54.38.159.141 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
54.38.159.106	attackbots	Aug 1 00:37:43 mail.srvfarm.net postfix/smtpd[735936]: warning: vps-d3fc4ca1.vps.ovh.net[54.38.159.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 00:37:43 mail.srvfarm.net postfix/smtpd[735936]: lost connection after AUTH from vps-d3fc4ca1.vps.ovh.net[54.38.159.106] Aug 1 00:39:11 mail.srvfarm.net postfix/smtpd[735936]: warning: vps-d3fc4ca1.vps.ovh.net[54.38.159.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 00:39:11 mail.srvfarm.net postfix/smtpd[735936]: lost connection after AUTH from vps-d3fc4ca1.vps.ovh.net[54.38.159.106] Aug 1 00:41:38 mail.srvfarm.net postfix/smtpd[737273]: warning: vps-d3fc4ca1.vps.ovh.net[54.38.159.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 1 00:41:38 mail.srvfarm.net postfix/smtpd[737273]: lost connection after AUTH from vps-d3fc4ca1.vps.ovh.net[54.38.159.106]	2020-08-01 07:16:57
54.38.159.106	attackbots	(smtpauth) Failed SMTP AUTH login from 54.38.159.106 (DE/Germany/vps-d3fc4ca1.vps.ovh.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-30 13:31:22 login authenticator failed for vps-d3fc4ca1.vps.ovh.net (USER) [54.38.159.106]: 535 Incorrect authentication data (set_id=contact@sepasajir.com)	2020-07-30 18:18:31
54.38.159.106	attackspambots	Jul 27 17:44:48 mail.srvfarm.net postfix/smtpd[1956381]: warning: vps-d3fc4ca1.vps.ovh.net[54.38.159.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 27 17:44:48 mail.srvfarm.net postfix/smtpd[1956381]: lost connection after AUTH from vps-d3fc4ca1.vps.ovh.net[54.38.159.106] Jul 27 17:46:19 mail.srvfarm.net postfix/smtpd[1956377]: warning: vps-d3fc4ca1.vps.ovh.net[54.38.159.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 27 17:46:19 mail.srvfarm.net postfix/smtpd[1956377]: lost connection after AUTH from vps-d3fc4ca1.vps.ovh.net[54.38.159.106] Jul 27 17:48:49 mail.srvfarm.net postfix/smtpd[1956381]: warning: vps-d3fc4ca1.vps.ovh.net[54.38.159.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 27 17:48:49 mail.srvfarm.net postfix/smtpd[1956381]: lost connection after AUTH from vps-d3fc4ca1.vps.ovh.net[54.38.159.106]	2020-07-28 01:05:18
54.38.159.106	attack	(smtpauth) Failed SMTP AUTH login from 54.38.159.106 (DE/Germany/vps-d3fc4ca1.vps.ovh.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-26 12:00:24 login authenticator failed for vps-d3fc4ca1.vps.ovh.net (USER) [54.38.159.106]: 535 Incorrect authentication data (set_id=postmaster@sepasajir.com)	2020-07-26 18:05:59
54.38.159.106	attackspam	Jul 25 05:12:45 mail.srvfarm.net postfix/smtpd[366536]: warning: vps-d3fc4ca1.vps.ovh.net[54.38.159.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 25 05:12:45 mail.srvfarm.net postfix/smtpd[366536]: lost connection after AUTH from vps-d3fc4ca1.vps.ovh.net[54.38.159.106] Jul 25 05:14:15 mail.srvfarm.net postfix/smtpd[351345]: warning: vps-d3fc4ca1.vps.ovh.net[54.38.159.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 25 05:14:15 mail.srvfarm.net postfix/smtpd[351345]: lost connection after AUTH from vps-d3fc4ca1.vps.ovh.net[54.38.159.106] Jul 25 05:16:44 mail.srvfarm.net postfix/smtpd[351345]: warning: vps-d3fc4ca1.vps.ovh.net[54.38.159.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-07-25 15:10:31
54.38.159.106	attackbots	Lines containing failures of 54.38.159.106 2020-07-20 10:46:17 dovecot_login authenticator failed for vps-d3fc4ca1.vps.ovh.net (USER) [54.38.159.106]: 535 Incorrect authentication data (set_id=cumplmsameargaasta193) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=54.38.159.106	2020-07-25 01:33:06
54.38.159.106	attackspam	(smtpauth) Failed SMTP AUTH login from 54.38.159.106 (DE/Germany/vps-d3fc4ca1.vps.ovh.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-23 11:25:41 login authenticator failed for vps-d3fc4ca1.vps.ovh.net (USER) [54.38.159.106]: 535 Incorrect authentication data (set_id=info@sepasajir.com)	2020-07-23 18:40:23
