144.91.75.55 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): Contabo GmbH

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	5060/udp 5060/udp [2019-11-21]2pkt	2019-11-22 02:31:38

相同子网IP讨论:

IP	类型	评论内容	时间
144.91.75.5	attackspambots	Invalid user admin from 144.91.75.5 port 51424	2020-06-06 01:27:57
144.91.75.5	attackbots	TCP (SYN) 144.91.75.5:39981 -> port 22, len 44	2020-06-01 00:41:43
144.91.75.5	attackspambots	Unauthorized connection attempt detected from IP address 144.91.75.5 to port 22	2020-04-28 02:27:40
144.91.75.5	attackbots	Unauthorized connection attempt detected from IP address 144.91.75.5 to port 22	2020-04-21 01:38:50
144.91.75.5	attack	Invalid user fake from 144.91.75.5 port 39578	2020-04-20 06:05:52
144.91.75.37	attackspambots	proto=tcp . spt=55675 . dpt=3389 . src=144.91.75.37 . dst=xx.xx.4.1 . Listed on abuseat-org plus zen-spamhaus and rbldns-ru (610)	2020-01-26 05:36:51
144.91.75.37	attackspambots	80/udp 5060/udp [2019-11-24/2020-01-22]2pkt	2020-01-22 19:43:39
144.91.75.53	attackspam	SIPVicious Scanner Detection, PTR: vmi303284.contaboserver.net.	2019-11-22 03:18:01
144.91.75.37	attack	scan z	2019-11-04 06:05:27
144.91.75.37	attackbotsspam	3389BruteforceFW23	2019-11-01 03:06:10
144.91.75.56	attackspam	scan r	2019-10-23 06:59:35

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 144.91.75.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52367
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;144.91.75.55.			IN	A

;; AUTHORITY SECTION:
.			574	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112100 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 22 02:31:35 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

55.75.91.144.in-addr.arpa domain name pointer vmi303275.contaboserver.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
55.75.91.144.in-addr.arpa	name = vmi303275.contaboserver.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
192.144.218.143	attack	bruteforce detected	2020-03-31 14:27:39
58.218.150.170	attackspambots	2020-03-31T05:46:44.118108 sshd[12240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.218.150.170 user=root 2020-03-31T05:46:46.055021 sshd[12240]: Failed password for root from 58.218.150.170 port 40652 ssh2 2020-03-31T05:53:03.889669 sshd[12279]: Invalid user www from 58.218.150.170 port 50228 ...	2020-03-31 14:22:57
49.233.130.95	attack	Invalid user puq from 49.233.130.95 port 48784	2020-03-31 14:33:13
185.151.242.185	attackspambots	Unauthorized connection attempt from IP address 185.151.242.185 on Port 3389(RDP)	2020-03-31 15:28:06
94.33.52.178	attack	$f2bV_matches	2020-03-31 14:28:41
51.91.91.182	attackbotsspam	51.91.91.182 was recorded 9 times by 9 hosts attempting to connect to the following ports: 123. Incident counter (4h, 24h, all-time): 9, 9, 9	2020-03-31 14:26:40
156.96.155.230	attackbots	Mar 31 06:59:57 debian-2gb-nbg1-2 kernel: \[7889851.925306\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=156.96.155.230 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=TCP SPT=59393 DPT=11211 WINDOW=65535 RES=0x00 SYN URGP=0	2020-03-31 14:51:16
194.26.29.119	attackbotsspam	Mar 31 08:19:10 debian-2gb-nbg1-2 kernel: \[7894604.624111\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.119 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x00 TTL=239 ID=40324 PROTO=TCP SPT=55730 DPT=2254 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-31 14:42:43
2601:589:4480:a5a0:84b2:5a83:9c77:56fe	attackspambots	IP address logged by my Netflix account after the individual hacked into and locked me out of my account. Individual also changed my account settings to the most expensive plan, which allows multiple people (profiles) to watch, and several profiles were added. The name on my account was changed to "Juan". I contacted Netflix to have my account restored, so I was able to see the various IP addresses used. I will report all of them as well.	2020-03-31 14:21:55
185.246.128.133	attack	RDP Bruteforce	2020-03-31 15:25:37
171.67.70.85	attack	ET SCAN Zmap User-Agent (zgrab) - port: 80 proto: TCP cat: Detection of a Network Scan	2020-03-31 15:34:09
176.113.115.250	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 3399 proto: TCP cat: Misc Attack	2020-03-31 15:31:35
193.254.245.178	attack	ET SCAN Sipvicious Scan - port: 5060 proto: UDP cat: Attempted Information Leak	2020-03-31 14:43:36
180.76.150.29	attackbotsspam	Mar 31 08:12:27 srv01 sshd[8237]: Invalid user tokamak from 180.76.150.29 port 45722 Mar 31 08:12:27 srv01 sshd[8237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.150.29 Mar 31 08:12:27 srv01 sshd[8237]: Invalid user tokamak from 180.76.150.29 port 45722 Mar 31 08:12:29 srv01 sshd[8237]: Failed password for invalid user tokamak from 180.76.150.29 port 45722 ssh2 Mar 31 08:15:12 srv01 sshd[8447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.150.29 user=root Mar 31 08:15:14 srv01 sshd[8447]: Failed password for root from 180.76.150.29 port 45708 ssh2 ...	2020-03-31 14:22:26
162.243.133.57	attack	Unauthorized connection attempt detected from IP address 162.243.133.57 to port 514	2020-03-31 15:35:42

最近上报的IP列表

70.91.14.54	223.65.186.67	82.176.142.181	180.76.232.66
82.232.12.204	113.22.11.106	108.187.204.204	119.17.211.92
218.100.132.159	71.165.225.20	98.239.105.141	75.26.195.196
12.105.66.40	111.20.147.3	93.42.173.97	156.185.229.1
1.40.101.204	164.214.56.219	191.217.132.204	14.176.255.78