54.38.139.210 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: France

Internet Service Provider: OVH SAS

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Repeated brute force against a port	2020-10-14 00:55:15
attack	Oct 13 07:45:38 plex-server sshd[1011892]: Invalid user seikom from 54.38.139.210 port 36282 Oct 13 07:45:38 plex-server sshd[1011892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 Oct 13 07:45:38 plex-server sshd[1011892]: Invalid user seikom from 54.38.139.210 port 36282 Oct 13 07:45:40 plex-server sshd[1011892]: Failed password for invalid user seikom from 54.38.139.210 port 36282 ssh2 Oct 13 07:49:20 plex-server sshd[1013388]: Invalid user steven from 54.38.139.210 port 41138 ...	2020-10-13 16:05:40
attackspam	Oct 12 23:00:16 pve1 sshd[2595]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 Oct 12 23:00:19 pve1 sshd[2595]: Failed password for invalid user dumitru from 54.38.139.210 port 35854 ssh2 ...	2020-10-13 08:40:28
attack	Sep 26 17:52:38 rotator sshd\[7604\]: Address 54.38.139.210 maps to ip-54-38-139.eu, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 26 17:52:39 rotator sshd\[7604\]: Failed password for root from 54.38.139.210 port 43808 ssh2Sep 26 17:56:46 rotator sshd\[8382\]: Address 54.38.139.210 maps to ip-54-38-139.eu, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 26 17:56:46 rotator sshd\[8382\]: Invalid user micha from 54.38.139.210Sep 26 17:56:48 rotator sshd\[8382\]: Failed password for invalid user micha from 54.38.139.210 port 53120 ssh2Sep 26 18:00:48 rotator sshd\[9167\]: Address 54.38.139.210 maps to ip-54-38-139.eu, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 26 18:00:48 rotator sshd\[9167\]: Invalid user ftp from 54.38.139.210 ...	2020-09-27 04:22:07
attackbots	Triggered by Fail2Ban at Ares web server	2020-09-26 20:30:07
attack	Sep 26 04:26:52 rotator sshd\[8728\]: Address 54.38.139.210 maps to ip-54-38-139.eu, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 26 04:26:52 rotator sshd\[8728\]: Invalid user sinus from 54.38.139.210Sep 26 04:26:54 rotator sshd\[8728\]: Failed password for invalid user sinus from 54.38.139.210 port 36948 ssh2Sep 26 04:31:05 rotator sshd\[9513\]: Address 54.38.139.210 maps to ip-54-38-139.eu, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 26 04:31:05 rotator sshd\[9513\]: Invalid user david from 54.38.139.210Sep 26 04:31:07 rotator sshd\[9513\]: Failed password for invalid user david from 54.38.139.210 port 47342 ssh2 ...	2020-09-26 12:13:23
attackbotsspam	Invalid user ifp from 54.38.139.210 port 40122	2020-09-05 23:04:19
attack	Brute-force attempt banned	2020-09-05 07:17:42
attack	(sshd) Failed SSH login from 54.38.139.210 (PL/Poland/ip-54-38-139.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 29 15:22:53 s1 sshd[22982]: Invalid user postgres from 54.38.139.210 port 43516 Aug 29 15:22:56 s1 sshd[22982]: Failed password for invalid user postgres from 54.38.139.210 port 43516 ssh2 Aug 29 15:37:51 s1 sshd[23558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 user=root Aug 29 15:37:53 s1 sshd[23558]: Failed password for root from 54.38.139.210 port 56736 ssh2 Aug 29 15:41:52 s1 sshd[23715]: Invalid user oracle from 54.38.139.210 port 34964	2020-08-30 00:35:33
attackbots	SSH Brute-Forcing (server2)	2020-08-05 05:43:49
attackspambots	2020-08-03T21:26:32.532490shield sshd\[29831\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 user=root 2020-08-03T21:26:34.904261shield sshd\[29831\]: Failed password for root from 54.38.139.210 port 51776 ssh2 2020-08-03T21:30:39.561434shield sshd\[30334\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 user=root 2020-08-03T21:30:41.832828shield sshd\[30334\]: Failed password for root from 54.38.139.210 port 36062 ssh2 2020-08-03T21:34:48.694992shield sshd\[31163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 user=root	2020-08-04 07:49:28
attack	[ssh] SSH attack	2020-07-31 02:39:50
attackspam	Jul 25 03:33:58 webhost01 sshd[11282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 Jul 25 03:34:00 webhost01 sshd[11282]: Failed password for invalid user abb from 54.38.139.210 port 46022 ssh2 ...	2020-07-25 04:37:09
