JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 144.91.87.42

144.91.87.42 was found in our database!

This IP was reported 102 times. Confidence of Abuse is 100%: ?

100%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi3073830.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 144.91.87.42

Whois 144.91.87.42

IP Abuse Reports for 144.91.87.42:

This IP address has been reported a total of 102 times from 85 distinct sources. 144.91.87.42 was first reported on June 7th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ecs.ge	2026-06-15 21:32:55 (5 days ago)	Automatic Fail2Ban report from jail ssh: multiple matching events detected.	Brute-Force SSH
🇫🇷 masterguru	2026-06-11 01:13:08 (1 week ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 144.91.87.42 (DE/Germany/vmi3073830.c ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 144.91.87.42 (DE/Germany/vmi3073830.contaboserver.net): 2 in the last 3600 secs (0-196) show less	Hacking
🇬🇷 setupgr	2026-06-10 18:52:18 (1 week ago)	(mod_security) mod_security (id:11000011) triggered by 144.91.87.42: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:11000011) triggered by 144.91.87.42: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 10 21:52:16.460036 2026] [security2:error] [pid 1859165:tid 1859348] [client 144.91.87.42:53322] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "contaboserver.net" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "128"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: vmi3073830.contaboserver.net"] [hostname "davids.gr"] [uri "/"] [unique_id "aimyYPPtIMXg7WfnJtDDvAAAAJE"] show less	Port Scan
🇳🇱 GG UNLUCKI	2026-06-10 11:07:48 (1 week ago)	Fail2Ban SSH brute-force ban on MainVps.aurorix.net. jail=sshd; source=fail2ban; no raw log lines in ... show more Fail2Ban SSH brute-force ban on MainVps.aurorix.net. jail=sshd; source=fail2ban; no raw log lines included. show less	Brute-Force SSH
🇯🇵 VXG-NET	2026-06-10 08:43:21 (1 week ago)	port=80, indicator_type=code-execution	Hacking
🇿🇦 agentics	2026-06-10 02:43:11 (1 week ago)	144.91.87.42 is one of many (potentially hijacked) hosts in a botnet. This attack is a large scale i ... show more 144.91.87.42 is one of many (potentially hijacked) hosts in a botnet. This attack is a large scale industrial operation attempting unrelenting brute-force login attempts for months on end - between all CIDR ranges in the botnet, our servers receive over 800 authentication attempts per minute on smtp, imap and relative mail ports, as well as ssh, and other protocols. IP INFO: - IP 144.91.87.42 - Anycast false - City N/A - Region N/A - Region Code N/A - Country N/A (N/A) - Continent N/A (N/A) - Range N/A - Provider N/A - Organisation N/A - Proxy N/A - Type N/A show less	Brute-Force SSH
🇺🇸 chronos	2026-06-08 06:56:18 (1 week ago)	[AUTORAVALT][[08/06/2026 - 03:56:17 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [144. ... show more [AUTORAVALT][[08/06/2026 - 03:56:17 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [144.91.87.42][vmi3073830.contaboserver.net] Action: BLocKed FTP Brute-Force -> Running brute force credentials on the FTP server. Brute-Force -> Credential brute-force attacks on webpage logins and services like SSH, FTP, SIP, SMTP, RDP, etc. ] ... show less	FTP Brute-Force Brute-Force
