54.36.148.12 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: France

Internet Service Provider: OVH SAS

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Automatic report - Banned IP Access	2019-09-10 13:49:07

Comments on same subnet:

IP	Type	Details	Datetime
54.36.148.143	attack	Automatic report - Banned IP Access	2020-09-08 22:20:04
54.36.148.143	attack	Automatic report - Banned IP Access	2020-09-08 14:10:00
54.36.148.143	attack	Automatic report - Banned IP Access	2020-09-08 06:40:41
54.36.148.79	attackbots	/dev	2020-09-04 20:58:31
54.36.148.79	attackspambots	/dev	2020-09-04 12:38:05
54.36.148.79	attackbots	/dev	2020-09-04 05:07:50
54.36.148.241	attackbotsspam	Web bot scraping website [bot:ahrefs]	2020-08-09 21:58:23
54.36.148.236	attack	Bad Web Bot (AhrefsBot).	2020-08-09 02:05:40
54.36.148.250	attackspambots	caw-Joomla User : try to access forms...	2020-08-01 18:04:55
54.36.148.196	attack	Automatic report - Banned IP Access	2020-07-24 23:21:37
54.36.148.22	attack	Automatic report - Banned IP Access	2020-07-24 18:46:22
54.36.148.244	attack	Bad Web Bot (AhrefsBot).	2020-07-19 12:50:28
54.36.148.132	attack	2020-06-27T12:17:07.000Z [f2b-nginxBotsNoClick] Bot not following robots.txt rules. User-Agent: "Mozilla/5.0 (compatible; AhrefsBot/6.1; +http://ahrefs.com/robot/)"	2020-06-28 01:40:43
54.36.148.134	attack	Automatic report - Banned IP Access	2020-06-25 19:22:25
54.36.148.95	attackspam	Automatic report - Banned IP Access	2020-06-25 00:32:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.36.148.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27178
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.36.148.12.			IN	A

;; AUTHORITY SECTION:
.			2031	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091000 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 10 13:48:59 CST 2019
;; MSG SIZE  rcvd: 116

