54.39.13.21 - IPInfo

Basic Info

City: Montreal

Region: Quebec

Country: Canada

Internet Service Provider: OVH Hosting Inc.

Hostname: unknown

Organization: OVH SAS

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	fake company sending phishes from bpk8th@rp.smtp.emailpostal.com with a reply to of sales@prmtr.xyz	2019-07-04 05:56:16

Comments on same subnet:

IP	Type	Details	Datetime
54.39.130.22	normal	Servidor de Minecraft: Galaxy Craft hugvitortavares@gmail.com hugvitorgamer@gmail.com hugcontas@gmail.com brgalaxy123@gmail.com	2021-05-12 03:32:45
54.39.133.91	attack	18648/tcp 6838/tcp 23330/tcp... [2020-07-12/09-12]133pkt,51pt.(tcp)	2020-09-13 01:05:55
54.39.133.91	attack	Sep 12 09:54:57 root sshd[15470]: Failed password for root from 54.39.133.91 port 44162 ssh2 Sep 12 10:01:47 root sshd[21532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.133.91 ...	2020-09-12 17:03:54
54.39.138.246	attackbots	Port Scan detected from 54.39.138.246 (CA/Canada/Alberta/St. Albert/ip246.ip-54-39-138.net). 4 hits in the last 105 seconds	2020-09-10 23:04:16
54.39.138.246	attack	Port Scan detected from 54.39.138.246 (CA/Canada/Alberta/St. Albert/ip246.ip-54-39-138.net). 4 hits in the last 105 seconds	2020-09-10 14:36:07
54.39.138.246	attack	Port Scan detected from 54.39.138.246 (CA/Canada/Alberta/St. Albert/ip246.ip-54-39-138.net). 4 hits in the last 105 seconds	2020-09-10 05:16:34
54.39.133.91	attackbotsspam	TCP (SYN) 54.39.133.91:46758 -> port 16625, len 44	2020-09-05 22:58:01
54.39.138.246	attackbots	detected by Fail2Ban	2020-09-05 21:44:06
54.39.133.91	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 38 - port: 16625 proto: tcp cat: Misc Attackbytes: 60	2020-09-05 14:33:25
54.39.138.246	attackbots	$f2bV_matches	2020-09-05 13:20:35
54.39.133.91	attack	2020-09-05T02:59:58.124541paragon sshd[134037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.133.91 2020-09-05T02:59:58.120819paragon sshd[134037]: Invalid user vitor from 54.39.133.91 port 54350 2020-09-05T02:59:59.977600paragon sshd[134037]: Failed password for invalid user vitor from 54.39.133.91 port 54350 ssh2 2020-09-05T03:02:14.344829paragon sshd[134076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.133.91 user=root 2020-09-05T03:02:16.537739paragon sshd[134076]: Failed password for root from 54.39.133.91 port 39312 ssh2 ...	2020-09-05 07:13:33
54.39.138.246	attackspambots	Time: Sun Aug 30 14:26:31 2020 +0000 IP: 54.39.138.246 (CA/Canada/ip246.ip-54-39-138.net) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 30 14:20:22 vps1 sshd[17898]: Invalid user ui from 54.39.138.246 port 46132 Aug 30 14:20:25 vps1 sshd[17898]: Failed password for invalid user ui from 54.39.138.246 port 46132 ssh2 Aug 30 14:23:28 vps1 sshd[17964]: Invalid user airadmin from 54.39.138.246 port 41270 Aug 30 14:23:30 vps1 sshd[17964]: Failed password for invalid user airadmin from 54.39.138.246 port 41270 ssh2 Aug 30 14:26:29 vps1 sshd[18034]: Invalid user wacos from 54.39.138.246 port 36410	2020-08-31 03:57:04
54.39.138.251	attack	Aug 28 00:01:36 abendstille sshd\[22958\]: Invalid user cc from 54.39.138.251 Aug 28 00:01:36 abendstille sshd\[22958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.138.251 Aug 28 00:01:38 abendstille sshd\[22958\]: Failed password for invalid user cc from 54.39.138.251 port 57248 ssh2 Aug 28 00:05:29 abendstille sshd\[26952\]: Invalid user gmodserver from 54.39.138.251 Aug 28 00:05:29 abendstille sshd\[26952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.138.251 ...	2020-08-28 06:09:07
54.39.133.91	attackbotsspam	Time: Tue Aug 25 20:05:12 2020 +0000 IP: 54.39.133.91 (CA/Canada/ns565253.ip-54-39-133.net) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 25 19:56:45 hosting sshd[21348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.133.91 user=root Aug 25 19:56:46 hosting sshd[21348]: Failed password for root from 54.39.133.91 port 40114 ssh2 Aug 25 20:01:45 hosting sshd[21758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.133.91 user=ftp Aug 25 20:01:47 hosting sshd[21758]: Failed password for ftp from 54.39.133.91 port 37064 ssh2 Aug 25 20:05:09 hosting sshd[21987]: Invalid user hydro from 54.39.133.91 port 45540	2020-08-26 04:59:05
54.39.133.91	attackspam	Aug 23 23:31:42 lukav-desktop sshd\[18847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.133.91 user=root Aug 23 23:31:44 lukav-desktop sshd\[18847\]: Failed password for root from 54.39.133.91 port 53520 ssh2 Aug 23 23:35:06 lukav-desktop sshd\[18862\]: Invalid user ftpuser from 54.39.133.91 Aug 23 23:35:06 lukav-desktop sshd\[18862\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.133.91 Aug 23 23:35:08 lukav-desktop sshd\[18862\]: Failed password for invalid user ftpuser from 54.39.133.91 port 32786 ssh2	2020-08-24 05:02:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.39.13.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26775
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.39.13.21.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070302 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 04 05:56:11 CST 2019
;; MSG SIZE  rcvd: 115

