54.38.92.50 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: France

Internet Service Provider: OVH SAS

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	(mod_security) mod_security (id:225170) triggered by 54.38.92.50 (FR/France/ns3127508.ip-54-38-92.eu): 5 in the last 3600 secs	2020-06-03 07:43:09

Comments on same subnet:

IP	Type	Details	Datetime
54.38.92.4	attackbots	HTTP/80/443/8080 Probe, BF, WP, Hack -	2020-08-21 17:00:16
54.38.92.35	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-14 02:53:56
54.38.92.35	attackspambots	Fail2Ban Ban Triggered	2020-08-13 04:04:33
54.38.92.35	attackspambots	firewall-block, port(s): 270/tcp	2020-08-05 18:10:48
54.38.92.35	attackbotsspam	TCP (SYN) 54.38.92.35:60000 -> port 130, len 44	2020-07-21 23:50:52
54.38.92.35	attackspambots	Jul 13 17:21:53 debian-2gb-nbg1-2 kernel: \[16912287.195278\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=54.38.92.35 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=34297 PROTO=TCP SPT=60000 DPT=7033 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-14 01:26:03
54.38.92.35	attackbots	Port scan: Attack repeated for 24 hours	2020-07-02 08:37:53
54.38.92.35	attack	firewall-block, port(s): 7002/tcp	2020-06-12 02:41:27
54.38.92.35	attackspambots	Port scan(s) denied	2020-04-20 18:52:30
54.38.92.35	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 37 - port: 5000 proto: TCP cat: Misc Attack	2020-04-18 04:35:42
54.38.92.35	attack	2019-12-17T06:32:14.984Z CLOSE host=54.38.92.35 port=60000 fd=4 time=40.041 bytes=33 ...	2020-03-13 02:59:38
54.38.92.35	attack	Mar 10 09:37:06 nginx sshd[19285]: Connection from 54.38.92.35 port 60000 on 10.23.102.80 port 22 Mar 10 09:37:06 nginx sshd[19285]: Did not receive identification string from 54.38.92.35	2020-03-10 16:52:39
54.38.92.35	attackspam	Trying ports that it shouldn't be.	2020-03-10 07:25:06
54.38.92.35	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 38 - port: 44444 proto: TCP cat: Misc Attack	2020-02-25 13:34:01
54.38.92.35	attackbots	Unauthorized connection attempt detected from IP address 54.38.92.35 to port 22 [J]	2020-02-04 01:46:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.38.92.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53956
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.38.92.50.			IN	A

;; AUTHORITY SECTION:
.			483	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060202 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 03 07:43:06 CST 2020
;; MSG SIZE  rcvd: 115

