146.66.244.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Spain

Internet Service Provider: Lleida Wifi Networks SL

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH login attempts with user root at 2020-01-02.	2020-01-03 02:38:57

Comments on same subnet:

IP	Type	Details	Datetime
146.66.244.246	attack	Invalid user ubnt from 146.66.244.246 port 43390	2020-09-03 02:05:28
146.66.244.246	attack	Sep 1 11:57:45 server sshd[9434]: Invalid user jh from 146.66.244.246 port 53938 Sep 1 11:57:46 server sshd[9434]: Failed password for invalid user jh from 146.66.244.246 port 53938 ssh2 Sep 1 11:57:45 server sshd[9434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.66.244.246 Sep 1 11:57:45 server sshd[9434]: Invalid user jh from 146.66.244.246 port 53938 Sep 1 11:57:46 server sshd[9434]: Failed password for invalid user jh from 146.66.244.246 port 53938 ssh2 ...	2020-09-01 17:10:09
146.66.244.246	attackbotsspam	Time: Mon Aug 24 10:03:07 2020 +0000 IP: 146.66.244.246 (ES/Spain/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 24 09:58:46 vps1 sshd[10149]: Invalid user fabien from 146.66.244.246 port 59804 Aug 24 09:58:49 vps1 sshd[10149]: Failed password for invalid user fabien from 146.66.244.246 port 59804 ssh2 Aug 24 10:01:26 vps1 sshd[10519]: Invalid user library from 146.66.244.246 port 41962 Aug 24 10:01:28 vps1 sshd[10519]: Failed password for invalid user library from 146.66.244.246 port 41962 ssh2 Aug 24 10:03:05 vps1 sshd[10656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.66.244.246 user=root	2020-08-24 19:28:56
146.66.244.246	attack	2020-08-22T20:58:58.192128shield sshd\[17800\]: Invalid user progress from 146.66.244.246 port 50022 2020-08-22T20:58:58.201840shield sshd\[17800\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.66.244.246 2020-08-22T20:59:00.919762shield sshd\[17800\]: Failed password for invalid user progress from 146.66.244.246 port 50022 ssh2 2020-08-22T21:02:38.043829shield sshd\[18562\]: Invalid user admin from 146.66.244.246 port 57208 2020-08-22T21:02:38.053353shield sshd\[18562\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.66.244.246	2020-08-23 05:11:42
146.66.244.246	attackbotsspam	Aug 16 00:18:45 jane sshd[9078]: Failed password for root from 146.66.244.246 port 33264 ssh2 ...	2020-08-16 06:52:10
146.66.244.246	attack	"fail2ban match"	2020-08-12 03:19:10
146.66.244.246	attackbotsspam	2020-08-02T07:03:21.758606lavrinenko.info sshd[15578]: Invalid user 123nikanorov123 from 146.66.244.246 port 46376 2020-08-02T07:03:21.766860lavrinenko.info sshd[15578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.66.244.246 2020-08-02T07:03:21.758606lavrinenko.info sshd[15578]: Invalid user 123nikanorov123 from 146.66.244.246 port 46376 2020-08-02T07:03:23.925980lavrinenko.info sshd[15578]: Failed password for invalid user 123nikanorov123 from 146.66.244.246 port 46376 ssh2 2020-08-02T07:07:29.949396lavrinenko.info sshd[15780]: Invalid user caja30 from 146.66.244.246 port 58036 ...	2020-08-02 18:49:54
146.66.244.246	attackbotsspam	2020-07-27T05:54:31.980329sd-86998 sshd[10591]: Invalid user oliver from 146.66.244.246 port 40476 2020-07-27T05:54:31.982619sd-86998 sshd[10591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.66.244.246 2020-07-27T05:54:31.980329sd-86998 sshd[10591]: Invalid user oliver from 146.66.244.246 port 40476 2020-07-27T05:54:34.089822sd-86998 sshd[10591]: Failed password for invalid user oliver from 146.66.244.246 port 40476 ssh2 2020-07-27T05:57:06.423415sd-86998 sshd[10988]: Invalid user ashley from 146.66.244.246 port 54704 ...	2020-07-27 12:04:08
146.66.244.246	attackbotsspam	Jun 29 23:35:02 buvik sshd[16136]: Failed password for invalid user debora from 146.66.244.246 port 34190 ssh2 Jun 29 23:37:23 buvik sshd[16485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.66.244.246 user=root Jun 29 23:37:25 buvik sshd[16485]: Failed password for root from 146.66.244.246 port 43746 ssh2 ...	2020-06-30 09:09:15
146.66.244.246	attackspam	Jun 28 15:14:24 server sshd[11101]: Failed password for invalid user gituser from 146.66.244.246 port 37748 ssh2 Jun 28 15:17:48 server sshd[14386]: Failed password for root from 146.66.244.246 port 35894 ssh2 Jun 28 15:21:11 server sshd[17587]: Failed password for root from 146.66.244.246 port 34038 ssh2	2020-06-28 23:52:01
146.66.244.246	attackspambots	Jun 27 10:40:54 Tower sshd[11794]: Connection from 146.66.244.246 port 57590 on 192.168.10.220 port 22 rdomain "" Jun 27 10:40:55 Tower sshd[11794]: Failed password for root from 146.66.244.246 port 57590 ssh2 Jun 27 10:40:55 Tower sshd[11794]: Received disconnect from 146.66.244.246 port 57590:11: Bye Bye [preauth] Jun 27 10:40:55 Tower sshd[11794]: Disconnected from authenticating user root 146.66.244.246 port 57590 [preauth]	2020-06-28 00:07:52
146.66.244.246	attackspambots	Jun 21 15:14:37 scw-tender-jepsen sshd[19438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.66.244.246 Jun 21 15:14:38 scw-tender-jepsen sshd[19438]: Failed password for invalid user gitlab-runner from 146.66.244.246 port 54040 ssh2	2020-06-21 23:26:15
146.66.244.246	attack	Jun 16 14:31:37 lanister sshd[3875]: Invalid user vlad from 146.66.244.246 Jun 16 14:31:37 lanister sshd[3875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.66.244.246 Jun 16 14:31:37 lanister sshd[3875]: Invalid user vlad from 146.66.244.246 Jun 16 14:31:38 lanister sshd[3875]: Failed password for invalid user vlad from 146.66.244.246 port 59584 ssh2	2020-06-17 02:39:50
146.66.244.246	attackbots	Jun 15 11:47:20 dev0-dcde-rnet sshd[25908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.66.244.246 Jun 15 11:47:22 dev0-dcde-rnet sshd[25908]: Failed password for invalid user redis from 146.66.244.246 port 41242 ssh2 Jun 15 11:54:05 dev0-dcde-rnet sshd[26004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.66.244.246	2020-06-15 18:42:32
146.66.244.246	attackbotsspam	2020-06-09T17:57:18.428275rocketchat.forhosting.nl sshd[10754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.66.244.246 2020-06-09T17:57:18.425906rocketchat.forhosting.nl sshd[10754]: Invalid user ts3user from 146.66.244.246 port 59012 2020-06-09T17:57:21.073272rocketchat.forhosting.nl sshd[10754]: Failed password for invalid user ts3user from 146.66.244.246 port 59012 ssh2 ...	2020-06-10 00:30:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 146.66.244.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48706
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;146.66.244.2.			IN	A

