City: unknown
Region: unknown
Country: Canada
Internet Service Provider: OVH Hosting Inc.
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | Jan 10 21:11:33 thevastnessof sshd[21357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.21.54 ... |
2020-01-11 05:32:46 |
| attackbotsspam | Jan 10 19:23:19 root sshd[16392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.21.54 Jan 10 19:23:22 root sshd[16392]: Failed password for invalid user support from 54.39.21.54 port 55286 ssh2 Jan 10 19:25:08 root sshd[16408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.21.54 ... |
2020-01-11 02:26:00 |
| attackbotsspam | Jan 7 20:22:03 klukluk sshd\[14863\]: Invalid user support from 54.39.21.54 Jan 7 20:24:01 klukluk sshd\[15947\]: Invalid user ubnt from 54.39.21.54 Jan 7 20:26:19 klukluk sshd\[17759\]: Invalid user postgres from 54.39.21.54 ... |
2020-01-08 03:54:52 |
| attack | Jan 4 12:18:01 [HOSTNAME] sshd[22511]: Invalid user support from 54.39.21.54 port 45736 Jan 4 12:19:52 [HOSTNAME] sshd[22534]: Invalid user ubnt from 54.39.21.54 port 37508 Jan 4 12:21:53 [HOSTNAME] sshd[22537]: Invalid user postgres from 54.39.21.54 port 57510 ... |
2020-01-04 19:24:48 |
| attack | Invalid user postgres from 54.39.21.54 port 47564 |
2019-12-20 18:00:35 |
| attack | Triggered by Fail2Ban at Vostok web server |
2019-12-20 06:14:34 |
| attackspambots | Dec 4 12:54:25 server sshd\[23789\]: Invalid user postgres from 54.39.21.54 Dec 4 12:54:25 server sshd\[23789\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.ip-54-39-21.net Dec 4 12:54:28 server sshd\[23789\]: Failed password for invalid user postgres from 54.39.21.54 port 56270 ssh2 Dec 4 20:00:21 server sshd\[11606\]: Invalid user www-data from 54.39.21.54 Dec 4 20:00:21 server sshd\[11606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.ip-54-39-21.net ... |
2019-12-05 01:44:08 |
| attack | Dec 3 01:36:32 sauna sshd[210886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.21.54 Dec 3 01:36:34 sauna sshd[210886]: Failed password for invalid user ftp_test from 54.39.21.54 port 54112 ssh2 ... |
2019-12-03 08:11:13 |
| attackspam | Nov 25 12:04:27 XXX sshd[5641]: Invalid user informix from 54.39.21.54 port 38444 |
2019-11-26 08:06:12 |
| attackbotsspam | Invalid user zabbix from 54.39.21.54 port 46054 |
2019-11-25 07:39:56 |
| attack | Nov 23 13:18:42 vpn01 sshd[27595]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.21.54 Nov 23 13:18:44 vpn01 sshd[27595]: Failed password for invalid user postgres from 54.39.21.54 port 44766 ssh2 ... |
2019-11-23 20:37:18 |
| attackspam | $f2bV_matches |
2019-11-16 09:08:49 |
| attackbotsspam | Nov 12 17:19:52 *** sshd[25082]: Invalid user nagios from 54.39.21.54 |
2019-11-13 02:41:35 |
| attackspam | "Fail2Ban detected SSH brute force attempt" |
2019-11-07 16:01:39 |
| attackspam | 2019-11-07T00:51:44.635837abusebot-3.cloudsearch.cf sshd\[3434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.ip-54-39-21.net user=ftp |
2019-11-07 09:05:23 |
| attackbotsspam | Nov 5 15:34:27 unicornsoft sshd\[18541\]: Invalid user applmgr from 54.39.21.54 Nov 5 15:34:27 unicornsoft sshd\[18541\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.21.54 Nov 5 15:34:30 unicornsoft sshd\[18541\]: Failed password for invalid user applmgr from 54.39.21.54 port 47836 ssh2 |
2019-11-06 00:19:44 |
| attackspambots | Oct 24 19:13:55 server sshd\[12032\]: Invalid user ethos from 54.39.21.54 Oct 24 19:13:55 server sshd\[12032\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.ip-54-39-21.net Oct 24 19:13:57 server sshd\[12032\]: Failed password for invalid user ethos from 54.39.21.54 port 55878 ssh2 Oct 24 20:30:24 server sshd\[1248\]: Invalid user ubuntu from 54.39.21.54 Oct 24 20:30:24 server sshd\[1248\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.ip-54-39-21.net ... |
