AbuseIPDB » 54.39.22.135

54.39.22.135 was found in our database!

This IP was reported 923 times. Confidence of Abuse is 100%: ?

100%

ISP	OVH Hosting Inc.
Usage Type	Data Center/Web Hosting/Transit
Hostname(s)	135.ip-54-39-22.net
Domain Name	ovh.com
Country	Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 54.39.22.135

Whois 54.39.22.135

IP Abuse Reports for 54.39.22.135:

This IP address has been reported a total of 923 times from 123 distinct sources. 54.39.22.135 was first reported on November 21st 2020, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	Date	Comment	Categories
SpaceHost-Server	1 hour ago	54.39.22.135 - - [11/Apr/2021:21:58:58 +0200] "POST /wp-login.php HTTP/1.0" 200 9146 "-" "Mozilla/5. ... show more54.39.22.135 - - [11/Apr/2021:21:58:58 +0200] "POST /wp-login.php HTTP/1.0" 200 9146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [11/Apr/2021:21:59:00 +0200] "POST /wp-login.php HTTP/1.0" 200 9013 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [11/Apr/2021:21:59:02 +0200] "POST /wp-login.php HTTP/1.0" 200 9009 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" show less	Hacking Web App Attack
Anonymous	10 hours ago	www.handydirektreparatur.de 54.39.22.135 [11/Apr/2021:12:45:01 +0200] "POST /wp-login.php HTTP/1.1" ... show morewww.handydirektreparatur.de 54.39.22.135 [11/Apr/2021:12:45:01 +0200] "POST /wp-login.php HTTP/1.1" 200 6686 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.handydirektreparatur.de 54.39.22.135 [11/Apr/2021:12:45:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3988 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" show less	Web App Attack
Samuel K	12 hours ago	Web scan/attack	Port Scan Web App Attack
bsoft.de	14 hours ago	54.39.22.135 - - [11/Apr/2021:08:41:32 +0200] "GET /wp-login.php HTTP/1.1" 200 9907 "-" "Mozilla/5.0 ... show more54.39.22.135 - - [11/Apr/2021:08:41:32 +0200] "GET /wp-login.php HTTP/1.1" 200 9907 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [11/Apr/2021:08:41:34 +0200] "POST /wp-login.php HTTP/1.1" 200 10158 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [11/Apr/2021:08:41:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" show less	Web App Attack
SpaceHost-Server	16 hours ago	54.39.22.135 - - [11/Apr/2021:07:23:31 +0200] "POST /wp-login.php HTTP/1.0" 200 3383 "-" "Mozilla/5. ... show more54.39.22.135 - - [11/Apr/2021:07:23:31 +0200] "POST /wp-login.php HTTP/1.0" 200 3383 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [11/Apr/2021:07:23:34 +0200] "POST /wp-login.php HTTP/1.0" 200 3385 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [11/Apr/2021:07:23:36 +0200] "POST /wp-login.php HTTP/1.0" 200 3381 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" show less	Hacking Web App Attack
pusathosting.com	21 hours ago	pusattra 54.39.22.135 [07/Apr/2021:10:43:55 "-" "POST /wp-login.php 200 8365 54.39.22.135 [07/ ... show morepusattra 54.39.22.135 [07/Apr/2021:10:43:55 "-" "POST /wp-login.php 200 8365 54.39.22.135 [07/Apr/2021:10:43:56 "-" "GET /wp-login.php 200 8365 54.39.22.135 [07/Apr/2021:10:43:57 "-" "POST /wp-login.php 200 8365 show less	Brute-Force Web App Attack
security.rdmc.fr	10 Apr 2021	Automatic report - Banned IP Access	Web App Attack
UKFast Security	10 Apr 2021	CMS (WordPress or Joomla) brute force attempt.	Brute-Force