;; AUTHORITY SECTION:
.			249	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010200 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 02:38:53 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 2.244.66.146.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 2.244.66.146.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.137.48.70	attackspambots	unauthorized connection attempt	2020-02-10 19:31:10
213.14.112.92	attack	Feb 10 11:39:56 web8 sshd\[13986\]: Invalid user zds from 213.14.112.92 Feb 10 11:39:56 web8 sshd\[13986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.14.112.92 Feb 10 11:39:58 web8 sshd\[13986\]: Failed password for invalid user zds from 213.14.112.92 port 39368 ssh2 Feb 10 11:42:58 web8 sshd\[15456\]: Invalid user jeg from 213.14.112.92 Feb 10 11:42:58 web8 sshd\[15456\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.14.112.92	2020-02-10 19:54:17
185.220.100.255	attackspam	Unauthorized access detected from black listed ip!	2020-02-10 19:38:51
125.124.85.140	attack	$f2bV_matches	2020-02-10 19:33:45
41.76.168.167	attackbotsspam	1581310231 - 02/10/2020 05:50:31 Host: 41.76.168.167/41.76.168.167 Port: 445 TCP Blocked	2020-02-10 19:20:45
222.186.175.212	attackbots	Feb 10 12:10:35 h2177944 sshd\[2010\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.212 user=root Feb 10 12:10:36 h2177944 sshd\[2010\]: Failed password for root from 222.186.175.212 port 58370 ssh2 Feb 10 12:10:40 h2177944 sshd\[2010\]: Failed password for root from 222.186.175.212 port 58370 ssh2 Feb 10 12:10:43 h2177944 sshd\[2010\]: Failed password for root from 222.186.175.212 port 58370 ssh2 ...	2020-02-10 19:15:23
137.74.241.223	spam	Used by e.ieremie@htlstp.at for SPAM, PHISHING and SCAM on STOLLEN list we don't know, as usual with LIERS and ROBERS !	2020-02-10 19:26:58
49.235.90.120	attackspam	Feb 10 09:52:32 ns382633 sshd\[7787\]: Invalid user sfj from 49.235.90.120 port 52512 Feb 10 09:52:32 ns382633 sshd\[7787\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.90.120 Feb 10 09:52:34 ns382633 sshd\[7787\]: Failed password for invalid user sfj from 49.235.90.120 port 52512 ssh2 Feb 10 10:09:01 ns382633 sshd\[10487\]: Invalid user obr from 49.235.90.120 port 45092 Feb 10 10:09:01 ns382633 sshd\[10487\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.90.120	2020-02-10 19:14:49
189.146.121.201	attack	Honeypot attack, port: 81, PTR: dsl-189-146-121-201-dyn.prod-infinitum.com.mx.	2020-02-10 19:43:06
61.223.65.133	attackspambots	unauthorized connection attempt	2020-02-10 19:27:49
36.232.127.227	attackspambots	unauthorized connection attempt	2020-02-10 19:24:36
182.254.242.248	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-10 19:47:38
14.239.193.12	attackbotsspam	1581310241 - 02/10/2020 05:50:41 Host: 14.239.193.12/14.239.193.12 Port: 445 TCP Blocked	2020-02-10 19:13:02
185.53.88.125	attackspam	Port Scan detected from 185.53.88.125 (NL/Netherlands/-). 4 hits in the last 200 seconds	2020-02-10 19:42:48
49.234.27.151	attack	1 have jailkit run with 5 retry ssh login. and this IP is not come from my network. so exactly this is brute force atack, please report and block this ip Thanks	2020-02-10 19:18:31

Recently Reported IPs

143.202.164.1	126.52.240.58	53.13.68.154	143.192.97.1
217.206.185.154	69.63.254.19	92.156.251.123	16.125.159.80
220.137.9.173	158.161.168.208	143.0.164.1	222.69.168.141
34.35.85.140	117.208.126.88	175.180.221.163	137.184.61.242
79.192.183.207	60.96.91.109	175.169.87.115	15.244.204.242