2019-10-25 01:33:40 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 54.39.213.56 | attack | Trying to bypass user accounts on secured servers |
2022-03-08 16:46:57 |
| 54.39.213.56 | attack | Trying to bypass user accounts on secured servers |
2022-03-08 09:06:47 |
| 54.39.211.56 | attackbotsspam | Lines containing failures of 54.39.211.56 Oct 3 22:26:48 v2hgb postfix/smtpd[26045]: connect from a.binkleyapples.com[54.39.211.56] Oct 3 22:26:48 v2hgb postfix/smtpd[26045]: Anonymous TLS connection established from a.binkleyapples.com[54.39.211.56]: TLSv1 whostnameh cipher ECDHE-RSA-AES256-SHA (256/256 bhostnames) Oct x@x Oct 3 22:26:49 v2hgb postfix/smtpd[26045]: disconnect from a.binkleyapples.com[54.39.211.56] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=54.39.211.56 |
2020-10-05 04:35:26 |
| 54.39.211.56 | attack | Lines containing failures of 54.39.211.56 Oct 3 22:26:48 v2hgb postfix/smtpd[26045]: connect from a.binkleyapples.com[54.39.211.56] Oct 3 22:26:48 v2hgb postfix/smtpd[26045]: Anonymous TLS connection established from a.binkleyapples.com[54.39.211.56]: TLSv1 whostnameh cipher ECDHE-RSA-AES256-SHA (256/256 bhostnames) Oct x@x Oct 3 22:26:49 v2hgb postfix/smtpd[26045]: disconnect from a.binkleyapples.com[54.39.211.56] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=54.39.211.56 |
2020-10-04 20:29:38 |
| 54.39.211.56 | attackspambots | Lines containing failures of 54.39.211.56 Oct 3 22:26:48 v2hgb postfix/smtpd[26045]: connect from a.binkleyapples.com[54.39.211.56] Oct 3 22:26:48 v2hgb postfix/smtpd[26045]: Anonymous TLS connection established from a.binkleyapples.com[54.39.211.56]: TLSv1 whostnameh cipher ECDHE-RSA-AES256-SHA (256/256 bhostnames) Oct x@x Oct 3 22:26:49 v2hgb postfix/smtpd[26045]: disconnect from a.binkleyapples.com[54.39.211.56] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=54.39.211.56 |
2020-10-04 12:12:24 |
| 54.39.215.38 | attackbots | 27-Sep-2020 14:43:30.765 client @0x7f352c0a25f0 54.39.215.38#58427 (pizzaseo.com): query (cache) 'pizzaseo.com/RRSIG/IN' denied |
2020-09-28 04:12:53 |
| 54.39.215.38 | attackspam | UDP ports : 389 / 10001 |
2020-09-27 20:30:00 |
| 54.39.215.38 | attackbots |
|
2020-09-27 12:05:39 |
| 54.39.215.18 | attackspambots | $f2bV_matches |
2020-09-22 20:08:30 |
| 54.39.215.18 | attackspambots | 20 attempts against mh-ssh on creek |
2020-09-22 04:16:38 |
| 54.39.215.32 | attackbotsspam |
|
2020-09-12 03:21:22 |
| 54.39.215.32 | attackspam | UDP ports : 17 / 389 / 5093 / 5353 |
2020-09-11 19:23:25 |
| 54.39.215.32 | attack | 1597294297 - 08/13/2020 11:51:37 Host: ip32.ip-54-39-215.net/54.39.215.32 Port: 17 UDP Blocked ... |
2020-08-13 13:37:57 |
| 54.39.215.32 | attackspambots | *Port Scan* detected from 54.39.215.32 (CA/Canada/Ontario/Ottawa (Kanata)/ip32.ip-54-39-215.net). 4 hits in the last 35 seconds |
2020-08-13 09:40:58 |
| 54.39.215.32 | attackbots |
|
2020-07-26 03:48:04 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.39.21.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58072
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.39.21.54. IN A
;; AUTHORITY SECTION:
. 600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019102401 1800 900 604800 86400
;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 25 01:33:36 CST 2019
