54.39.148.232 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: OVH Hosting Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Oct 3 11:01:40 dallas01 sshd[969]: error: maximum authentication attempts exceeded for root from 54.39.148.232 port 48766 ssh2 [preauth]	2019-10-09 00:45:59
attack	Automatic report - Banned IP Access	2019-10-04 12:47:07
attack	2019-10-02T07:54:06.674705abusebot.cloudsearch.cf sshd\[13733\]: Invalid user ranjit from 54.39.148.232 port 51538	2019-10-02 17:54:33
attack	Sep 29 14:09:45 rotator sshd\[20867\]: Failed password for root from 54.39.148.232 port 55182 ssh2Sep 29 14:09:48 rotator sshd\[20867\]: Failed password for root from 54.39.148.232 port 55182 ssh2Sep 29 14:09:51 rotator sshd\[20867\]: Failed password for root from 54.39.148.232 port 55182 ssh2Sep 29 14:09:54 rotator sshd\[20867\]: Failed password for root from 54.39.148.232 port 55182 ssh2Sep 29 14:09:57 rotator sshd\[20867\]: Failed password for root from 54.39.148.232 port 55182 ssh2Sep 29 14:09:59 rotator sshd\[20867\]: Failed password for root from 54.39.148.232 port 55182 ssh2 ...	2019-09-29 20:18:06
attack	Automatic report - Banned IP Access	2019-09-22 09:05:03
attack	lust-auf-land.com 54.39.148.232 \[13/Sep/2019:04:16:49 +0200\] "POST /xmlrpc.php HTTP/1.0" 301 509 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.lust-auf-land.com 54.39.148.232 \[13/Sep/2019:04:16:51 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 3777 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-09-13 12:02:12
attackbotsspam	Sep 4 13:24:31 vpn01 sshd\[25614\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.148.232 user=root Sep 4 13:24:33 vpn01 sshd\[25614\]: Failed password for root from 54.39.148.232 port 57348 ssh2 Sep 4 13:24:49 vpn01 sshd\[25614\]: Failed password for root from 54.39.148.232 port 57348 ssh2	2019-09-04 19:31:00
attackspambots	Aug 31 13:58:12 rotator sshd\[15627\]: Failed password for root from 54.39.148.232 port 53394 ssh2Aug 31 13:58:16 rotator sshd\[15627\]: Failed password for root from 54.39.148.232 port 53394 ssh2Aug 31 13:58:19 rotator sshd\[15627\]: Failed password for root from 54.39.148.232 port 53394 ssh2Aug 31 13:58:22 rotator sshd\[15627\]: Failed password for root from 54.39.148.232 port 53394 ssh2Aug 31 13:58:24 rotator sshd\[15627\]: Failed password for root from 54.39.148.232 port 53394 ssh2Aug 31 13:58:28 rotator sshd\[15627\]: Failed password for root from 54.39.148.232 port 53394 ssh2 ...	2019-08-31 23:35:13
attack	Aug 26 09:16:28 ast sshd[29607]: Invalid user admin from 54.39.148.232 port 58708 Aug 26 10:11:32 ast sshd[30595]: Invalid user ubnt from 54.39.148.232 port 46198 Aug 26 19:44:19 ast sshd[394]: error: PAM: Authentication failure for sshd from 54.39.148.232 ...	2019-08-27 07:56:32
attack	Aug 26 17:03:19 nextcloud sshd\[20380\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.148.232 user=sshd Aug 26 17:03:21 nextcloud sshd\[20380\]: Failed password for sshd from 54.39.148.232 port 49664 ssh2 Aug 26 17:03:24 nextcloud sshd\[20380\]: Failed password for sshd from 54.39.148.232 port 49664 ssh2 ...	2019-08-26 23:15:19
attackspambots	Automatic report - Banned IP Access	2019-07-14 12:38:18
attackbots	Triggered by Fail2Ban at Vostok web server	2019-07-13 03:15:19
attack	Unauthorized SSH login attempts	2019-07-07 11:04:37

Comments on same subnet:

