JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 31.220.99.244

31.220.99.244 was found in our database!

This IP was reported 195 times. Confidence of Abuse is 100%: ?

100%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS40021
Hostname(s)	ip-244-99-220-31.static.contabo.net
Domain Name	contabo.com
Country	🇺🇸 United States of America
City	Orangeburg, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 31.220.99.244

Whois 31.220.99.244

IP Abuse Reports for 31.220.99.244:

This IP address has been reported a total of 195 times from 155 distinct sources. 31.220.99.244 was first reported on November 17th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 SiyCah	2026-06-13 06:00:09 (1 week ago)	31.220.99.244 fell into Endlessh tarpit; 0/1 total connections are currently still open. Total time ... show more 31.220.99.244 fell into Endlessh tarpit; 0/1 total connections are currently still open. Total time wasted: 2s. Total bytes sent by tarpit: 218B. Report generated by Endlessh Report Generator v1.2.3 show less	Brute-Force Port Scan SSH Hacking
🇩🇪 SiyCah	2026-06-12 06:00:07 (1 week ago)	31.220.99.244 fell into Endlessh tarpit; 0/1 total connections are currently still open. Total time ... show more 31.220.99.244 fell into Endlessh tarpit; 0/1 total connections are currently still open. Total time wasted: 2s. Total bytes sent by tarpit: 218B. Report generated by Endlessh Report Generator v1.2.3 show less	Brute-Force Port Scan SSH Hacking
🇨🇦 Luhte	2026-06-11 19:25:25 (1 week ago)	Unsolicited TCP connection from 31.220.99.244 to port 0 at 2026-06-11T19:25:25Z. Source IP completed ... show more Unsolicited TCP connection from 31.220.99.244 to port 0 at 2026-06-11T19:25:25Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring. show less	Port Scan Hacking
🇺🇸 sargetun	2026-06-10 11:00:27 (1 week ago)	Honeypot: Auto-ban: 24 hour idle after honeypot interaction. Auto-reported from VPS honeypot.	Brute-Force SSH Hacking
🇩🇪 SiyCah	2026-06-10 06:00:06 (1 week ago)	31.220.99.244 fell into Endlessh tarpit; 0/1 total connections are currently still open. Total time ... show more 31.220.99.244 fell into Endlessh tarpit; 0/1 total connections are currently still open. Total time wasted: 2s. Total bytes sent by tarpit: 218B. Report generated by Endlessh Report Generator v1.2.3 show less	Brute-Force Port Scan SSH Hacking
🇨🇭 SOC [GOLINE SA]	2026-06-10 04:11:46 (1 week ago)	IDS Alert: ET SCAN Suspicious inbound to mySQL port 3306 === ATTACK === Signature: ET SCAN Suspiciou ... show more IDS Alert: ET SCAN Suspicious inbound to mySQL port 3306 === ATTACK === Signature: ET SCAN Suspicious inbound to mySQL port 3306 \| SID: 2010937 \| Severity: 2 \| Category: Potentially Bad Traffic === SOURCE === IP: 31.220.99.244 (IPv4) \| Port: 53572 \| Country: United States \| ISP: TT-20230217 \| rDNS: ip-244-99-220-31.static.contabo.net === TARGET === Host: wireguard.goline.ch \| IP: 185.54.80.7 \| Port: 3306 \| Protocol: TCP \| App: N/A === RESPONSE === Time: 2026-06-10 06:11:46 \| Action: Blocked show less	SQL Injection Web App Attack
🇩🇪 phil2k	2026-06-10 00:56:08 (1 week ago)	Firewall: Within 2026-06-09 10:26:36 - 2026-06-09 10:26:36 CEST(+0200) identified: unallowed access ... show more Firewall: Within 2026-06-09 10:26:36 - 2026-06-09 10:26:36 CEST(+0200) identified: unallowed access from 31.220.99.244 on port 3306(<DB>) (1 trial) Fail2ban: Within 2026-06-09 10:26:36 - 2026-06-09 10:26:36 CEST(+0200) banned: 1 times by fail2ban[firewall] show less	Port Scan Brute-Force