;; MSG SIZE rcvd: 11554.21.39.54.in-addr.arpa domain name pointer 54.ip-54-39-21.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
54.21.39.54.in-addr.arpa name = 54.ip-54-39-21.net.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 49.235.143.244 | attack | Jun 11 04:55:53 jumpserver sshd[22786]: Failed password for root from 49.235.143.244 port 57970 ssh2 Jun 11 04:59:20 jumpserver sshd[22801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.143.244 user=root Jun 11 04:59:23 jumpserver sshd[22801]: Failed password for root from 49.235.143.244 port 45478 ssh2 ... |
2020-06-11 17:30:43 |
| 100.241.2.60 | spam | A motivating discussion is definitely worth comment. I do believe that you need to write more about this issue, it may not be a taboo subject but typically people don't discuss such issues. To the next! Best wishes!! Viagra on line acquisto Kamagra Oral Jelly ordinare Viagra Super Active |
2020-06-11 17:53:40 |
| 185.39.10.48 | attackspam | 06/11/2020-03:23:53.493394 185.39.10.48 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-06-11 17:28:57 |
| 106.13.206.10 | attack | Jun 11 00:18:41 ny01 sshd[12345]: Failed password for root from 106.13.206.10 port 39438 ssh2 Jun 11 00:22:11 ny01 sshd[12828]: Failed password for root from 106.13.206.10 port 53686 ssh2 Jun 11 00:25:51 ny01 sshd[13636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.206.10 |
2020-06-11 17:43:29 |
| 219.135.209.13 | attackspam | 2020-06-11T03:47:53.766044dmca.cloudsearch.cf sshd[1855]: Invalid user jester from 219.135.209.13 port 46166 2020-06-11T03:47:53.772706dmca.cloudsearch.cf sshd[1855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.135.209.13 2020-06-11T03:47:53.766044dmca.cloudsearch.cf sshd[1855]: Invalid user jester from 219.135.209.13 port 46166 2020-06-11T03:47:55.674780dmca.cloudsearch.cf sshd[1855]: Failed password for invalid user jester from 219.135.209.13 port 46166 ssh2 2020-06-11T03:51:10.234714dmca.cloudsearch.cf sshd[2056]: Invalid user minerva from 219.135.209.13 port 51966 2020-06-11T03:51:10.240905dmca.cloudsearch.cf sshd[2056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.135.209.13 2020-06-11T03:51:10.234714dmca.cloudsearch.cf sshd[2056]: Invalid user minerva from 219.135.209.13 port 51966 2020-06-11T03:51:12.188032dmca.cloudsearch.cf sshd[2056]: Failed password for invalid user minerva from 21 ... |
2020-06-11 17:57:07 |
| 220.123.241.30 | attackbots | ssh brute force |
2020-06-11 18:00:20 |
| 198.38.82.252 | attackspam | Probing for vulnerable PHP code |
2020-06-11 17:47:52 |
| 222.223.32.227 | attackspam | Jun 11 05:51:04 * sshd[13886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.223.32.227 Jun 11 05:51:06 * sshd[13886]: Failed password for invalid user bs from 222.223.32.227 port 58076 ssh2 |
2020-06-11 18:00:53 |
| 120.132.14.42 | attackspam | Jun 11 09:11:04 vmd48417 sshd[11609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.14.42 |
2020-06-11 17:45:01 |
| 186.159.6.116 | attackspambots | Honeypot attack, port: 445, PTR: adsl-186-159-6-116.edatel.net.co. |
2020-06-11 17:54:10 |
| 50.63.196.154 | attack | Automatic report - XMLRPC Attack |
2020-06-11 17:37:07 |
| 5.139.213.34 | attack | SMB Server BruteForce Attack |
2020-06-11 17:57:56 |
| 103.78.81.227 | attack | Failed password for invalid user yuanxiangchi from 103.78.81.227 port 39102 ssh2 |
2020-06-11 17:56:27 |
| 119.194.214.43 | attackbots | Jun 10 21:51:18 Host-KLAX-C postfix/submission/smtpd[6053]: lost connection after CONNECT from unknown[119.194.214.43] ... |
2020-06-11 17:54:39 |
| 91.223.227.253 | attack | Port Scan detected! ... |
2020-06-11 18:03:43 |