54.38.159.106	attackbotsspam	Jul 22 22:47:13 mail.srvfarm.net postfix/smtpd[1067647]: warning: vps-d3fc4ca1.vps.ovh.net[54.38.159.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 22 22:47:13 mail.srvfarm.net postfix/smtpd[1067647]: lost connection after AUTH from vps-d3fc4ca1.vps.ovh.net[54.38.159.106] Jul 22 22:48:41 mail.srvfarm.net postfix/smtpd[1068582]: warning: vps-d3fc4ca1.vps.ovh.net[54.38.159.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 22 22:48:41 mail.srvfarm.net postfix/smtpd[1068582]: lost connection after AUTH from vps-d3fc4ca1.vps.ovh.net[54.38.159.106] Jul 22 22:51:06 mail.srvfarm.net postfix/smtpd[1067643]: warning: vps-d3fc4ca1.vps.ovh.net[54.38.159.106]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-07-23 06:01:50
54.38.159.56	attackbots	Jun 29 13:25:57 h2779839 sshd[29746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.159.56 user=root Jun 29 13:25:59 h2779839 sshd[29746]: Failed password for root from 54.38.159.56 port 42148 ssh2 Jun 29 13:29:12 h2779839 sshd[29792]: Invalid user test from 54.38.159.56 port 41510 Jun 29 13:29:12 h2779839 sshd[29792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.159.56 Jun 29 13:29:12 h2779839 sshd[29792]: Invalid user test from 54.38.159.56 port 41510 Jun 29 13:29:14 h2779839 sshd[29792]: Failed password for invalid user test from 54.38.159.56 port 41510 ssh2 Jun 29 13:32:24 h2779839 sshd[29822]: Invalid user pentaho from 54.38.159.56 port 40876 Jun 29 13:32:24 h2779839 sshd[29822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.159.56 Jun 29 13:32:24 h2779839 sshd[29822]: Invalid user pentaho from 54.38.159.56 port 40876 Jun 29 13:32:26 h27 ...	2020-06-29 20:40:02
54.38.159.56	attackspam	2020-06-26T13:27:58+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-06-26 22:40:57
54.38.159.178	attackspam	Jun 24 12:01:48 scw-focused-cartwright sshd[2067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.159.178 Jun 24 12:01:50 scw-focused-cartwright sshd[2067]: Failed password for invalid user bimap from 54.38.159.178 port 45310 ssh2	2020-06-25 03:59:51
54.38.159.178	attack	2020-06-23T10:26:35.091834sd-86998 sshd[18684]: Invalid user redmine from 54.38.159.178 port 43648 2020-06-23T10:26:35.097738sd-86998 sshd[18684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.ip-54-38-159.eu 2020-06-23T10:26:35.091834sd-86998 sshd[18684]: Invalid user redmine from 54.38.159.178 port 43648 2020-06-23T10:26:37.222596sd-86998 sshd[18684]: Failed password for invalid user redmine from 54.38.159.178 port 43648 ssh2 2020-06-23T10:35:23.771653sd-86998 sshd[19747]: Invalid user redmine from 54.38.159.178 port 45216 ...	2020-06-23 18:34:01
54.38.159.178	attack	2020-06-22T07:23:16.505130sd-86998 sshd[8945]: Invalid user abc123 from 54.38.159.178 port 38896 2020-06-22T07:23:16.510264sd-86998 sshd[8945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.ip-54-38-159.eu 2020-06-22T07:23:16.505130sd-86998 sshd[8945]: Invalid user abc123 from 54.38.159.178 port 38896 2020-06-22T07:23:19.116850sd-86998 sshd[8945]: Failed password for invalid user abc123 from 54.38.159.178 port 38896 ssh2 2020-06-22T07:26:27.676154sd-86998 sshd[9373]: Invalid user 123456789 from 54.38.159.178 port 40454 ...	2020-06-22 15:33:02
54.38.159.178	attack	2020-06-21T09:00:50.601637sd-86998 sshd[38391]: Invalid user matthias from 54.38.159.178 port 40608 2020-06-21T09:00:50.608582sd-86998 sshd[38391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.ip-54-38-159.eu 2020-06-21T09:00:50.601637sd-86998 sshd[38391]: Invalid user matthias from 54.38.159.178 port 40608 2020-06-21T09:00:52.649841sd-86998 sshd[38391]: Failed password for invalid user matthias from 54.38.159.178 port 40608 ssh2 2020-06-21T09:02:43.675621sd-86998 sshd[38658]: Invalid user matthias from 54.38.159.178 port 42174 ...	2020-06-21 15:55:09
54.38.159.178	attack	2020-06-20T18:24:58.130500sd-86998 sshd[26561]: Invalid user mandi from 54.38.159.178 port 59646 2020-06-20T18:24:58.135645sd-86998 sshd[26561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.ip-54-38-159.eu 2020-06-20T18:24:58.130500sd-86998 sshd[26561]: Invalid user mandi from 54.38.159.178 port 59646 2020-06-20T18:25:00.369020sd-86998 sshd[26561]: Failed password for invalid user mandi from 54.38.159.178 port 59646 ssh2 2020-06-20T18:26:33.187901sd-86998 sshd[26842]: Invalid user mandi from 54.38.159.178 port 32978 ...	2020-06-21 00:37:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.38.159.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41111
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;54.38.159.141.			IN	A

