IP address

Search at other sites:
.070144.91.107.99vmi2902592.contaboserver.net
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
Turris greylist
144.91.107.99 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-11 22:15:00.190000
Was present on blacklist at: 2025-12-08 22:15, 2025-12-11 22:15
CI Army
144.91.107.99 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-12-11 03:50:00.929000
Was present on blacklist at: 2025-12-11 03:50
Spamhaus XBL CBL
144.91.107.99 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-13 09:33:30.153000
Was present on blacklist at: 2025-12-13 09:33
Warden events (30)
2025-12-10
ReconScanning (node.4dc198): 10
ReconScanning (node.368407): 6
AnomalyTraffic (node.ffe95c): 2
IntrusionUserCompromise (node.cfb4f7): 4
2025-12-06
ReconScanning (node.4dc198): 4
AnomalyTraffic (node.ffe95c): 3
ReconScanning (node.368407): 1
DShield reports (IP summary, reports)
2025-12-10
Number of reports: 51
Distinct targets: 21
Origin AS
AS51167 - CONTABO
BGP Prefix
144.91.106.0/23
geo
France, Lauterbourg
🕑 Europe/Paris
hostname
vmi2902592.contaboserver.net
Address block ('inetnum' or 'NetRange' in whois database)
144.91.64.0 - 144.91.127.255
last_activity
2025-12-10 22:57:55
last_warden_event
2025-12-10 22:57:55
rep
0.07017299107142856
reserved_range
0
Shodan's InternetDB
Open ports: 22, 1935, 2008, 2453, 2599, 2985, 3050, 3101, 3178, 3301, 4010, 4506, 4808, 5010, 5190, 6432, 7071, 7434, 7999, 8043, 8200, 8333, 8463, 8575, 8589, 8607, 8766, 9008, 9095, 9111, 9306, 9398, 9811, 9872, 9918, 9999, 10243, 11371, 12167, 12198, 12218, 12286, 12351, 12392, 12418, 12476, 12580, 18022, 18065, 18081, 20202, 21247, 21262, 25782, 33060, 35153, 47080, 60010
Tags:
CPEs: cpe:/a:expressjs:express, cpe:/a:openbsd:openssh:9.6p1, cpe:/o:canonical:ubuntu_linux, cpe:/a:nodejs:node.js
ts_added
2025-12-06 09:33:27.834000
ts_last_update
2025-12-18 09:33:30.017000

Warden event timeline

DShield event timeline

Presence on blacklists