Go
91.195.240.126
is an
Open Proxy
used by
Hackers
100 %
Germany
Report Abuse
43attacks reported
14Hacking
7Fraud OrdersHacking
5HackingWeb App Attack
3Port Scan
3Fraud OrdersPhishingWeb SpamEmail SpamHackingSpoofing
2Fraud OrdersHackingIoT Targeted
1Fraud OrdersPhishingWeb SpamEmail SpamSpoofing
1Fraud OrdersHackingPort Scan
1PhishingWeb SpamEmail SpamSpoofing
1PhishingEmail Spam
...
15abuse reported
13Email SpamHacking
1Bad Web BotWeb App Attack
1Email SpamBrute-Force
8malware reported
7Malware
1Exploited Host
4reputation reported
4uncategorized
3organizations reported
3uncategorized
from 9 distinct reporters
and 5 distinct sources : Bambenek Consulting, hpHosts, VoIPBL.org, AbuseIPDB, ip-46.com
91.195.240.126 was first signaled at 2019-02-12 03:07 and last record was at 2019-07-18 16:14.
IP

91.195.240.126

Organization
SEDO GmbH
Localisation
Germany
NetRange : First & Last IP
91.195.240.0 - 91.195.241.255
Network CIDR
91.195.240.0/23

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2019-07-18 16:14 abuse Email SpamHacking AbuseIPDB Jul 19 08:14:02 staklim-malang postfix/smtpd[8494]: lost connection after CONNECT from unknown[unknown]
2019-07-18 01:47 abuse Email SpamHacking AbuseIPDB Jul 18 17:47:39 staklim-malang postfix/smtpd[3376]: lost connection after CONNECT from unknown[unknown]
2019-07-01 03:34 attacks Hacking AbuseIPDB ISP/and local connections/to illegal installed networks/Server Software NginX inet6.com DNS Resource Records Name Type Data inet6.com A 91.195.240.126
2019-07-01 02:00 attacks Hacking AbuseIPDB hacking IT/ISP NginX oneness.net DNS Resource Records Name Type Data oneness.net A 91.195.240.126 oneness.net MX 0 localhost oneness.net NS ns1.sedopa
2019-06-25 10:54 attacks Port Scan AbuseIPDB Port Scanning
2019-06-25 05:14 abuse Bad Web BotWeb App Attack AbuseIPDB  
2019-06-21 07:34 attacks Port Scan AbuseIPDB Potentially distributing SMB port 445 scanning malware
2019-06-18 14:03 attacks Fraud OrdersPhishingWeb SpamEmail Spam AbuseIPDB Virus om IP !
2019-06-18 08:34 attacks Fraud OrdersPhishingWeb SpamEmail Spam AbuseIPDB PHISHING SPAM !
2019-06-17 22:29 attacks Hacking AbuseIPDB catalinaspas.co.uk/not requested brochure/no visit to site/carlos mackinnon/catalan/another neighbours relation/south/abroad/tampering programmers /gs
2019-06-17 17:45 attacks Fraud OrdersPhishingWeb SpamEmail Spam AbuseIPDB Virus on IP !!!
2019-06-17 12:08 attacks Hacking AbuseIPDB schema.org still hacking/kenable.co.uk/
2019-06-17 11:37 attacks Fraud OrdersHacking AbuseIPDB root-servers.com major hacking/assets. prefixes
2019-06-17 08:54 attacks Fraud OrdersHacking AbuseIPDB CATALINA SPAS/Mac spas -sending info out based on search engine/not request/catalan Mac /historically correct/mc /downs Farms/referencing to a conditi
2019-06-17 08:36 attacks Hacking AbuseIPDB hacking other half/works computer/https://www.amazon.co.uk/gp/your-account/order-history/ref=ppx_yo_dt_b_pagination_1_2?ie=UTF8&orderFilter=months
2019-06-17 07:45 attacks Fraud OrdersHacking AbuseIPDB pnet.net A 91.195.240.126 pnet.net MX 0 localhost pnet.net NS ns1.sedoparking.com pnet.net NS ns2.sedoparking.com pnet.net SOA ns1.sedoparking.com. ho
2019-06-17 07:21 attacks Hacking AbuseIPDB tampered bar codes/yodel/XPECT 24 NON POD/X AS IN NginX.net hacking and stalking dev likely mc /fake bar codes +++++*****######______ any on bar codes
2019-06-17 06:36 attacks Fraud OrdersHackingPort Scan AbuseIPDB amazonaws.com is uk/i.e. set up/intentions flood homes with tampered devices/so relatives in IT/spy on people/mostly freemasons/verify supplier Sharma
2019-06-17 05:21 attacks Fraud OrdersHacking AbuseIPDB amazon verification/supplier/stuart farrow /mostly Mac tampering suppliers