;; AUTHORITY SECTION:
.			164	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022083000 1800 900 604800 86400

;; Query time: 76 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 30 20:55:47 CST 2022
;; MSG SIZE  rcvd: 106

Host info

141.159.38.54.in-addr.arpa domain name pointer 141.ip-54-38-159.eu.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
141.159.38.54.in-addr.arpa	name = 141.ip-54-38-159.eu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.55.39.97	attackbotsspam	Automatic report - Banned IP Access	2019-11-19 03:28:54
123.206.46.177	attack	2019-11-18T13:18:03.3144501495-001 sshd\[30080\]: Invalid user taghvatalab from 123.206.46.177 port 47332 2019-11-18T13:18:03.3218801495-001 sshd\[30080\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.46.177 2019-11-18T13:18:04.7497511495-001 sshd\[30080\]: Failed password for invalid user taghvatalab from 123.206.46.177 port 47332 ssh2 2019-11-18T13:43:39.3599591495-001 sshd\[31004\]: Invalid user jadyn from 123.206.46.177 port 47004 2019-11-18T13:43:39.3634031495-001 sshd\[31004\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.46.177 2019-11-18T13:43:40.9913841495-001 sshd\[31004\]: Failed password for invalid user jadyn from 123.206.46.177 port 47004 ssh2 ...	2019-11-19 03:34:20
151.236.247.141	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/151.236.247.141/ MK - 1H : (2) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MK NAME ASN : ASN199128 IP : 151.236.247.141 CIDR : 151.236.247.0/24 PREFIX COUNT : 10 UNIQUE IP COUNT : 5376 ATTACKS DETECTED ASN199128 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-18 15:48:51 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-19 03:36:30
113.104.242.213	attack	Nov 18 19:54:05 root sshd[20985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.213 Nov 18 19:54:07 root sshd[20985]: Failed password for invalid user famine from 113.104.242.213 port 35880 ssh2 Nov 18 19:58:30 root sshd[21059]: Failed password for root from 113.104.242.213 port 35853 ssh2 ...	2019-11-19 03:52:50
206.72.194.47	attackbots	RDP Bruteforce	2019-11-19 03:58:02
142.93.214.20	attackspambots	Brute-force attempt banned	2019-11-19 03:35:00
124.156.50.89	attack	Fail2Ban Ban Triggered	2019-11-19 03:27:55
62.74.95.239	attackbots	Automatic report - Port Scan Attack	2019-11-19 03:55:13
157.245.111.175	attackbotsspam	SSH brute-force: detected 6 distinct usernames within a 24-hour window.	2019-11-19 04:01:53
181.224.184.67	attackspam	2019-11-18T19:05:34.334811abusebot-4.cloudsearch.cf sshd\[20025\]: Invalid user guest12345678 from 181.224.184.67 port 52731	2019-11-19 03:25:16
106.12.88.126	attack	Nov 18 20:10:57 MainVPS sshd[3697]: Invalid user andy from 106.12.88.126 port 53414 Nov 18 20:10:57 MainVPS sshd[3697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.88.126 Nov 18 20:10:57 MainVPS sshd[3697]: Invalid user andy from 106.12.88.126 port 53414 Nov 18 20:10:58 MainVPS sshd[3697]: Failed password for invalid user andy from 106.12.88.126 port 53414 ssh2 Nov 18 20:15:00 MainVPS sshd[10810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.88.126 user=root Nov 18 20:15:01 MainVPS sshd[10810]: Failed password for root from 106.12.88.126 port 60120 ssh2 ...	2019-11-19 03:26:40
190.247.158.127	attackspam	Web Probe / Attack	2019-11-19 03:48:25
116.214.56.11	attackbots	SSH brutforce	2019-11-19 03:51:09
139.199.48.217	attack	[ssh] SSH attack	2019-11-19 03:40:50
222.186.175.202	attackspambots	Nov 18 20:30:00 mail sshd[11070]: Failed password for root from 222.186.175.202 port 32072 ssh2 Nov 18 20:30:03 mail sshd[11070]: Failed password for root from 222.186.175.202 port 32072 ssh2 Nov 18 20:30:07 mail sshd[11070]: Failed password for root from 222.186.175.202 port 32072 ssh2 Nov 18 20:30:10 mail sshd[11070]: Failed password for root from 222.186.175.202 port 32072 ssh2	2019-11-19 03:48:08

Recently Reported IPs

1.2.170.249	181.214.173.233	103.133.254.3	116.170.69.81
106.55.117.223	103.16.24.89	103.16.24.213	3.27.31.239
154.26.132.230	104.166.161.236	235.99.144.75	13.33.88.112
43.128.104.42	105.63.153.200	188.166.64.6	197.41.122.128
93.38.114.242	79.12.158.9	104.149.175.152	176.234.223.175