IP	Type	Details	Datetime
54.39.148.233	attackbotsspam	Oct 7 21:51:37 km20725 sshd\[29239\]: Invalid user abba from 54.39.148.233Oct 7 21:51:39 km20725 sshd\[29239\]: Failed password for invalid user abba from 54.39.148.233 port 48578 ssh2Oct 7 21:51:42 km20725 sshd\[29239\]: Failed password for invalid user abba from 54.39.148.233 port 48578 ssh2Oct 7 21:51:44 km20725 sshd\[29239\]: Failed password for invalid user abba from 54.39.148.233 port 48578 ssh2 ...	2019-10-08 05:28:04
54.39.148.233	attackbotsspam	Oct 7 03:52:08 thevastnessof sshd[5268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.148.233 ...	2019-10-07 13:53:59
54.39.148.234	attackbots	Oct 6 15:16:37 vpn01 sshd[22500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.148.234 Oct 6 15:16:39 vpn01 sshd[22500]: Failed password for invalid user carapp from 54.39.148.234 port 42264 ssh2 ...	2019-10-07 02:18:33
54.39.148.234	attack	xmlrpc attack	2019-10-02 02:51:44
54.39.148.233	attackspam	Sep 26 10:24:42 thevastnessof sshd[2973]: Failed password for root from 54.39.148.233 port 58892 ssh2 ...	2019-09-26 20:00:52
54.39.148.233	attackspam	Invalid user zte from 54.39.148.233 port 57950	2019-09-13 11:34:15
54.39.148.233	attackspam	Sep 5 13:28:15 thevastnessof sshd[26872]: Failed password for root from 54.39.148.233 port 42850 ssh2 ...	2019-09-06 01:35:50
54.39.148.234	attackspam	$f2bV_matches_ltvn	2019-09-04 03:00:08
54.39.148.234	attackbotsspam	Sep 1 07:13:04 rotator sshd\[30533\]: Failed password for root from 54.39.148.234 port 46320 ssh2Sep 1 07:13:07 rotator sshd\[30533\]: Failed password for root from 54.39.148.234 port 46320 ssh2Sep 1 07:13:09 rotator sshd\[30533\]: Failed password for root from 54.39.148.234 port 46320 ssh2Sep 1 07:13:12 rotator sshd\[30533\]: Failed password for root from 54.39.148.234 port 46320 ssh2Sep 1 07:13:15 rotator sshd\[30533\]: Failed password for root from 54.39.148.234 port 46320 ssh2Sep 1 07:13:19 rotator sshd\[30533\]: Failed password for root from 54.39.148.234 port 46320 ssh2 ...	2019-09-01 13:28:01
54.39.148.234	attackspam	Aug 30 07:19:33 minden010 sshd[12420]: Failed password for root from 54.39.148.234 port 44534 ssh2 Aug 30 07:19:44 minden010 sshd[12420]: Failed password for root from 54.39.148.234 port 44534 ssh2 Aug 30 07:19:47 minden010 sshd[12420]: Failed password for root from 54.39.148.234 port 44534 ssh2 Aug 30 07:19:47 minden010 sshd[12420]: error: maximum authentication attempts exceeded for root from 54.39.148.234 port 44534 ssh2 [preauth] ...	2019-08-30 13:23:18
54.39.148.233	attackbots	Aug 29 11:43:43 webhost01 sshd[23711]: Failed password for root from 54.39.148.233 port 52574 ssh2 Aug 29 11:43:57 webhost01 sshd[23711]: error: maximum authentication attempts exceeded for root from 54.39.148.233 port 52574 ssh2 [preauth] ...	2019-08-29 16:28:29
54.39.148.234	attackspambots	Aug 27 13:08:31 hosting sshd[31186]: Invalid user user from 54.39.148.234 port 43174 Aug 27 13:08:31 hosting sshd[31186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=234.ip-54-39-148.net Aug 27 13:08:31 hosting sshd[31186]: Invalid user user from 54.39.148.234 port 43174 Aug 27 13:08:33 hosting sshd[31186]: Failed password for invalid user user from 54.39.148.234 port 43174 ssh2 ...	2019-08-27 18:30:08
54.39.148.234	attackbotsspam	Aug 16 07:24:16 vtv3 sshd\[2017\]: Invalid user support from 54.39.148.234 port 35738 Aug 16 07:24:16 vtv3 sshd\[2017\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.148.234 Aug 16 07:24:18 vtv3 sshd\[2017\]: Failed password for invalid user support from 54.39.148.234 port 35738 ssh2 Aug 16 07:24:27 vtv3 sshd\[2084\]: Invalid user tech from 54.39.148.234 port 37492 Aug 16 07:24:27 vtv3 sshd\[2084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.148.234 Aug 17 04:58:28 vtv3 sshd\[19720\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.148.234 user=root Aug 17 04:58:30 vtv3 sshd\[19720\]: Failed password for root from 54.39.148.234 port 42766 ssh2 Aug 17 04:58:34 vtv3 sshd\[19720\]: Failed password for root from 54.39.148.234 port 42766 ssh2 Aug 17 04:58:36 vtv3 sshd\[19720\]: Failed password for root from 54.39.148.234 port 42766 ssh2 Aug 17 04:58:40 vtv3 ssh	2019-08-27 16:06:34
54.39.148.233	attackspam	Automatic report - Banned IP Access	2019-08-24 04:07:37
54.39.148.233	attackbots	Aug 03 20:00:45 askasleikir sshd[28135]: Failed password for invalid user NetLinx from 54.39.148.233 port 53018 ssh2 Aug 03 20:00:38 askasleikir sshd[28132]: Failed password for invalid user administrator from 54.39.148.233 port 52496 ssh2	2019-08-04 15:10:37

