Loading...

91.224.160.192 is in Group, Netherlands

91.224.160.192 is known for brute force, DDOS, directory harvest, DNS cache poisoning, firewall alert, hacking, malware, port scanning.

The report has been created on May 25, 2017 09:25:29
The IP address 91.224.160.192 belongs to Bergdorf Group Ltd. ISP in Group (Zuid-Holland, 11), Netherlands (51.7862014771 and 4.43769979477). The hostname is 91.224.160.192.
Netherlands (Kingdom of the Netherlands, NLD) is a High income: OECD country in Europe & Central Asia. The currency is Euro.
As of May 25, 2017 09:25:29 we have 47 complaint(s) about 91.224.160.192. Based on our records, the 91.224.160.192 has been involved in brute force, DDOS, directory harvest, DNS cache poisoning, firewall alert, hacking, malware, port scanning, etc.

91.224.160.192

IP Address Country:  Netherlands (NL)
IP Address Region:11 Zuid-Holland
IP Address City:Group
IP Postal Code
IP Address Area Code0
IP Metro Code0
IP Address Latitude:51.7862014771
IP Address Longitude:4.43769979477
IP Address ISP: Bergdorf Group Ltd.
Organisation:
IP Address Proxy:
IP Address Host:91.224.160.192
Map is loading...

If 91.224.160.192 is causing you trouble (doing SPAM, brute-force, DOS attack, phishing, or other fraud), you can report the abuser right here!



We have 47 complaints about 91.224.160.192


Anonymous user from 83.84.168.14 in Netherlands
>2 months agolooking for .git file access - in Directory Harvest
"Netherlands Amsterdam Bergdorf Group Ltd IP address 91.224.160.116 is canning for .git directories on my webserver.
This has happened a few times now and i'm clueless what they are searching for."

Anonymous user from 217.85.53.24 in Germany
>2 months agoBrute Force atac on German Wesite - in Brute Force
"The IP 91.224.160.212 is trying to get into a typo3-website now for more than one month. What kind of provider is this?"

Anonymous user from 91.40.140.203 in Germany
>3 months agoBruteForce Attacks on Typo3 Backend - in Brute Force
"Trying to login to the Typo3 Backend for a couple of weeks now.
Every 4 hours 4-6 attacks trying bruteforce for password."

Anonymous user from 145.131.234.170 in Netherlands
>3 months agoNetwork Treats attempt to connect - in Firewall Alert
"Suspicious IP 91.224.160.214 attempted to connect to <server>. Second time today. Earlier today 91.224.160.214 and 91.224.160.37 tried to connect to our servers."

Anonymous user from 204.191.22.21 in Canada
>3 months agoNetwork Treats attempt to connect - in Firewall Alert
"Trying to connect to our Server destroying our server, Snicking behind internet to remote in. Their IP address was familiar and we don't have any connection either business transaction to them. "

Anonymous user from 5.10.41.164 in Germany
>3 months agoAttack on Typo3 Backend - in Brute Force
"From this ip we have for several days every 3 to 4 hours attempts to login with admin, admin123 or similar user."

Anonymous user from 82.74.123.246 in Netherlands
>3 months agoBrute force ssh - in Brute Force
"The IP 91.224.160.108 has just been banned by Fail2Ban after
3 attempts against ssh.

The Ip is trying to gain access trough ssh.

"

Anonymous user from 80.145.47.230 in Germany
>3 months agoAttack on TYPO3 - in Brute Force
"It is trying different admins accounts (like admin, adminstrator, admin123, all don't exist) on my TYPO3 backend. Very bad! "

Anonymous user from 78.49.254.23 in Germany
>3 months agoWebsite Adminstration Attacks - in Brute Force
"Since about a week trying to bruteforce some not existing accounts on our TYPO3 backend.
Well, being blacklisted doesn't make it easier. :P"

Anonymous user from 72.49.217.69 in United States
>4 months agoBergdorf-Group - in Brute Force
"They have a wide range of IP addresses. Keep hammering us from 91.224.160.131. IP is blocked but WTF, don't these folks have something better to do than to keep trying to poke us in the orifice with their junk, over and over? How about an airstrike, NATO?"