2019-06-17 02:03 attacks Fraud OrdersHacking AbuseIPDB fake suppliers on fake amazonaws.com hacking and tampering tech/mastronics. ltd/compost supplier?ama185856/another Mac tech hacker/rochdale/123 -L0001
2019-06-17 00:40 attacks Hacking AbuseIPDB https://groceries.asda.com/search/cat%20treats %20 -1of 3 NS hackers/added for redirecting/also duplicating every site via wrap method/
2019-06-17 00:25 attacks Fraud OrdersHacking AbuseIPDB doubleclick.net another hacking ISP/
2019-06-17 00:10 attacks Fraud OrdersHacking AbuseIPDB catech.net A 91.195.240.126 catech.net MX 0 localhost catech.net NS ns1.sedoparking.com catech.net NS ns2.sedoparking.com catech.net SOA ns1.sedoparki
2019-06-11 10:11 attacks Fraud OrdersPhishingWeb SpamEmail Spam AbuseIPDB PHISHING SPAM !!!
2019-05-05 23:50 attacks Hacking AbuseIPDB links to illegally installed networks into new builds/renovations/always check trader/tv advertisers akamai web workers - unregulated - domain/hostnam
2019-05-04 16:17 abuse Email SpamHacking AbuseIPDB Apr 12 06:22:34 staklim-malang postfix/smtpd[25283]: lost connection after CONNECT from unknown[unknown] Apr 12 06:22:34 staklim-malang postfix/smtpd[
2019-05-03 13:50 attacks HackingWeb App Attack AbuseIPDB 2019-04-12 05:41:07,675 fail2ban.actions [697]: NOTICE [postfix] Ban 91.195.240.126
2019-04-30 12:52 abuse Email SpamHacking AbuseIPDB Apr 12 06:22:34 staklim-malang postfix/smtpd[25283]: lost connection after CONNECT from unknown[unknown] Apr 12 06:22:34 staklim-malang postfix/smtpd[
2019-04-26 00:15 abuse Email SpamHacking AbuseIPDB Apr 12 06:22:34 staklim-malang postfix/smtpd[25283]: lost connection after CONNECT from unknown[unknown] Apr 12 06:22:34 staklim-malang postfix/smtpd[
2019-04-25 15:34 attacks HackingWeb App Attack AbuseIPDB 2019-04-12 05:41:07,675 fail2ban.actions [697]: NOTICE [postfix] Ban 91.195.240.126
2019-04-25 14:47 abuse Email SpamHacking AbuseIPDB Apr 12 06:22:34 staklim-malang postfix/smtpd[25283]: lost connection after CONNECT from unknown[unknown] Apr 12 06:22:34 staklim-malang postfix/smtpd[
2019-04-24 10:21 attacks HackingWeb App Attack AbuseIPDB 2019-04-12 05:41:07,675 fail2ban.actions [697]: NOTICE [postfix] Ban 91.195.240.126
2019-04-24 09:39 abuse Email SpamHacking AbuseIPDB Apr 12 06:22:34 staklim-malang postfix/smtpd[25283]: lost connection after CONNECT from unknown[unknown] Apr 12 06:22:34 staklim-malang postfix/smtpd[
2019-04-24 01:46 abuse Email SpamHacking AbuseIPDB Apr 12 06:22:34 staklim-malang postfix/smtpd[25283]: lost connection after CONNECT from unknown[unknown] Apr 12 06:22:34 staklim-malang postfix/smtpd[
2019-04-19 10:24 attacks PhishingWeb SpamEmail SpamSpoofing AbuseIPDB domain of icanseeyou.com
2019-04-18 23:47 attacks HackingWeb App Attack AbuseIPDB 2019-04-12 05:41:07,675 fail2ban.actions [697]: NOTICE [postfix] Ban 91.195.240.126
2019-04-18 23:16 abuse Email SpamHacking AbuseIPDB Apr 12 06:22:34 staklim-malang postfix/smtpd[25283]: lost connection after CONNECT from unknown[unknown] Apr 12 06:22:34 staklim-malang postfix/smtpd[
2019-04-15 22:55 attacks HackingWeb App Attack AbuseIPDB 2019-04-12 05:41:07,675 fail2ban.actions [697]: NOTICE [postfix] Ban 91.195.240.126
2019-04-15 22:38 abuse Email SpamHacking AbuseIPDB Apr 12 06:22:34 staklim-malang postfix/smtpd[25283]: lost connection after CONNECT from unknown[unknown] Apr 12 06:22:34 staklim-malang postfix/smtpd[
2019-04-15 15:41 abuse Email SpamHacking AbuseIPDB Apr 12 06:22:34 staklim-malang postfix/smtpd[25283]: lost connection after CONNECT from unknown[unknown] Apr 12 06:22:34 staklim-malang postfix/smtpd[
2019-04-15 00:19 attacks Hacking AbuseIPDB links to middle aged men/loitering/also local link/ctag.net/obsessed with other mens wives/sending free gifts/obsessed to online stalking/unregulated