Anonymous	10 Apr 2021	54.39.22.135 - - [10/Apr/2021:07:52:39 +0200] "POST /wp-login.php HTTP/1.1" 200 6518 "-" "Mozilla/5. ... show more54.39.22.135 - - [10/Apr/2021:07:52:39 +0200] "POST /wp-login.php HTTP/1.1" 200 6518 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [10/Apr/2021:07:52:40 +0200] "POST /wp-login.php HTTP/1.1" 200 6493 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [10/Apr/2021:07:52:41 +0200] "POST /wp-login.php HTTP/1.1" 200 6496 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... show less	SSH
ufn.edu.br	09 Apr 2021	[Fri Apr 09 08:49:48.551870 2021] [:error] [pid 165185] [client 54.39.22.135:49366] [client 54.39.22 ... show more[Fri Apr 09 08:49:48.551870 2021] [:error] [pid 165185] [client 54.39.22.135:49366] [client 54.39.22.135] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ws24vmsma01.ufn.edu.br"] [uri "/xmlrpc.php"] [unique_id "[email protected]"] ... show less	DDoS Attack Web App Attack
dbip	09 Apr 2021	54.39.22.135 - - [09/Apr/2021:13:02:20 +0200] "GET /wp-login.php HTTP/1.1" 200 1991 "-" "Mozilla/5.0 ... show more54.39.22.135 - - [09/Apr/2021:13:02:20 +0200] "GET /wp-login.php HTTP/1.1" 200 1991 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [09/Apr/2021:13:02:21 +0200] "POST /wp-login.php HTTP/1.1" 200 2111 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [09/Apr/2021:13:02:21 +0200] "GET /wp-login.php HTTP/1.1" 200 1991 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [09/Apr/2021:13:02:22 +0200] "POST /wp-login.php HTTP/1.1" 200 2098 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [09/Apr/2021:13:02:22 +0200] "GET /wp-login.php HTTP/1.1" 200 1991 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [09/Apr/2021:13:02:23 +0200] "POST /wp-login.php HTTP/1.1" 200 2093 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/6 ... show less	Brute-Force Web App Attack
bsoft.de	09 Apr 2021	54.39.22.135 - - [09/Apr/2021:11:43:01 +0200] "GET /wp-login.php HTTP/1.1" 200 9907 "-" "Mozilla/5.0 ... show more54.39.22.135 - - [09/Apr/2021:11:43:01 +0200] "GET /wp-login.php HTTP/1.1" 200 9907 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [09/Apr/2021:11:43:02 +0200] "POST /wp-login.php HTTP/1.1" 200 10158 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.22.135 - - [09/Apr/2021:11:43:04 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" show less	Web App Attack
UKFast Security	09 Apr 2021	WordPress XML RPC POST Brute Force Attack	Web App Attack
OiledAmoeba	09 Apr 2021	54.39.22.135 - - [04/Apr/2021:07:02:01 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 3 ... show more54.39.22.135 - - [04/Apr/2021:07:02:01 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 3637 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 2.788 54.39.22.135 - - [04/Apr/2021:07:02:09 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 200 228 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 7.654 54.39.22.135 - - [08/Apr/2021:13:50:07 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 3636 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 2.645 54.39.22.135 - - [08/Apr/2021:13:50:09 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 200 228 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 1.648 54.39.22.135 - - [09/Apr/2021:09:00:04 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 3636 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 4.669 ... show less	Brute-Force
pusathosting.com	08 Apr 2021	pusattra 54.39.22.135 [07/Apr/2021:10:43:55 "-" "POST /wp-login.php 200 8365 54.39.22.135 [07/ ... show morepusattra 54.39.22.135 [07/Apr/2021:10:43:55 "-" "POST /wp-login.php 200 8365 54.39.22.135 [07/Apr/2021:10:43:56 "-" "GET /wp-login.php 200 8365 54.39.22.135 [07/Apr/2021:10:43:57 "-" "POST /wp-login.php 200 8365 show less	Brute-Force Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