Anonymous user from 68.83.190.33 in United States
>4 months agoTrying to access my personal NAS - in Firewall Alert
"Trying to access my personal NAS. Trying to access my personal NAS. Trying to access my personal NAS. Trying to access my personal NAS"

Anonymous user from 80.156.207.26 in Germany
>4 months agoWebsite Adminstration Attacks - in Brute Force
"got Login attack since 2 days for my website backend from IP 91.224.160.212 - STOP THAT! Or can anybody help me?"

Anonymous user from 86.87.233.128 in Netherlands
>4 months agoBrute force attacks - in Brute Force
"Reoccurring brute force login attacks from this IP address. Shows up as a bad IP attempting to login to my web servers repeatedly."

Anonymous user from 188.195.127.164 in Germany
>4 months agoSSH Bruteforce - in Brute Force
"Got attack yesterday by 91.224.161.88 and today by 91.224.160.108. Both was an SSH Bruteforce and the addresses got blocked after a few retrys."

Anonymous user from 83.8.194.37 in Poland
>6 months agoBrute force - in Brute Force
"From past 3 days brute force attacks for SSH service from this IP. Banned by Fail2Ban. Attacks are repeated despite SSH having secured key and 2-ways authentication for certain users only."

Anonymous user from 85.253.99.55 in Estonia
>6 months agoMany brute force attempts - in Brute Force
"
Bergdorf Group Ltd is, after some investigation this shady company : http://www.3nt.com/
3NT Solutions LLP, DALTON HOUSE 60, WINDSOR AVENUE, LONDON, SW19 2RR

Proof :
https://companycheck.co.uk/director/915904261/BERGDORF-GROUP-LTD/companies"

Anonymous user from 77.47.32.67 in Germany
>7 months agoSSH Brute Force on Synology Router - in Brute Force
"Intrusion Prevention has blocked the Network attack :-)
F*ck to the Bergdorf Group Ldt !
F*ck to the Bergdorf Group Ldt !
"

Anonymous user from 95.111.0.131 in Bulgaria
>7 months agoSSH brute force - in Brute Force
"Repeatedly tries to brute-force over SSH.
I see this is already mentioned many times below.
These guys should be taken down and soon."

Anonymous user from 84.194.203.96 in Belgium
>7 months agobrute force attack with SSH on synology nas - in Brute Force
"We had abrute force attack with SSH on synology nas with company data. Attack was blocked true the nas defence system."

Anonymous user from 87.94.14.36 in Finland
>9 months agotrying to attack the server - in Brute Force
"trying bruteforce to access the server trying bruteforce to access the server trying bruteforce to access the server trying bruteforce to access the server"
>9 months agoddos atack - in DDOS
"hi
I have a several attacks from this IP
I don't know what to do
please check this IP for me"

Anonymous user from 104.6.25.32 in
>9 months agoAttempted access into my network - in Firewall Alert
"This IP and several associated are attempting to gain entry into my network but have so far been blocked by the firewall."
>10 months agoCracker Hole - in Brute Force
"Trying to bust in with ssh. Trying to log in with "test' "admin' "root" accounts. Tries every couple of seconds."

Anonymous user from 95.91.204.244 in Germany
>10 months agoSSH Brute Force - in Brute Force
".........................
Trying to get into the SSH service - Fail2Ban message.
1 PM, 20.07.2016

root access is blocked, they were not able to get into the system :D
.........................
"

Anonymous user from 24.91.16.212 in United States
>10 months agoBrute force with SSH with user "admin" - in Brute Force
"attempts to ssh into admin account detected by my home server; they are blocked. eff these guys. someone should take them down."

Anonymous user from 212.56.155.164 in Malta
>10 months agotrying to connect via SSH with user 'root' - in Brute Force
"They're trying to connect via SSH with user 'root'. Good thing 'root' isn't allowed to connect via SSH, so they're getting blocked every time. "

Anonymous user from 78.55.12.195 in Germany
>10 months agoTrying brute force with root user - in Brute Force
"They're trying to connect via SSH with user 'root'. Good thing 'root' isn't allowed to connect via SSH, so they're getting blocked every time. "

Anonymous user from 122.176.87.183 in India
>11 months agohacking - in Firewall Alert
"they are try to log on our network of hundred times may i know why this happens again and again "

Anonymous user from 41.138.243.150 in Kenya
>11 months agoBrute Force attack - in Brute Force
"jun/06/2016 18:51:13 system,error,critical login failure for user user from 91.224.160.10 via ssh
jun/06/2016 18:51:14 system,error,critical login failure for user user from 91.224.160.10 via ssh
jun/06/2016 18:51:21 system,error,critical login failure "

Anonymous user from 88.159.52.202 in Netherlands
>1 year agotrying to login on port 22 synology nas - in Brute Force
"This IP address 91.224.160.49 has tried to login on my synology NAS on port 22. Firewall automatically blocked this IP."