🇺🇸 NetGuard	2026-06-09 13:16:38 (1 week ago)	#honeypot #netguard247 #dionaea #networkexploit Captured by NetGuard 24/7 T-Pot honeypot (netguard24 ... show more #honeypot #netguard247 #dionaea #networkexploit Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com). Timestamp: 2026-06-09T13:16:38.687+00:00 Attacker IP: 31.220.99.244 \| Port: 3306 \| Country: United States Honeypot: dionaea \| Attack: network_exploit Source: NetGuard 24/7 (netguard24-7.com) \| PhantomGrid Defense show less	Hacking SQL Injection Web App Attack
🇺🇸 drewf.ink	2026-06-09 13:09:07 (1 week ago)	[13:09] Port scanning. Port(s) scanned: TCP/3306	Port Scan
🇫🇷 bazter.pro	2026-06-09 13:07:22 (1 week ago)	Auto-Ban [2026-06-09 16:07:13]: CRITICAL: High-score datacenter (100% AbuseIPDB, Contabo GmbH); DC: ... show more Auto-Ban [2026-06-09 16:07:13]: CRITICAL: High-score datacenter (100% AbuseIPDB, Contabo GmbH); DC: Contabo GmbH [Paths: 7] \| Details: 404 errors (7): /agent/timeclock.php, /elision-dialer/agent/timeclock.php?referrer=welcome, /hottrix-dialer/agent/timeclock.php, /agc/timeclock.php?referrer=welcome, /agent/timeclock.php?referrer=welcome, /elision-dialer/agent/timeclock.php, /agc/timeclock.php show less	Web App Attack
🇨🇭 NV	2026-06-09 13:04:47 (1 week ago)	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.220.99.24 ... show more pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.220.99.244 user=root Failed password for root from 31.220.99.244 port 34862 ssh2 show less	Brute-Force SSH
Anonymous	2026-06-09 12:56:56 (1 week ago)	31.220.99.244 - - [09/Jun/2026:14:56:54 +0200] "GET /agc/timeclock.php?referrer=welcome HTTP/1.1" 40 ... show more 31.220.99.244 - - [09/Jun/2026:14:56:54 +0200] "GET /agc/timeclock.php?referrer=welcome HTTP/1.1" 400 248 "-" "Mozilla/5.0" 31.220.99.244 - - [09/Jun/2026:14:56:54 +0200] "GET /elision-dialer/agent/timeclock.php HTTP/1.1" 400 248 "-" "Mozilla/5.0" 31.220.99.244 - - [09/Jun/2026:14:56:55 +0200] "GET /hottrix-dialer/agent/timeclock.php HTTP/1.1" 400 248 "-" "Mozilla/5.0" 31.220.99.244 - - [09/Jun/2026:14:56:55 +0200] "GET /elision-dialer/agent/timeclock.php?referrer=welcome HTTP/1.1" 400 248 "-" "Mozilla/5.0" 31.220.99.244 - - [09/Jun/2026:14:56:55 +0200] "GET /agent/timeclock.php?referrer=welcome HTTP/1.1" 400 248 "-" "Mozilla/5.0" ... show less	Web App Attack
🇦🇹 begou.dev	2026-06-09 12:22:22 (1 week ago)	[Threat Intelligence] Port Scanning and/or Unauthorized access -> TCP/3306	Port Scan
🇸🇬 drewf.ink	2026-06-09 12:03:14 (1 week ago)	[12:03] Port scanning. Port(s) scanned: TCP/3306	Port Scan
🇺🇸 3rdKey	2026-06-09 11:46:03 (1 week ago)	OpenCanary honeypot hit on port 3306 (no legitimate service runs there); logtype 8001. Automated rep ... show more OpenCanary honeypot hit on port 3306 (no legitimate service runs there); logtype 8001. Automated report. show less	Port Scan Hacking

Showing 1 to 15 of 195 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.205

🇬🇧 195.96.139.86

🇺🇸 104.223.6.190

🇬🇧 104.218.164.192

🇧🇷 45.205.1.76

🇺🇸 199.195.254.215

🇧🇷 179.183.114.175

🇮🇳 128.185.231.6

🇬🇧 104.218.164.117

🇺🇸 104.207.47.232

🇮🇳 103.158.40.65

🇷🇴 80.94.92.186

🇧🇬 78.128.113.46

🇺🇸 66.132.186.128

🇺🇸 34.24.116.237

🇨🇳 1.25.105.237

🇨🇴 108.174.156.122

🇺🇸 104.207.47.188

🇺🇸 104.207.42.126

🇭🇺 91.120.86.108