209 port 43484	2020-06-06 01:56:27
149.202.45.11	attackspam	149.202.45.11 - - [05/Jun/2020:18:20:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2020 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 149.202.45.11 - - [05/Jun/2020:18:20:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2019 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 149.202.45.11 - - [05/Jun/2020:18:20:49 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-06 01:27:11
144.217.105.209	attack	Invalid user bad from 144.217.105.209 port 58148	2020-06-06 01:27:30
41.218.196.212	attackbots	Invalid user admin from 41.218.196.212 port 34757	2020-06-06 01:51:00
14.161.43.154	attackspam	Invalid user admin from 14.161.43.154 port 34683	2020-06-06 01:57:43
103.89.91.179	attackspambots	Invalid user admin from 103.89.91.179 port 58796	2020-06-06 01:43:12
177.79.2.141	attackspambots	Invalid user ubnt from 177.79.2.141 port 55848	2020-06-06 01:22:19
113.190.218.34	attack	Invalid user admin from 113.190.218.34 port 42525	2020-06-06 01:38:57
51.77.211.94	attackbotsspam	Jun 6 03:12:51 localhost sshd[302547]: Connection closed by 51.77.211.94 port 44762 [preauth] ...	2020-06-06 01:48:28

Recently Reported IPs

222.121.61.181	223.167.232.146	189.176.99.140	87.68.145.180
63.108.150.176	132.150.21.220	82.252.130.226	99.38.105.168
91.167.168.100	115.73.117.58	211.157.159.29	123.212.48.26
181.46.140.171	154.127.215.150	245.174.235.129	179.43.169.182
217.112.142.185	111.90.150.237	164.52.0.142	1.250.0.143