Anonymous user from 73.239.72.228 in United States
>1 year agoMultiple Attempts To Breach WP Admin (IP 91.224.160.120) - in Brute Force
"Made three attempts to log into WP Admin as administrator, but months ago we, (a) changed the admin login URL to something long and obscure, and (b) set an option in WordFence (security plugin) to block any probes for the admin login URL."
>1 year ago91.224.160.25 Bergdorf Group, Ltd - in Firewall Alert
"Frequent attempts blocked by my firewall. As many as 10 per day. I have no business at all with this outfit."

Anonymous user from 110.143.95.194 in Australia
>1 year agoattempt to get into my website account - in Hacking
"This IP address: 91.224.160.25 attempts to get into my corporate wordpress website account nearly every day!!! I have been getting logs that the maximum number of attempts has been reached for a month now - all from this IP address!"

Anonymous user from 171.96.184.231 in Thailand
>1 year agoAttempts To Login to Admin - in Brute Force
"Attempts made to login to the admin area of a website of mine - IP auto blocked after 3 attempts."
>1 year agoBrute Force - in Brute Force
"This IP has been brute force attacking my website for the past hour. Currently I have already logged 33 failed attempts."

Anonymous user from 79.229.205.129 in Germany
>1 year agoHacker - in Brute Force
"Trying to brute-force into systems on our server obviously bot or user whos trying to get into systems .. .."

Anonymous user from 201.253.136.150 in Argentina
>2 years agoThey hacked our website - in Hacking
"They hacked our website. They think they are a big thing damaging small companies.

Here are there known numbers

+44 20 81333030
+501 622 0011"
>4 years agooutgoing data to this ip - in Malware
"ATTACKS ARE OUTGOING TO THIS IP FROM MALware from the program azureus and are consistently outgoing around every 3-5 min malewarbytes reported this action to me and is so consistanly doing a full security scan for maleware rootkits viruses worms etc"
>4 years agooutgoing data to this ip - in Malware
"ATTACKS ARE OUTGOING TO THIS IP FROM MALware from the program azureus and are consistently outgoing around every 3-5 min malewarbytes reported this action to me and is so consistanly doing a full security scan for maleware rootkits viruses worms etc"

Anonymous user from 70.80.199.16 in Canada
>4 years agoWordpress attack??? - in Brute Force
"A host, 91.224.160.35(you can check the host at http://ip-adress.com/ip_tracer/91.224.160.35) has been locked out of the WordPress site at http://decibase.com until Sunday, November 4th, 2012 at 4:04:09 pm UTC due to too many login attempts. You may login to the site to manually release the lock if necessary."

Anonymous user from 58.96.37.81 in Australia
>4 years agoComplaint about 91.224.160.192 - in Firewall Alert
"This and several others are constantly being blocked (for what I can see) by Malwarebytes, and antivirus I have very little knowledge of computers and I do not know what it does or how to remove it, I have had several scans with different antimalware programs, cannot detect this or any other, I do know that they steal information etc."

Anonymous user from 75.139.58.176 in United States
>4 years agoMalicious - in Port Scanning
"Plain and simple, this IP needs to be blocked from access outside of it's local ISP. It is malicious and does not deserve access to the Internet."

Anonymous user from 2.216.238.59 in
>4 years agokeylogging - in Brute Force
"Hijacked my Hotmail email info now using azureus to open ports for outward bound try to get info back on key logging not sure if it has corrupted my csrss.exe file as yet "
>4 years agoKeeps on tring to access my pc - in Malware
"Same thing as last guy - Malwharebites constantly blocks this IP address on my pc. Use the same program. im getting anoyed of the constant attack!"
>5 years agoBlocking - in Malware
"Malwharebites constantly blocks this IP address on my pc. I'm not sure what its agenda is, but I'm sick of it trying to access my pc."

