IP address

Search at other sites:

--164.68.120.30vmi2544055.contaboserver.net

Shodan(more info)

Passive DNS

IP blacklists

ThreatFox

164.68.120.30 is listed on the ThreatFox blacklist.

Description: ThreatFox is a free platform from abuse.ch with the goal of<br>sharing indicators of compromise (IOCs) associated with malware with the<br>infosec community, AV vendors and threat intelligence providers.
Type of feed: primary (feed detail page)

Last checked at: 2025-10-11 18:10:00.224000
Was present on blacklist at: 2025-10-09 22:10, 2025-10-10 02:10, 2025-10-10 06:10, 2025-10-10 14:10, 2025-10-10 18:10, 2025-10-10 22:10, 2025-10-11 02:10, 2025-10-11 06:10, 2025-10-11 14:10, 2025-10-11 18:10

Origin AS

AS51167 - CONTABO

BGP Prefix

164.68.120.0/23

geo

France, Lauterbourg

🕑 Europe/Paris

hostname

vmi2544055.contaboserver.net

Address block ('inetnum' or 'NetRange' in whois database)

164.68.96.0 - 164.68.127.255

reserved_range

0

Shodan's InternetDB

Open ports: 21, 135, 139, 443, 445, 3001, 3306, 3389, 5985, 30000, 30023, 30027, 50102

Tags: self-signed, open-dir, database, c2

CPEs: cpe:/a:mariadb:mariadb, cpe:/a:apache:http_server:2.4.58, cpe:/a:openssl:openssl:3.1.3, cpe:/a:php:php:8.0.30

ts_added

2025-10-09 22:10:21.069000

ts_last_update

2025-10-13 22:12:20.502000

Warden event timeline

DShield event timeline

Presence on blacklists