Host info

21.13.39.54.in-addr.arpa domain name pointer mail2.square.property.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
21.13.39.54.in-addr.arpa	name = mail2.square.property.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.161.13.137	attack	Unauthorized connection attempt from IP address 193.161.13.137 on Port 445(SMB)	2020-09-01 01:41:12
217.182.140.117	attack	GET /wp-login.php HTTP/1.1	2020-09-01 01:44:06
138.97.23.190	attackspam	2020-08-31 18:00:48,963 fail2ban.actions: WARNING [ssh] Ban 138.97.23.190	2020-09-01 01:42:36
149.202.160.188	attackspam	2020-08-31T15:46:27.042317lavrinenko.info sshd[12036]: Invalid user zt from 149.202.160.188 port 39937 2020-08-31T15:46:27.050700lavrinenko.info sshd[12036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.160.188 2020-08-31T15:46:27.042317lavrinenko.info sshd[12036]: Invalid user zt from 149.202.160.188 port 39937 2020-08-31T15:46:28.532104lavrinenko.info sshd[12036]: Failed password for invalid user zt from 149.202.160.188 port 39937 ssh2 2020-08-31T15:50:06.819539lavrinenko.info sshd[20933]: Invalid user nfe from 149.202.160.188 port 42818 ...	2020-09-01 01:40:24
36.92.211.191	attack	Unauthorized connection attempt from IP address 36.92.211.191 on Port 445(SMB)	2020-09-01 01:46:25
51.68.230.181	attack	$f2bV_matches	2020-09-01 01:55:27
156.96.62.68	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-01 01:21:24
14.21.36.84	attack	$f2bV_matches	2020-09-01 01:37:37
5.134.48.72	attackspam	Unauthorized connection attempt from IP address 5.134.48.72 on Port 445(SMB)	2020-09-01 01:58:07
43.240.102.18	attackbotsspam	Unauthorized connection attempt from IP address 43.240.102.18 on Port 445(SMB)	2020-09-01 01:36:40
190.144.88.98	attackbots	Unauthorized connection attempt from IP address 190.144.88.98 on Port 445(SMB)	2020-09-01 01:39:57
171.243.44.168	attackbots	Icarus honeypot on github	2020-09-01 01:49:53
193.153.87.202	attack	Unauthorized connection attempt from IP address 193.153.87.202 on Port 445(SMB)	2020-09-01 01:30:45
83.34.204.144	attackbotsspam	Unauthorized connection attempt from IP address 83.34.204.144 on Port 445(SMB)	2020-09-01 01:17:39
106.75.67.6	attackbotsspam	Aug 31 17:07:24 ns381471 sshd[1988]: Failed password for root from 106.75.67.6 port 42872 ssh2	2020-09-01 01:30:11

Recently Reported IPs

188.0.169.153	203.239.25.218	37.180.144.114	178.47.68.221
5.208.191.138	206.196.242.210	97.90.110.160	150.240.43.109
140.2.69.247	180.252.142.127	106.63.47.175	61.122.68.44
103.69.77.6	83.132.227.37	43.231.128.193	155.68.161.221
79.118.243.142	5.9.13.171	200.100.107.9	149.148.189.233