2019-04-11 23:16 abuse Email SpamHacking AbuseIPDB Apr 12 06:22:34 staklim-malang postfix/smtpd[25283]: lost connection after CONNECT from unknown[unknown] Apr 12 06:22:34 staklim-malang postfix/smtpd[
2019-04-11 21:42 abuse Email SpamHacking AbuseIPDB Apr 12 06:22:34 staklim-malang postfix/smtpd[25283]: lost connection after CONNECT from unknown[unknown] Apr 12 06:22:34 staklim-malang postfix/smtpd[
2019-04-09 23:26 attacks Port Scan AbuseIPDB Trying to connect to my Synology router
2019-04-03 08:58 attacks Hacking AbuseIPDB links to tampered dvrs/local hackers/traceability and tracking/and browser hackers tracking all products usually for tampering with/electronic devices
2019-03-13 22:09 attacks PhishingEmail Spam AbuseIPDB  
2019-03-13 08:49 attacks Fraud OrdersHackingIoT Targeted AbuseIPDB try lag locks/or outside our front door/female inside/tasering again/-dogs would be heard whilst out- anyone near door they go mad with barking/female
2019-03-06 08:36 malware Exploited Host AbuseIPDB My firewall is currently blocking activity from 3 PCs in my environment that are trying to contact something at this IP address. Malwarebytes and Eset
2019-03-06 05:09 attacks Fraud OrdersHackingIoT Targeted AbuseIPDB connected to fake delivery set up/91.195.240.126 pnet.net MX 0 localhost pnet.net NS ns1.sedoparking.com pnet.net NS ns2.sedoparking.com pnet.net SOA
2019-03-02 20:41 attacks PhishingHacking AbuseIPDB https://ransomwaretracker.abuse.ch/ip/91.195.240.126/
2019-02-12 03:07 attacks Hacking AbuseIPDB akamai.net parking perverts/local alb de lag locks -mostly related to neighbour -well trained slaves/runaround peoples propter during day and night pr
2019-02-16 15:34 attacks PhishingFraud VoIPOpen ProxyEmail Spam AbuseIPDB Wells Fargo Fraudulent spoofed scam emails asking private information sent from goohome.com = 91.195.240.126
2019-02-18 08:12 attacks HackingIoT Targeted AbuseIPDB likely NS 123 abroad links -plenty based out there/91.195.240.126 Web Server Location Germany Last Updated: Feb 18, 2019 Website and Web Server Inform
2019-02-21 01:44 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=34115 . dpt=80 . src=xx.xx.4.90 . dst=91.195.240.126 . (listed on abuseat-org zen-spamhaus) (475)
2019-02-27 06:40 attacks Hacking AbuseIPDB check the 123 owner of ISP/and staff/likely family related to neighbour -01.net A 91.195.240.126 01.net MX 0 localhost 01.net NS ns1.sedoparking.com 0
2019-02-27 22:40 attacks Hacking AbuseIPDB fake amazon suppliers/tampering with tvs/dvrs/freesats mobiles/set up fraud supplier/pretending to be amazon.co.uk/now known as amazonaws.com hacking
2019-02-27 23:13 attacks Hacking AbuseIPDB set up bar codes for tampered tvs/etc/via programmers/developers/etc/from uk/i.e. relatives abroad in Sedo/send back any bar codes/with combined capit
2019-03-29 18:18 malware Malware bambenek_c2 Bambenek Consulting  
2019-03-29 18:18 malware Malware bambenek_ramnit Bambenek Consulting  
2019-03-29 18:18 malware Malware bambenek_simda Bambenek Consulting  
2019-03-29 18:18 malware Malware bambenek_suppobox Bambenek Consulting  
2019-03-29 18:18 malware Malware bambenek_tinba Bambenek Consulting  
2019-03-29 18:23 organizations coinbl_hosts  
2019-03-29 18:23 organizations coinbl_hosts_browser  
2019-03-29 18:35 organizations hphosts_ats  
2019-03-29 18:35 malware Malware hphosts_emd hpHosts  
2019-03-29 18:35 reputation hphosts_fsa  
2019-03-29 18:35 reputation hphosts_pha  
2019-03-29 18:35 reputation hphosts_psh  
2019-03-29 18:42 malware Malware ransomware_feed  
2019-05-28 23:35 reputation hphosts_wrz  
2019-06-26 00:44 attacks Fraud VoIP voipbl VoIPBL.org  
2019-06-07 05:55 attacks Fraud OrdersEmail Spam ip-46.com  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

