46.99.10.244 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Albania

Internet Service Provider: iPKO Telecommunications LLC

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 2 14:11:25 debian-2gb-nbg1-2 kernel: \[18628761.405506\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=46.99.10.244 DST=195.201.40.59 LEN=187 TOS=0x00 PREC=0x00 TTL=115 ID=14932 PROTO=UDP SPT=51981 DPT=51455 LEN=167	2020-08-02 22:41:04

Type

Details

Datetime

attack

Aug  2 14:11:25 debian-2gb-nbg1-2 kernel: \[18628761.405506\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=46.99.10.244 DST=195.201.40.59 LEN=187 TOS=0x00 PREC=0x00 TTL=115 ID=14932 PROTO=UDP SPT=51981 DPT=51455 LEN=167

2020-08-02 22:41:04

Comments on same subnet:

IP	Type	Details	Datetime
46.99.104.104	attackbotsspam	Sat, 20 Jul 2019 21:56:29 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 07:55:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 46.99.10.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29830
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;46.99.10.244.			IN	A

;; AUTHORITY SECTION:
.			118	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080200 1800 900 604800 86400

;; Query time: 875 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 02 22:40:56 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 244.10.99.46.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 244.10.99.46.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.230.2.208	attack	DATE:2020-07-06 14:59:39, IP:157.230.2.208, PORT:ssh SSH brute force auth (docker-dc)	2020-07-06 23:00:01
51.91.100.109	attackspambots	Jul 6 16:06:03 h1745522 sshd[20157]: Invalid user csadmin from 51.91.100.109 port 58798 Jul 6 16:06:03 h1745522 sshd[20157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.100.109 Jul 6 16:06:03 h1745522 sshd[20157]: Invalid user csadmin from 51.91.100.109 port 58798 Jul 6 16:06:05 h1745522 sshd[20157]: Failed password for invalid user csadmin from 51.91.100.109 port 58798 ssh2 Jul 6 16:09:11 h1745522 sshd[20419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.100.109 user=root Jul 6 16:09:13 h1745522 sshd[20419]: Failed password for root from 51.91.100.109 port 55724 ssh2 Jul 6 16:12:19 h1745522 sshd[20681]: Invalid user tempo from 51.91.100.109 port 52638 Jul 6 16:12:19 h1745522 sshd[20681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.100.109 Jul 6 16:12:19 h1745522 sshd[20681]: Invalid user tempo from 51.91.100.109 port 52638 Jul ...	2020-07-06 22:37:45
213.32.112.31	attackbotsspam	TCP (SYN,ACK) 213.32.112.31:2302 -> port 39075, len 44	2020-07-06 23:04:51
202.202.217.76	attackspam	scans 4 times in preceeding hours on the ports (in chronological order) 5683 8883 5683 1883	2020-07-06 23:06:26
83.18.149.38	attackbotsspam	Jul 6 14:14:30 localhost sshd[54943]: Invalid user sales from 83.18.149.38 port 36244 Jul 6 14:14:30 localhost sshd[54943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=azt38.internetdsl.tpnet.pl Jul 6 14:14:30 localhost sshd[54943]: Invalid user sales from 83.18.149.38 port 36244 Jul 6 14:14:31 localhost sshd[54943]: Failed password for invalid user sales from 83.18.149.38 port 36244 ssh2 Jul 6 14:20:02 localhost sshd[55622]: Invalid user wildfly from 83.18.149.38 port 35451 ...	2020-07-06 22:37:23
222.186.30.57	attackspam	Unauthorized connection attempt detected from IP address 222.186.30.57 to port 22	2020-07-06 22:53:14
202.158.123.42	attackbotsspam	$f2bV_matches	2020-07-06 22:32:08
49.235.213.234	attackbotsspam	Jul 6 17:11:58 pkdns2 sshd\[16947\]: Failed password for root from 49.235.213.234 port 43148 ssh2Jul 6 17:14:56 pkdns2 sshd\[17094\]: Invalid user bol from 49.235.213.234Jul 6 17:14:58 pkdns2 sshd\[17094\]: Failed password for invalid user bol from 49.235.213.234 port 44018 ssh2Jul 6 17:18:05 pkdns2 sshd\[17287\]: Invalid user aliyun from 49.235.213.234Jul 6 17:18:07 pkdns2 sshd\[17287\]: Failed password for invalid user aliyun from 49.235.213.234 port 44894 ssh2Jul 6 17:21:00 pkdns2 sshd\[17453\]: Invalid user aldo from 49.235.213.234 ...	2020-07-06 22:41:48
118.36.234.144	attack	Jul 6 15:00:51 vps333114 sshd[31291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.36.234.144 Jul 6 15:00:53 vps333114 sshd[31291]: Failed password for invalid user pmb from 118.36.234.144 port 54575 ssh2 ...	2020-07-06 22:47:16
157.245.211.120	attack	Jul 6 14:55:39 lnxmysql61 sshd[8522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.211.120 Jul 6 14:55:39 lnxmysql61 sshd[8522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.211.120	2020-07-06 22:48:38
45.9.47.66	attack	45.9.47.66 - - [06/Jul/2020:15:14:24 +0100] "POST /wp-login.php HTTP/1.1" 200 5618 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 45.9.47.66 - - [06/Jul/2020:15:24:51 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 45.9.47.66 - - [06/Jul/2020:15:24:51 +0100] "POST /wp-login.php HTTP/1.1" 200 5611 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-07-06 22:44:18
45.138.74.217	attackspam		2020-07-06 22:47:35
62.36.20.208	attackbotsspam		2020-07-06 22:45:58
87.197.154.176	attack	$f2bV_matches	2020-07-06 22:54:51
104.248.181.156	attack	2020-07-06T14:55:13.525898shield sshd\[30207\]: Invalid user julio from 104.248.181.156 port 45864 2020-07-06T14:55:13.529465shield sshd\[30207\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.181.156 2020-07-06T14:55:15.608139shield sshd\[30207\]: Failed password for invalid user julio from 104.248.181.156 port 45864 ssh2 2020-07-06T14:57:02.384763shield sshd\[31109\]: Invalid user gast from 104.248.181.156 port 44446 2020-07-06T14:57:02.388426shield sshd\[31109\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.181.156	2020-07-06 23:02:33

Recently Reported IPs

189.41.213.160	37.6.106.187	34.190.222.103	82.177.126.99
160.251.188.71	141.36.147.216	37.49.230.71	2.13.131.234
174.187.74.12	125.189.211.13	171.147.187.125	161.83.150.112
176.12.101.88	223.231.229.186	123.149.204.225	213.255.41.156
103.7.21.41	216.204.243.117	110.82.58.72	51.14.107.255