Host info

12.148.36.54.in-addr.arpa domain name pointer ip-54-36-148-12.a.ahrefs.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
12.148.36.54.in-addr.arpa	name = ip-54-36-148-12.a.ahrefs.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
41.190.34.122	attackbots	" "	2019-10-18 21:04:21
37.203.108.102	attackbots	37.203.108.102 - - [18/Oct/2019:07:44:00 -0400] "GET /?page=../../../../../../etc/passwd%00&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0 HTTP/1.1" 200 16774 "https://exitdevice.com/?page=../../../../../../etc/passwd%00&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-10-18 20:47:38
157.230.57.112	attackspam	Portscan or hack attempt detected by psad/fwsnort	2019-10-18 21:14:27
212.237.26.114	attack	Oct 18 12:43:40 localhost sshd\[117918\]: Invalid user pty from 212.237.26.114 port 50410 Oct 18 12:43:40 localhost sshd\[117918\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.237.26.114 Oct 18 12:43:42 localhost sshd\[117918\]: Failed password for invalid user pty from 212.237.26.114 port 50410 ssh2 Oct 18 12:47:38 localhost sshd\[118021\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.237.26.114 user=root Oct 18 12:47:40 localhost sshd\[118021\]: Failed password for root from 212.237.26.114 port 60640 ssh2 ...	2019-10-18 21:01:51
5.135.179.178	attack	SSH Brute-Force reported by Fail2Ban	2019-10-18 21:07:25
118.24.108.196	attack	Oct 18 15:38:06 microserver sshd[10367]: Invalid user jg from 118.24.108.196 port 39482 Oct 18 15:38:06 microserver sshd[10367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.108.196 Oct 18 15:38:08 microserver sshd[10367]: Failed password for invalid user jg from 118.24.108.196 port 39482 ssh2 Oct 18 15:43:26 microserver sshd[11042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.108.196 user=mysql Oct 18 15:43:28 microserver sshd[11042]: Failed password for mysql from 118.24.108.196 port 48664 ssh2 Oct 18 15:57:47 microserver sshd[12994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.108.196 user=root Oct 18 15:57:48 microserver sshd[12994]: Failed password for root from 118.24.108.196 port 47882 ssh2 Oct 18 16:02:37 microserver sshd[13669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.108.196 user=root Oct 18 1	2019-10-18 21:17:14
81.22.45.65	attackspam	2019-10-18T14:53:53.831952+02:00 lumpi kernel: [1225640.276358] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.65 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=18556 PROTO=TCP SPT=42765 DPT=15796 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-18 20:59:29
101.255.52.171	attack	2019-10-18T13:03:56.131045abusebot-5.cloudsearch.cf sshd\[20335\]: Invalid user taspberry from 101.255.52.171 port 54608	2019-10-18 21:05:43
140.143.53.145	attackbots	Oct 18 07:43:56 Tower sshd[9949]: Connection from 140.143.53.145 port 43100 on 192.168.10.220 port 22 Oct 18 07:43:58 Tower sshd[9949]: Failed password for root from 140.143.53.145 port 43100 ssh2 Oct 18 07:43:58 Tower sshd[9949]: Received disconnect from 140.143.53.145 port 43100:11: Bye Bye [preauth] Oct 18 07:43:58 Tower sshd[9949]: Disconnected from authenticating user root 140.143.53.145 port 43100 [preauth]	2019-10-18 20:51:43
165.22.182.168	attackspambots	Oct 18 14:35:28 eventyay sshd[3310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.182.168 Oct 18 14:35:30 eventyay sshd[3310]: Failed password for invalid user spartan117 from 165.22.182.168 port 44862 ssh2 Oct 18 14:39:00 eventyay sshd[3374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.182.168 ...	2019-10-18 20:44:07
164.132.195.231	attack	164.132.195.231 - - [18/Oct/2019:13:43:54 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 164.132.195.231 - - [18/Oct/2019:13:43:54 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 164.132.195.231 - - [18/Oct/2019:13:43:55 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 164.132.195.231 - - [18/Oct/2019:13:43:55 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 164.132.195.231 - - [18/Oct/2019:13:43:56 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 164.132.195.231 - - [18/Oct/2019:13:43:56 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" .	2019-10-18 20:55:44
202.5.36.56	attack	Oct 18 13:26:17 apollo sshd\[3727\]: Invalid user hill from 202.5.36.56Oct 18 13:26:19 apollo sshd\[3727\]: Failed password for invalid user hill from 202.5.36.56 port 59560 ssh2Oct 18 13:43:34 apollo sshd\[3766\]: Failed password for root from 202.5.36.56 port 49644 ssh2 ...	2019-10-18 21:10:24
217.182.206.141	attackspambots	Oct 18 01:40:05 php1 sshd\[20725\]: Invalid user carol from 217.182.206.141 Oct 18 01:40:05 php1 sshd\[20725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.ip-217-182-206.eu Oct 18 01:40:07 php1 sshd\[20725\]: Failed password for invalid user carol from 217.182.206.141 port 35392 ssh2 Oct 18 01:44:01 php1 sshd\[21080\]: Invalid user password123 from 217.182.206.141 Oct 18 01:44:01 php1 sshd\[21080\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.ip-217-182-206.eu	2019-10-18 20:49:25
200.11.150.238	attack	Invalid user ftpuser from 200.11.150.238 port 53192	2019-10-18 20:37:43
211.161.102.167	attack	Oct 18 12:33:23 localhost sshd\[117638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.161.102.167 user=root Oct 18 12:33:25 localhost sshd\[117638\]: Failed password for root from 211.161.102.167 port 65295 ssh2 Oct 18 12:33:28 localhost sshd\[117638\]: Failed password for root from 211.161.102.167 port 65295 ssh2 Oct 18 12:33:30 localhost sshd\[117638\]: Failed password for root from 211.161.102.167 port 65295 ssh2 Oct 18 12:33:32 localhost sshd\[117638\]: Failed password for root from 211.161.102.167 port 65295 ssh2 ...	2019-10-18 20:50:43

Recently Reported IPs

37.52.9.243	138.68.208.196	227.124.147.27	207.103.216.159
161.68.25.223	191.7.200.174	116.29.138.120	216.10.245.172
3.0.184.211	147.213.180.237	121.44.14.232	126.115.53.160
27.52.203.46	189.10.97.147	159.203.203.123	46.119.114.88
187.44.58.3	45.153.66.224	103.48.232.123	185.162.235.71