54.36.148.222 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: France

Internet Service Provider: OVH SAS

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	mue-Direct access to plugin not allowed	2020-02-21 07:31:05
attack	Automatic report - Web App Attack	2019-06-25 21:58:48

Comments on same subnet:

IP	Type	Details	Datetime
54.36.148.143	attack	Automatic report - Banned IP Access	2020-09-08 22:20:04
54.36.148.143	attack	Automatic report - Banned IP Access	2020-09-08 14:10:00
54.36.148.143	attack	Automatic report - Banned IP Access	2020-09-08 06:40:41
54.36.148.79	attackbots	/dev	2020-09-04 20:58:31
54.36.148.79	attackspambots	/dev	2020-09-04 12:38:05
54.36.148.79	attackbots	/dev	2020-09-04 05:07:50
54.36.148.241	attackbotsspam	Web bot scraping website [bot:ahrefs]	2020-08-09 21:58:23
54.36.148.236	attack	Bad Web Bot (AhrefsBot).	2020-08-09 02:05:40
54.36.148.250	attackspambots	caw-Joomla User : try to access forms...	2020-08-01 18:04:55
54.36.148.196	attack	Automatic report - Banned IP Access	2020-07-24 23:21:37
54.36.148.22	attack	Automatic report - Banned IP Access	2020-07-24 18:46:22
54.36.148.244	attack	Bad Web Bot (AhrefsBot).	2020-07-19 12:50:28
54.36.148.132	attack	2020-06-27T12:17:07.000Z [f2b-nginxBotsNoClick] Bot not following robots.txt rules. User-Agent: "Mozilla/5.0 (compatible; AhrefsBot/6.1; +http://ahrefs.com/robot/)"	2020-06-28 01:40:43
54.36.148.134	attack	Automatic report - Banned IP Access	2020-06-25 19:22:25
54.36.148.95	attackspam	Automatic report - Banned IP Access	2020-06-25 00:32:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.36.148.222
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37353
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.36.148.222.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 25 21:58:39 CST 2019
;; MSG SIZE  rcvd: 117

Host info

222.148.36.54.in-addr.arpa domain name pointer ip-54-36-148-222.a.ahrefs.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
222.148.36.54.in-addr.arpa	name = ip-54-36-148-222.a.ahrefs.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.132.81	attack	Oct 7 14:28:29 localhost sshd\[13753\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.81 user=root Oct 7 14:28:30 localhost sshd\[13753\]: Failed password for root from 106.12.132.81 port 45461 ssh2 Oct 7 14:32:20 localhost sshd\[14254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.81 user=root	2019-10-08 01:28:33
185.176.27.54	attackspam	firewall-block, port(s): 18184/tcp, 18185/tcp, 18186/tcp, 53494/tcp, 53495/tcp, 53496/tcp	2019-10-08 01:53:08
106.12.17.169	attack	Oct 7 15:09:36 sshgateway sshd\[10204\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.17.169 user=root Oct 7 15:09:38 sshgateway sshd\[10204\]: Failed password for root from 106.12.17.169 port 40436 ssh2 Oct 7 15:14:27 sshgateway sshd\[10221\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.17.169 user=root	2019-10-08 01:41:03
37.143.130.124	attackspam	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-10-08 01:21:57
114.67.225.36	attack	Oct 7 20:24:05 www sshd\[55478\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.225.36 user=root Oct 7 20:24:07 www sshd\[55478\]: Failed password for root from 114.67.225.36 port 39042 ssh2 Oct 7 20:28:37 www sshd\[55493\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.225.36 user=root ...	2019-10-08 01:43:22
37.120.217.85	attack	Automatic report - XMLRPC Attack	2019-10-08 01:23:20
147.91.199.116	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-08 01:32:50
190.64.141.18	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2019-10-08 01:48:49
117.50.25.196	attackbots	Oct 07 09:39:40 askasleikir sshd[248236]: Failed password for root from 117.50.25.196 port 35836 ssh2	2019-10-08 01:42:00
206.41.186.46	attack	Automatic report - Banned IP Access	2019-10-08 01:50:18
2400:6180:0:d0::514:4001	attack	C1,WP GET /suche/wp-login.php	2019-10-08 01:16:28
80.211.116.102	attackspam	Oct 7 13:04:51 unicornsoft sshd\[23567\]: User root from 80.211.116.102 not allowed because not listed in AllowUsers Oct 7 13:04:51 unicornsoft sshd\[23567\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.116.102 user=root Oct 7 13:04:53 unicornsoft sshd\[23567\]: Failed password for invalid user root from 80.211.116.102 port 54003 ssh2	2019-10-08 01:48:03
46.38.144.202	attackspam	Oct 7 17:30:38 heicom postfix/smtpd\[32443\]: warning: unknown\[46.38.144.202\]: SASL LOGIN authentication failed: authentication failure Oct 7 17:33:08 heicom postfix/smtpd\[32443\]: warning: unknown\[46.38.144.202\]: SASL LOGIN authentication failed: authentication failure Oct 7 17:35:37 heicom postfix/smtpd\[32443\]: warning: unknown\[46.38.144.202\]: SASL LOGIN authentication failed: authentication failure Oct 7 17:38:07 heicom postfix/smtpd\[30277\]: warning: unknown\[46.38.144.202\]: SASL LOGIN authentication failed: authentication failure Oct 7 17:40:37 heicom postfix/smtpd\[32443\]: warning: unknown\[46.38.144.202\]: SASL LOGIN authentication failed: authentication failure ...	2019-10-08 01:42:52
106.13.175.210	attackbotsspam	Oct 7 19:01:26 vps647732 sshd[7960]: Failed password for root from 106.13.175.210 port 58780 ssh2 ...	2019-10-08 01:18:50
151.80.144.39	attackspam	Automatic report - Banned IP Access	2019-10-08 01:37:17

Recently Reported IPs

110.174.25.163	12.87.154.106	154.51.227.198	122.101.60.204
241.71.203.178	192.229.234.192	111.197.88.9	84.119.22.173
226.29.5.24	86.127.233.30	127.7.106.65	96.230.199.243
114.26.198.136	182.41.1.78	165.22.249.42	83.240.219.234
211.133.198.235	160.156.133.89	23.250.63.70	207.46.200.12