Anonymous user from 98.246.40.84 in United States
>5 years agoDNS Cache Poisoning - in DNS Cache Poisoning
"91.224.160.192 Attempted DNS Cache Poisoning. Also attempted to hack google mail and redirect facebook to false lookalike site. Fuck them"

Anonymous user from 195.191.165.5 in Netherlands
>5 years agoKnown for several bad things - in Malware
"Malawarebytes has blocked this many times and upon looking up IP found this info as this IP hosted by bergdorf group:

Bergdorf Group is a well known malicious internet operation who appeared on the Scam Alert Radar by the end of 2010. Botnet operations reached a peak during April 2011 under the hospices Altus Host with 1250 hits on a single domain in less than 32 hours.

Bergdorf Group is apparently moving around between hosting providers and registrars. Recent countries involved in the provision of services to Bergdorf Group includes the Netherlands, Germany, United Kingdom, British Virgin Islands, Cocos (Keeling) Islands, Latvia, India, Pakistan and lately Serbia.

The most prominent service provider for Bergdorf Group during the past 12 months is Altus Host, who apparently do not enforce their policies or is only concerned about abusive behavior towards their own customers."

WHOIS for 91.224.160.192

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '91.224.160.0 - 91.224.161.255'

inetnum: 91.224.160.0 - 91.224.161.255
netname: Bergdorf-network
descr: Bergdorf Group Ltd.
country: NL
org: ORG-BGL9-RIPE
admin-c: AJ2256-RIPE
tech-c: AJ2256-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-by: AINT-MNT
mnt-routes: AINT-MNT
mnt-domains: AINT-MNT
source: RIPE # Filtered

organisation: ORG-BGL9-RIPE
org-name: Bergdorf Group Ltd.
org-type: other
address: 3A Little Denmark Complex, 147 Main Street, PO Box 4473, Road Town, Torola, British Virgin Islands VG1110
admin-c: AJ2256-RIPE
tech-c: AJ2256-RIPE
mnt-ref: AINT-MNT
mnt-by: AINT-MNT
source: RIPE # Filtered

person: Agnes Jouaneau
address: A Little Denmark Complex, 147 Main Street, PO Box 4473
address: Road Town, Torola, VG1110
address: British Virgin Islands
phone: +44 20 81333030
fax-no: +44 20 81333030
abuse-mailbox: abuse@bergdorf-group.com
nic-hdl: AJ2256-RIPE
mnt-by: aint-mnt
source: RIPE # Filtered

% Information related to '91.224.160.0/23AS51430'

route: 91.224.160.0/23
descr: Bergdorf Group Ltd.
origin: AS51430
mnt-by: AINT-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.6.9 (WHOIS1)

Abusing IP Addresses from the same C block

IP AddressAbuseComplaints
91.224.160.10 complaints
91.224.160.106 complaints
91.224.160.108 complaints
91.224.160.131 complaints
91.224.160.135brute force:2 complaints
91.224.160.141brute force:1 complaints
91.224.160.154 complaints
91.224.160.184 complaints
91.224.160.212 complaints
91.224.160.222brute force:1 complaints
91.224.160.25 complaints
91.224.160.35brute force:FTP hacking:3 complaints
91.224.160.4spam:1 complaints
91.224.160.47 complaints
91.224.160.48 complaints
91.224.160.51 complaints
91.224.160.52 complaints
91.224.160.54 complaints
91.224.160.58 complaints
91.224.160.59 complaints
91.224.160.70 complaints

Other Brute Force, DDOS, Directory Harvest, DNS Cache Poisoning, Firewall Alert, Hacking, Malware, Port Scanning Complaints

7 days  ago United States209.18.47.61"DoS service attack and tcp-udp port scan from this ip address "
13 days  ago United States216.52.1.12"Port scans"
13 days  ago Ireland46.51.177.110"Has tried unsuccessfully to log into server many times"
14 days  ago United States155.94.88.18"Netgear Modem reports a single entry port scan from this IP"
15 days  ago Pakistan175.110.233.214"Attempted unauthorised remote server login"
16 days  ago France195.154.182.176"One attempt at port probe advised by Netgear Modem."
16 days  ago United States68.105.28.11"Port Scanning - 68.105.28.11:53"
16 days  ago Philippines119.92.189.67"Phishing, Paypal, Xoom and Skype scammers"
17 days  ago Germany217.86.243.141"Frequent port scanning for several weeks now "
19 days  ago Taiwan, Province Of China114.41.30.197"1.164.198.72"