attackbots	Jul 16 10:28:14 ift sshd\[65375\]: Invalid user demo from 54.38.139.210Jul 16 10:28:15 ift sshd\[65375\]: Failed password for invalid user demo from 54.38.139.210 port 34782 ssh2Jul 16 10:32:24 ift sshd\[1316\]: Invalid user mariann from 54.38.139.210Jul 16 10:32:26 ift sshd\[1316\]: Failed password for invalid user mariann from 54.38.139.210 port 48516 ssh2Jul 16 10:36:41 ift sshd\[2246\]: Invalid user angelina from 54.38.139.210 ...	2020-07-16 15:52:36
attack	2020-07-11T08:39:46+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-07-11 14:46:57
attack	2020-07-04T05:10:17.765600ks3355764 sshd[6889]: Invalid user xuyf from 54.38.139.210 port 54740 2020-07-04T05:10:19.589490ks3355764 sshd[6889]: Failed password for invalid user xuyf from 54.38.139.210 port 54740 ssh2 ...	2020-07-04 11:15:18
attackspam	prod6 ...	2020-06-29 07:37:53
attackspam	Jun 24 23:04:41 dignus sshd[10866]: Failed password for invalid user test_user from 54.38.139.210 port 49094 ssh2 Jun 24 23:07:58 dignus sshd[11127]: Invalid user csgoserver from 54.38.139.210 port 47524 Jun 24 23:07:58 dignus sshd[11127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 Jun 24 23:08:00 dignus sshd[11127]: Failed password for invalid user csgoserver from 54.38.139.210 port 47524 ssh2 Jun 24 23:11:21 dignus sshd[11409]: Invalid user ftpuser from 54.38.139.210 port 45952 ...	2020-06-25 14:47:33
attackbots	Jun 24 14:05:01 vmd48417 sshd[31829]: Failed password for root from 54.38.139.210 port 39454 ssh2	2020-06-25 01:15:21
attackspambots	Jun 13 14:21:57 onepixel sshd[784633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 Jun 13 14:21:57 onepixel sshd[784633]: Invalid user xy from 54.38.139.210 port 39530 Jun 13 14:22:00 onepixel sshd[784633]: Failed password for invalid user xy from 54.38.139.210 port 39530 ssh2 Jun 13 14:25:37 onepixel sshd[785116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 user=root Jun 13 14:25:39 onepixel sshd[785116]: Failed password for root from 54.38.139.210 port 41588 ssh2	2020-06-14 00:06:34
attackbots	May 20 01:04:22 ajax sshd[2244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 May 20 01:04:24 ajax sshd[2244]: Failed password for invalid user lis from 54.38.139.210 port 35532 ssh2	2020-05-20 08:36:29
attackspam	2020-05-19 20:47:51,063 fail2ban.actions [937]: NOTICE [sshd] Ban 54.38.139.210 2020-05-19 21:23:42,906 fail2ban.actions [937]: NOTICE [sshd] Ban 54.38.139.210 2020-05-19 21:58:58,203 fail2ban.actions [937]: NOTICE [sshd] Ban 54.38.139.210 2020-05-19 22:34:03,598 fail2ban.actions [937]: NOTICE [sshd] Ban 54.38.139.210 2020-05-19 23:09:35,755 fail2ban.actions [937]: NOTICE [sshd] Ban 54.38.139.210 ...	2020-05-20 05:24:31
attackbotsspam	Invalid user nita from 54.38.139.210 port 51944	2020-05-03 16:57:26
attack	Apr 28 14:50:11 prox sshd[9439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 Apr 28 14:50:13 prox sshd[9439]: Failed password for invalid user sistema from 54.38.139.210 port 54720 ssh2	2020-04-28 22:04:59
attackbots	detected by Fail2Ban	2020-04-27 00:04:42
attackbotsspam	2020-04-25T21:27:11.388410abusebot-7.cloudsearch.cf sshd[6634]: Invalid user ramya from 54.38.139.210 port 53174 2020-04-25T21:27:11.396634abusebot-7.cloudsearch.cf sshd[6634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 2020-04-25T21:27:11.388410abusebot-7.cloudsearch.cf sshd[6634]: Invalid user ramya from 54.38.139.210 port 53174 2020-04-25T21:27:13.592674abusebot-7.cloudsearch.cf sshd[6634]: Failed password for invalid user ramya from 54.38.139.210 port 53174 ssh2 2020-04-25T21:35:51.719237abusebot-7.cloudsearch.cf sshd[7253]: Invalid user pipo from 54.38.139.210 port 42948 2020-04-25T21:35:51.724593abusebot-7.cloudsearch.cf sshd[7253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 2020-04-25T21:35:51.719237abusebot-7.cloudsearch.cf sshd[7253]: Invalid user pipo from 54.38.139.210 port 42948 2020-04-25T21:35:52.972272abusebot-7.cloudsearch.cf sshd[7253]: Failed password ...	2020-04-26 05:47:07
attackbotsspam	Apr 21 00:23:11 NPSTNNYC01T sshd[17028]: Failed password for root from 54.38.139.210 port 34376 ssh2 Apr 21 00:27:09 NPSTNNYC01T sshd[17220]: Failed password for root from 54.38.139.210 port 43408 ssh2 Apr 21 00:31:06 NPSTNNYC01T sshd[17402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.139.210 ...	2020-04-21 13:36:24
attackspambots	Apr 20 09:02:12 sshd\[16945\]: Invalid user admin from 54.38.139.210Apr 20 09:02:14 sshd\[16945\]: Failed password for invalid user admin from 54.38.139.210 port 58782 ssh2 ...	2020-04-20 15:43:27
attack	$f2bV_matches	2020-04-12 05:20:14
attackbots	B: Abusive ssh attack	2020-04-06 19:47:50