inetnum: 91.195.240.0 - 91.195.241.255
netname: SEDO-NET
descr: Sedo Domain Parking
descr: Im Mediapark 6b
descr: 50670 Koeln
country: DE
org: ORG-SA551-RIPE
sponsoring-org: ORG-IG16-RIPE
admin-c: JD10473-RIPE
tech-c: IXCW-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-by: IX1-MNT
created: 2007-10-25T09:36:24Z
last-modified: 2019-01-23T13:43:10Z
source: RIPE

organisation: ORG-SA551-RIPE
org-name: SEDO GmbH
remarks: SEDO-ORG
org-type: OTHER
address: Sedo GmbH
address: Im Mediapark 6
address: 50670 Koeln
abuse-c: IX26-RIPE
mnt-ref: IX1-MNT
mnt-by: IX1-MNT
created: 2007-10-08T16:10:11Z
last-modified: 2019-01-24T09:41:15Z
source: RIPE # Filtered

role: InterNetX Network Crew
address: InterNetX GmbH
address: Johanna-Dachs-Str. 55
address: D-93055 Regensburg
nic-hdl: IXCW-RIPE
phone: +49 941 59559 0
fax-no: +49 941 59579 051
abuse-mailbox: abuse@internetx.com
admin-c: MS4404-RIPE
admin-c: CS5299-RIPE
tech-c: MS4404-RIPE
tech-c: CS5299-RIPE
mnt-by: IX1-MNT
created: 2006-12-06T15:39:30Z
last-modified: 2018-02-14T09:53:42Z
source: RIPE # Filtered

person: Jaenecke Daniel
address: SEDO GmbH
address: Im Mediapark 6
address: 50670 Koeln
address: Deutschland
phone: +49 221 340 30-0
fax-no: +49 221 340 30 5280
nic-hdl: JD10473-RIPE
mnt-by: IX1-MNT
created: 2019-01-23T13:05:37Z
last-modified: 2019-01-23T13:05:37Z
source: RIPE # Filtered

route: 91.195.240.0/23
descr: SEDO GmbH
origin: AS47846
mnt-by: IX1-MNT
created: 2019-01-29T12:43:05Z
last-modified: 2019-01-29T12:43:05Z
source: RIPE
most specific ip range is highlighted
Updated : 2019-07-06