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.39.148.232
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12107
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.39.148.232.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052802 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed May 29 12:54:17 CST 2019
;; MSG SIZE  rcvd: 117

Host info

232.148.39.54.in-addr.arpa domain name pointer 232.ip-54-39-148.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
232.148.39.54.in-addr.arpa	name = 232.ip-54-39-148.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
90.79.154.39	attack	Dec 22 07:24:05 Ubuntu-1404-trusty-64-minimal sshd\[10004\]: Invalid user pi from 90.79.154.39 Dec 22 07:24:05 Ubuntu-1404-trusty-64-minimal sshd\[10006\]: Invalid user pi from 90.79.154.39 Dec 22 07:24:05 Ubuntu-1404-trusty-64-minimal sshd\[10004\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.79.154.39 Dec 22 07:24:05 Ubuntu-1404-trusty-64-minimal sshd\[10006\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.79.154.39 Dec 22 07:24:07 Ubuntu-1404-trusty-64-minimal sshd\[10004\]: Failed password for invalid user pi from 90.79.154.39 port 54168 ssh2	2019-12-22 20:40:35
130.61.89.191	attack	Dec 22 07:24:11 sxvn sshd[181483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.89.191	2019-12-22 20:34:22
111.9.116.190	attackspam	Dec 22 12:49:23 * sshd[28733]: Failed password for root from 111.9.116.190 port 53290 ssh2	2019-12-22 20:06:09
117.95.83.121	attack	Scanning	2019-12-22 20:25:37
107.6.91.26	attackspambots	"GET //admin/config.php?password%5B0%5D=ZIZO&username=admin HTTP/1.1" 404 3667 "-" "python-requests/2.6.0 CPython/2.7.5 Linux/3.10.0-862.11.6.el7.x86_64"	2019-12-22 20:27:23
211.159.158.29	attackbotsspam	Dec 22 00:31:47 php1 sshd\[14765\]: Invalid user guest from 211.159.158.29 Dec 22 00:31:47 php1 sshd\[14765\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.159.158.29 Dec 22 00:31:50 php1 sshd\[14765\]: Failed password for invalid user guest from 211.159.158.29 port 54816 ssh2 Dec 22 00:37:48 php1 sshd\[15714\]: Invalid user operator from 211.159.158.29 Dec 22 00:37:48 php1 sshd\[15714\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.159.158.29	2019-12-22 20:03:49
82.64.15.106	attackbotsspam	$f2bV_matches	2019-12-22 20:18:05
109.237.214.176	attackbots	Multiple failed FTP logins	2019-12-22 20:35:46
217.182.78.87	attack	Dec 22 13:40:00 cvbnet sshd[9410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.78.87 Dec 22 13:40:02 cvbnet sshd[9410]: Failed password for invalid user service from 217.182.78.87 port 42350 ssh2 ...	2019-12-22 20:44:47
207.154.243.255	attackbotsspam	Dec 22 13:14:03 h2177944 sshd\[8628\]: Invalid user trapper from 207.154.243.255 port 55866 Dec 22 13:14:03 h2177944 sshd\[8628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.243.255 Dec 22 13:14:05 h2177944 sshd\[8628\]: Failed password for invalid user trapper from 207.154.243.255 port 55866 ssh2 Dec 22 13:26:44 h2177944 sshd\[9030\]: Invalid user ordway from 207.154.243.255 port 52866 Dec 22 13:26:44 h2177944 sshd\[9030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.243.255 ...	2019-12-22 20:36:58
115.84.87.176	attack	1576995846 - 12/22/2019 07:24:06 Host: 115.84.87.176/115.84.87.176 Port: 445 TCP Blocked	2019-12-22 20:44:20
207.154.229.50	attackbots	Dec 22 08:17:07 unicornsoft sshd\[12352\]: User root from 207.154.229.50 not allowed because not listed in AllowUsers Dec 22 08:17:07 unicornsoft sshd\[12352\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.229.50 user=root Dec 22 08:17:09 unicornsoft sshd\[12352\]: Failed password for invalid user root from 207.154.229.50 port 57730 ssh2	2019-12-22 20:34:56
183.16.102.30	attackbots	Unauthorized connection attempt detected from IP address 183.16.102.30 to port 4899	2019-12-22 20:07:14
159.203.201.67	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-12-22 20:05:40
121.128.200.146	attackbots	$f2bV_matches	2019-12-22 20:34:39

Recently Reported IPs

98.242.232.130	177.45.139.208	150.9.138.119	236.157.180.125
203.7.12.166	67.254.10.47	252.109.227.193	152.215.41.233
140.174.67.111	207.214.142.8	176.31.183.89	118.169.43.185
81.30.102.124	80.24.74.229	185.19.6.124	90.213.136.79
71.162.139.187	119.160.80.79	178.150.163.36	201.144.236.22