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.38.139.210
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32024
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.38.139.210.			IN	A

;; AUTHORITY SECTION:
.			361	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121902 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 20 13:08:21 CST 2019
;; MSG SIZE  rcvd: 117

Host info

210.139.38.54.in-addr.arpa domain name pointer ip-54-38-139.eu.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
210.139.38.54.in-addr.arpa	name = ip-54-38-139.eu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.96.49.189	attackbots	Jan 1 11:51:12 firewall sshd[23580]: Invalid user william from 190.96.49.189 Jan 1 11:51:14 firewall sshd[23580]: Failed password for invalid user william from 190.96.49.189 port 41166 ssh2 Jan 1 11:56:56 firewall sshd[23635]: Invalid user tend from 190.96.49.189 ...	2020-01-01 23:14:26
14.176.88.68	attackbotsspam	1577859739 - 01/01/2020 07:22:19 Host: 14.176.88.68/14.176.88.68 Port: 445 TCP Blocked	2020-01-01 22:37:54
222.186.52.189	attackspambots	Jan 1 15:59:02 ns37 sshd[8213]: Failed password for root from 222.186.52.189 port 24628 ssh2 Jan 1 15:59:02 ns37 sshd[8213]: Failed password for root from 222.186.52.189 port 24628 ssh2 Jan 1 15:59:03 ns37 sshd[8213]: Failed password for root from 222.186.52.189 port 24628 ssh2	2020-01-01 23:00:15
49.234.68.13	attack	" "	2020-01-01 23:13:58
113.221.88.39	attackbotsspam	Scanning	2020-01-01 22:52:39
139.199.100.81	attack	$f2bV_matches	2020-01-01 22:45:40
188.213.165.47	attack	Jan 1 14:51:19 solowordpress sshd[10181]: Invalid user alixandria from 188.213.165.47 port 34972 ...	2020-01-01 22:48:09
122.165.187.114	attackspam	Jan 1 14:48:25 vps691689 sshd[12796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.165.187.114 Jan 1 14:48:26 vps691689 sshd[12796]: Failed password for invalid user Abcd@12345 from 122.165.187.114 port 50244 ssh2 Jan 1 14:52:54 vps691689 sshd[12858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.165.187.114 ...	2020-01-01 22:39:25
118.139.224.92	attackspam	01/01/2020-07:22:14.835088 118.139.224.92 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-01-01 22:39:53
36.81.138.52	attack	1577859711 - 01/01/2020 07:21:51 Host: 36.81.138.52/36.81.138.52 Port: 445 TCP Blocked	2020-01-01 22:56:08
31.184.177.6	attackbots	$f2bV_matches	2020-01-01 22:46:10
218.92.0.168	attack	Jan 1 10:14:10 plusreed sshd[12573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168 user=root Jan 1 10:14:12 plusreed sshd[12573]: Failed password for root from 218.92.0.168 port 47489 ssh2 ...	2020-01-01 23:16:22
180.245.206.173	attackbotsspam	Unauthorized connection attempt detected from IP address 180.245.206.173 to port 445	2020-01-01 22:33:15
91.123.70.209	attackspam	Unauthorized connection attempt detected from IP address 91.123.70.209 to port 5555	2020-01-01 22:42:48
125.164.15.46	attack	1577890482 - 01/01/2020 15:54:42 Host: 125.164.15.46/125.164.15.46 Port: 445 TCP Blocked	2020-01-01 23:05:56

Recently Reported IPs

40.92.11.86	194.33.45.204	103.3.59.154	91.233.46.44
167.86.119.71	63.149.177.58	113.88.165.21	40.92.10.60
223.216.134.248	188.255.125.124	113.179.150.42	106.58.220.87
116.239.104.216	187.162.117.141	117.0.59.86	44.143.157.244
113.104.243.206	48.212.229.93	129.73.92.195	143.78.43.188