🇺🇸 chronos	2026-06-08 06:18:52 (1 week ago)	[AUTORAVALT][[08/06/2026 - 03:18:51 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [144. ... show more [AUTORAVALT][[08/06/2026 - 03:18:51 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [144.91.87.42][vmi3073830.contaboserver.net] Action: BLocKed FTP Brute-Force -> Running brute force credentials on the FTP server. Brute-Force -> Credential brute-force attacks on webpage logins and services like SSH, FTP, SIP, SMTP, RDP, etc. ] ... show less	FTP Brute-Force Brute-Force
🇫🇷 Sysadmin Peter	2026-06-08 03:45:28 (1 week ago)	Jun 8 05:45:28 mail sshd[3977937]: Invalid user bockpalast from 144.91.87.42 port 59124 ...	Brute-Force SSH
🇺🇸 chronos	2026-06-08 03:39:54 (1 week ago)	[AUTORAVALT][[08/06/2026 - 00:39:54 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [144. ... show more [AUTORAVALT][[08/06/2026 - 00:39:54 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [144.91.87.42][vmi3073830.contaboserver.net] Action: BLocKed FTP Brute-Force -> Running brute force credentials on the FTP server. Brute-Force -> Credential brute-force attacks on webpage logins and services like SSH, FTP, SIP, SMTP, RDP, etc. ] ... show less	FTP Brute-Force Brute-Force
🇺🇸 bigscoots.com	2026-06-08 00:37:31 (1 week ago)	144.91.87.42 (GB/United Kingdom/vmi3073830.contaboserver.net), 5 distributed sshd attacks on account ... show more 144.91.87.42 (GB/United Kingdom/vmi3073830.contaboserver.net), 5 distributed sshd attacks on account [passiveincomepathways] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 7 19:12:41 14233 sshd[2957]: Invalid user passiveincomepathways from 188.0.240.22 port 49926 Jun 7 19:12:43 14233 sshd[2957]: Failed password for invalid user passiveincomepathways from 188.0.240.22 port 49926 ssh2 Jun 7 19:37:08 14233 sshd[17857]: Invalid user passiveincomepathways from 217.160.224.99 port 57082 Jun 7 19:11:09 14233 sshd[2188]: Invalid user passiveincomepathways from 144.91.87.42 port 56044 Jun 7 19:11:12 14233 sshd[2188]: Failed password for invalid user passiveincomepathways from 144.91.87.42 port 56044 ssh2 IP Addresses Blocked: 188.0.240.22 (IR/Iran/-) 217.160.224.99 (DE/Germany/-) show less	Brute-Force SSH
🇺🇸 blackburied	2026-06-07 23:55:01 (1 week ago)	SSH brute force on kuhioshores	Brute-Force SSH
Anonymous	2026-06-07 22:05:08 (1 week ago)	2026-06-07T19:45:34.186664+02:00 smvps001 sshd-session[568740]: Invalid user pasmac from 144.91.87.4 ... show more 2026-06-07T19:45:34.186664+02:00 smvps001 sshd-session[568740]: Invalid user pasmac from 144.91.87.42 port 37988 2026-06-07T19:45:34.202877+02:00 smvps001 sshd-session[568740]: Connection closed by invalid user pasmac 144.91.87.42 port 37988 [preauth] 2026-06-08T00:05:07.183333+02:00 smvps001 sshd-session[597345]: Invalid user pasmac from 144.91.87.42 port 50582 ... show less	Brute-Force SSH
🇫🇷 tecnicorioja	2026-06-07 22:00:31 (1 week ago)	Failed password for invalid user Jun 07 21:33:51 port 36240	Brute-Force SSH
🇩🇪 nicosqc	2026-06-07 21:12:22 (1 week ago)	Invalid user blueplanetworks from 144.91.87.42 port 55878	Brute-Force SSH

Showing 1 to 15 of 102 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 186.96.158.180

🇺🇸 162.216.150.196

🇺🇸 141.11.88.22

🇳🇱 45.148.10.141

🇺🇸 45.56.66.228

🇷🇴 2.57.122.238

🇸🇪 171.25.158.70

🇺🇸 157.245.253.26

🇪🇸 81.36.95.164

🇺🇸 66.132.224.19

🇻🇳 2405:4803:db33:7090:297b:ece:bde0:d393

🇲🇴 182.93.50.90

🇺🇸 137.184.128.173

🇺🇸 104.206.128.42

🇳🇱 91.92.40.171

🇮🇳 68.183.81.190

🇺🇸 2604:a880:400:d1:0:4:9e7b:b001

🇯🇵 160.251.101.169

🇺🇸 155.103.69.40

🇺🇸 98.84.43.140