138.201.54.140

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.201.54.59	attackspam	138.201.54.59 - - \[23/Nov/2019:14:21:10 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 138.201.54.59 - - \[23/Nov/2019:14:21:11 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-11-24 03:37:49
138.201.54.59	attackbots	138.201.54.59 - - \[23/Oct/2019:03:58:51 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 138.201.54.59 - - \[23/Oct/2019:03:58:51 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-10-23 12:10:04

Type

Details

Datetime

138.201.54.59

attackspam

138.201.54.59 - - \[23/Nov/2019:14:21:10 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
138.201.54.59 - - \[23/Nov/2019:14:21:11 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
...

2019-11-24 03:37:49

138.201.54.59

attackbots

138.201.54.59 - - \[23/Oct/2019:03:58:51 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
138.201.54.59 - - \[23/Oct/2019:03:58:51 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
...

2019-10-23 12:10:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.201.54.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47577
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.201.54.140.			IN	A

;; AUTHORITY SECTION:
.			490	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022601 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 12:29:29 CST 2022
;; MSG SIZE  rcvd: 107

Host info

140.54.201.138.in-addr.arpa domain name pointer server2.desgate.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
140.54.201.138.in-addr.arpa	name = server2.desgate.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.248.211.180	attack	2019-08-31T04:43:44.493982centos sshd\[17000\]: Invalid user sun from 104.248.211.180 port 47276 2019-08-31T04:43:44.501546centos sshd\[17000\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.211.180 2019-08-31T04:43:46.672189centos sshd\[17000\]: Failed password for invalid user sun from 104.248.211.180 port 47276 ssh2	2019-08-31 10:51:30
198.52.8.158	attackbotsspam	2019/08/31 03:37:57 [error] 2015#2015: 1400 open() "/srv/automx/instance/cgi-bin/ViewLog.asp" failed (2: No such file or directory), client: 198.52.8.158, server: autoconfig.tuxlinux.eu, request: "POST /cgi-bin/ViewLog.asp HTTP/1.1", host: "127.0.0.1" 2019/08/31 03:37:57 [error] 2015#2015: 1402 open() "/srv/automx/instance/cgi-bin/ViewLog.asp" failed (2: No such file or directory), client: 198.52.8.158, server: autoconfig.tuxlinux.eu, request: "POST /cgi-bin/ViewLog.asp HTTP/1.1", host: "127.0.0.1" ...	2019-08-31 11:28:06
1.209.171.64	attackspam	2019-08-24T00:55:50.471818wiz-ks3 sshd[11225]: Invalid user email from 1.209.171.64 port 33180 2019-08-24T00:55:50.473882wiz-ks3 sshd[11225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.209.171.64 2019-08-24T00:55:50.471818wiz-ks3 sshd[11225]: Invalid user email from 1.209.171.64 port 33180 2019-08-24T00:55:52.935240wiz-ks3 sshd[11225]: Failed password for invalid user email from 1.209.171.64 port 33180 ssh2 2019-08-24T01:01:29.339409wiz-ks3 sshd[11282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.209.171.64 user=root 2019-08-24T01:01:31.339602wiz-ks3 sshd[11282]: Failed password for root from 1.209.171.64 port 51292 ssh2 2019-08-24T01:07:27.667967wiz-ks3 sshd[11318]: Invalid user pavel from 1.209.171.64 port 40824 2019-08-24T01:07:27.669993wiz-ks3 sshd[11318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.209.171.64 2019-08-24T01:07:27.667967wiz-ks3 sshd[11318]: Invalid use	2019-08-31 11:25:41
159.65.236.58	attackspam	Aug 31 01:57:38 *** sshd[14014]: Invalid user vagrant from 159.65.236.58	2019-08-31 11:36:21