Host info

50.92.38.54.in-addr.arpa domain name pointer ns3127508.ip-54-38-92.eu.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
50.92.38.54.in-addr.arpa	name = ns3127508.ip-54-38-92.eu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.252.83.82	attack	Unauthorized connection attempt from IP address 190.252.83.82 on Port 445(SMB)	2020-10-13 02:43:57
120.53.10.17	attackbots	Invalid user tanabe from 120.53.10.17 port 45596	2020-10-13 02:53:04
112.85.42.174	attackspam	Oct 12 20:43:08 srv-ubuntu-dev3 sshd[9652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root Oct 12 20:43:10 srv-ubuntu-dev3 sshd[9652]: Failed password for root from 112.85.42.174 port 5405 ssh2 Oct 12 20:43:13 srv-ubuntu-dev3 sshd[9652]: Failed password for root from 112.85.42.174 port 5405 ssh2 Oct 12 20:43:08 srv-ubuntu-dev3 sshd[9652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root Oct 12 20:43:10 srv-ubuntu-dev3 sshd[9652]: Failed password for root from 112.85.42.174 port 5405 ssh2 Oct 12 20:43:13 srv-ubuntu-dev3 sshd[9652]: Failed password for root from 112.85.42.174 port 5405 ssh2 Oct 12 20:43:08 srv-ubuntu-dev3 sshd[9652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root Oct 12 20:43:10 srv-ubuntu-dev3 sshd[9652]: Failed password for root from 112.85.42.174 port 5405 ssh2 Oct 12 20:43:1 ...	2020-10-13 02:53:28
162.243.128.189	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-13 02:32:26
110.182.76.159	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-13 02:45:14
74.208.29.91	attack	(sshd) Failed SSH login from 74.208.29.91 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 16:41:35 optimus sshd[4121]: Invalid user diamond from 74.208.29.91 Oct 11 16:41:35 optimus sshd[4121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.208.29.91 Oct 11 16:41:38 optimus sshd[4121]: Failed password for invalid user diamond from 74.208.29.91 port 60860 ssh2 Oct 11 16:45:07 optimus sshd[6023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.208.29.91 user=root Oct 11 16:45:10 optimus sshd[6023]: Failed password for root from 74.208.29.91 port 39378 ssh2	2020-10-13 02:45:40
187.212.199.107	attackbotsspam	Oct 12 18:51:29 gitlab sshd[663301]: Failed password for invalid user marit from 187.212.199.107 port 20478 ssh2 Oct 12 18:54:37 gitlab sshd[663804]: Invalid user takashi from 187.212.199.107 port 18679 Oct 12 18:54:37 gitlab sshd[663804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.212.199.107 Oct 12 18:54:37 gitlab sshd[663804]: Invalid user takashi from 187.212.199.107 port 18679 Oct 12 18:54:39 gitlab sshd[663804]: Failed password for invalid user takashi from 187.212.199.107 port 18679 ssh2 ...	2020-10-13 02:55:06
180.215.64.98	attackspam	Attempts to probe web pages for vulnerable PHP or other applications	2020-10-13 02:50:12
129.213.40.181	attackbots	Oct 12 20:36:47 host1 sshd[7034]: Failed password for root from 129.213.40.181 port 49106 ssh2 Oct 12 20:41:55 host1 sshd[8711]: Invalid user divya from 129.213.40.181 port 54778 Oct 12 20:41:55 host1 sshd[8711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.40.181 Oct 12 20:41:55 host1 sshd[8711]: Invalid user divya from 129.213.40.181 port 54778 Oct 12 20:41:57 host1 sshd[8711]: Failed password for invalid user divya from 129.213.40.181 port 54778 ssh2 ...	2020-10-13 02:52:42
167.172.164.37	attackspambots	[f2b] sshd bruteforce, retries: 1	2020-10-13 02:34:54
92.81.222.217	attackspambots	Oct 12 13:33:29 mavik sshd[30841]: Failed password for invalid user peotr from 92.81.222.217 port 54412 ssh2 Oct 12 13:36:43 mavik sshd[31052]: Invalid user ogura from 92.81.222.217 Oct 12 13:36:43 mavik sshd[31052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.81.222.217 Oct 12 13:36:45 mavik sshd[31052]: Failed password for invalid user ogura from 92.81.222.217 port 37230 ssh2 Oct 12 13:40:01 mavik sshd[31334]: Invalid user bittante from 92.81.222.217 ...	2020-10-13 02:55:54
220.186.184.60	attackspam	Automatic report - Banned IP Access	2020-10-13 03:00:27
41.182.123.79	attack	Invalid user mustang from 41.182.123.79 port 48022	2020-10-13 02:54:29
37.139.17.137	attackspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-13 02:38:37
195.23.112.249	attackspambots	Unauthorized connection attempt from IP address 195.23.112.249 on Port 445(SMB)	2020-10-13 02:35:52

Recently Reported IPs

191.79.170.167	58.32.9.190	85.99.157.202	161.130.46.79
86.195.191.236	95.109.88.253	166.142.137.227	2.181.1.224
188.70.127.212	3.12.167.8	211.135.211.33	185.147.45.150
59.127.53.6	34.248.238.130	51.195.136.190	165.147.244.231
109.16.59.222	177.75.94.237	126.82.152.127	63.106.138.26