193.70.85.206	attackspambots	Aug 31 04:42:08 v22019058497090703 sshd[29974]: Failed password for root from 193.70.85.206 port 41071 ssh2 Aug 31 04:46:25 v22019058497090703 sshd[30351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.85.206 Aug 31 04:46:27 v22019058497090703 sshd[30351]: Failed password for invalid user imarks from 193.70.85.206 port 34887 ssh2 ...	2019-08-31 11:26:08
94.177.173.75	attack	Aug 31 04:40:06 root sshd[8372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.173.75 Aug 31 04:40:08 root sshd[8372]: Failed password for invalid user smmsp from 94.177.173.75 port 33472 ssh2 Aug 31 04:44:16 root sshd[8463]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.173.75 ...	2019-08-31 11:19:50
104.236.246.16	attackbots	Aug 31 04:41:25 server sshd[7690]: Failed password for invalid user test from 104.236.246.16 port 46084 ssh2 Aug 31 04:46:38 server sshd[8988]: Failed password for invalid user hduser from 104.236.246.16 port 33246 ssh2 Aug 31 04:52:53 server sshd[10433]: Failed password for invalid user admin from 104.236.246.16 port 48642 ssh2	2019-08-31 11:08:42
94.42.178.137	attackbots	Aug 31 06:01:01 www sshd\[14396\]: Invalid user administrador from 94.42.178.137Aug 31 06:01:04 www sshd\[14396\]: Failed password for invalid user administrador from 94.42.178.137 port 49212 ssh2Aug 31 06:06:25 www sshd\[14444\]: Invalid user zte from 94.42.178.137Aug 31 06:06:27 www sshd\[14444\]: Failed password for invalid user zte from 94.42.178.137 port 43318 ssh2 ...	2019-08-31 11:20:23
206.189.59.227	attackspambots	Aug 31 04:39:33 v22019058497090703 sshd[29788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.59.227 Aug 31 04:39:35 v22019058497090703 sshd[29788]: Failed password for invalid user hvisage from 206.189.59.227 port 44316 ssh2 Aug 31 04:43:21 v22019058497090703 sshd[30106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.59.227 ...	2019-08-31 10:57:58
91.215.198.25	attackbotsspam	[portscan] Port scan	2019-08-31 11:28:35
62.12.115.116	attackspambots	Aug 31 03:38:06 h2177944 sshd\[23500\]: Failed password for invalid user vncuser from 62.12.115.116 port 44314 ssh2 Aug 31 04:38:27 h2177944 sshd\[25605\]: Invalid user ubuntu from 62.12.115.116 port 39684 Aug 31 04:38:27 h2177944 sshd\[25605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.12.115.116 Aug 31 04:38:29 h2177944 sshd\[25605\]: Failed password for invalid user ubuntu from 62.12.115.116 port 39684 ssh2 ...	2019-08-31 11:24:36
24.210.199.30	attackspam	Aug 31 04:53:02 vps647732 sshd[25796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.210.199.30 Aug 31 04:53:04 vps647732 sshd[25796]: Failed password for invalid user petre from 24.210.199.30 port 39526 ssh2 ...	2019-08-31 11:12:25
159.65.12.204	attack	Aug 31 05:37:23 taivassalofi sshd[244459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.12.204 Aug 31 05:37:25 taivassalofi sshd[244459]: Failed password for invalid user hub from 159.65.12.204 port 44836 ssh2 ...	2019-08-31 10:54:27
141.98.9.195	attackbots	Aug 31 05:24:40 relay postfix/smtpd\[23733\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 31 05:24:57 relay postfix/smtpd\[30067\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 31 05:25:48 relay postfix/smtpd\[31478\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 31 05:26:05 relay postfix/smtpd\[30068\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 31 05:26:56 relay postfix/smtpd\[23733\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-31 11:29:03
107.170.172.23	attackspam	Fail2Ban - SSH Bruteforce Attempt	2019-08-31 11:14:39

Recently Reported IPs

138.201.51.201	138.201.54.115	138.201.55.117	138.201.54.42
163.206.64.158	138.201.55.161	138.201.55.85	138.201.51.234
138.201.56.94	138.201.56.56	138.201.57.34	138.201.58.58
138.201.60.79	138.201.61.20	138.201.60.243	138.201.62.170
138.201.62.173	138.201.61.73	138.201.63.14	138.201.64.132