Go
129.213.38.54
is a
Hacker
100 %
United States
Report Abuse
148attacks reported
104Brute-ForceSSH
17Brute-Force
14SSH
5uncategorized
2HackingBrute-ForceSSH
1Web App Attack
1Port Scan
1Port ScanHackingBrute-ForceSSH
1FTP Brute-ForceHacking
1Bad Web Bot
...
1abuse reported
1Web SpamBrute-ForceSSH
from 76 distinct reporters
and 7 distinct sources : BadIPs.com, Blocklist.de, darklist.de, FireHOL, GreenSnow.co, VoIPBL.org, AbuseIPDB
129.213.38.54 was first signaled at 2020-07-05 01:02 and last record was at 2020-08-04 12:23.
IP

129.213.38.54

Organization
Oracle Corporation
Localisation
United States
California, Redwood City
NetRange : First & Last IP
129.213.0.0 - 129.213.255.255
Network CIDR
129.213.0.0/16

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2020-08-03 04:35 attacks Brute-ForceSSH AbuseIPDB Aug 3 13:29:40 scw-tender-jepsen sshd[2968]: Failed password for root from 129.213.38.54 port 33040 ssh2
2020-08-03 04:05 attacks Brute-ForceSSH AbuseIPDB Aug 3 15:02:56 vps647732 sshd[16057]: Failed password for root from 129.213.38.54 port 53154 ssh2
2020-08-03 03:38 attacks Brute-ForceSSH AbuseIPDB Aug 3 14:36:53 vps647732 sshd[15429]: Failed password for root from 129.213.38.54 port 32964 ssh2
2020-08-03 03:13 attacks Brute-ForceSSH AbuseIPDB Aug 3 14:11:12 vps647732 sshd[14673]: Failed password for root from 129.213.38.54 port 41026 ssh2
2020-08-03 02:48 attacks Brute-ForceSSH AbuseIPDB Aug 3 13:46:20 vps647732 sshd[13829]: Failed password for root from 129.213.38.54 port 49094 ssh2
2020-08-03 02:23 attacks Brute-ForceSSH AbuseIPDB Aug 3 13:21:49 vps647732 sshd[13172]: Failed password for root from 129.213.38.54 port 57180 ssh2
2020-08-03 01:57 attacks Brute-ForceSSH AbuseIPDB Aug 3 12:52:14 vps647732 sshd[12492]: Failed password for root from 129.213.38.54 port 47600 ssh2
2020-08-02 20:50 attacks Brute-ForceSSH AbuseIPDB Aug 3 07:41:33 minden010 sshd[31238]: Failed password for root from 129.213.38.54 port 56718 ssh2 Aug 3 07:45:53 minden010 sshd[32712]: Failed passwor
2020-08-02 20:06 attacks Brute-Force AbuseIPDB Banned for a week because repeated abuses, for example SSH, but not only
2020-08-02 19:40 attacks Brute-ForceSSH AbuseIPDB Aug 3 06:32:15 minden010 sshd[10279]: Failed password for root from 129.213.38.54 port 41748 ssh2 Aug 3 06:36:11 minden010 sshd[11605]: Failed passwor
2020-08-02 19:30 attacks Brute-ForceSSH AbuseIPDB Aug 3 06:26:50 pve1 sshd[29855]: Failed password for root from 129.213.38.54 port 56254 ssh2
2020-08-02 18:35 attacks Brute-ForceSSH AbuseIPDB 2020-08-03T05:31:32.301331centos sshd[5600]: Failed password for root from 129.213.38.54 port 41676 ssh2 2020-08-03T05:35:22.291087centos sshd[5829]:
2020-08-02 18:30 attacks Brute-ForceSSH AbuseIPDB SSH Brute-Force attacks
2020-08-02 18:29 attacks Brute-ForceSSH AbuseIPDB Aug 3 05:21:29 minden010 sshd[20526]: Failed password for root from 129.213.38.54 port 41124 ssh2 Aug 3 05:25:27 minden010 sshd[21836]: Failed passwor
2020-08-02 18:24 attacks Brute-ForceSSH AbuseIPDB Aug 3 05:03:12 dev0-dcde-rnet sshd[17245]: Failed password for root from 129.213.38.54 port 37824 ssh2 Aug 3 05:20:32 dev0-dcde-rnet sshd[17525]: Fail
2020-08-02 18:24 attacks Brute-ForceSSH AbuseIPDB Aug 3 05:16:16 pve1 sshd[2573]: Failed password for root from 129.213.38.54 port 37762 ssh2
2020-08-02 18:20 attacks Brute-ForceSSH AbuseIPDB Aug 3 05:03:53 vm0 sshd[812]: Failed password for root from 129.213.38.54 port 54840 ssh2
2020-08-02 18:13 attacks Brute-ForceSSH AbuseIPDB Bruteforce detected by fail2ban
2020-08-02 03:37 attacks Brute-ForceSSH AbuseIPDB Aug 2 14:35:23 *hidden* sshd[52834]: Failed password for *hidden* from 129.213.38.54 port 59082 ssh2 Aug 2 14:37:50 *hidden* sshd[53145]: pam_unix(ssh
2020-08-02 03:15 attacks Brute-Force AbuseIPDB 2020-08-02T14:14:16.063566+02:00 <masked> sshd[6427]: Failed password for root from 129.213.38.54 port 42536 ssh2
2020-08-02 02:32 attacks Brute-ForceSSH AbuseIPDB Aug 2 13:29:41 *hidden* sshd[42154]: Failed password for *hidden* from 129.213.38.54 port 51636 ssh2 Aug 2 13:32:06 *hidden* sshd[42682]: pam_unix(ssh
2020-08-01 09:16 attacks HackingBrute-ForceSSH AbuseIPDB 2020-08-01T12:16:32.296011linuxbox-skyline sshd[22159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.21
2020-08-01 08:53 attacks SSH AbuseIPDB Aug 1 19:44:56 OPSO sshd\[13630\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 user=root
2020-08-01 08:32 attacks SSH AbuseIPDB Aug 1 19:24:43 OPSO sshd\[8262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 user=root A
2020-08-01 08:12 attacks SSH AbuseIPDB Aug 1 19:04:19 OPSO sshd\[3539\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 user=root A
2020-08-01 07:52 attacks SSH AbuseIPDB Aug 1 18:44:01 OPSO sshd\[31136\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 user=root
2020-08-01 07:31 attacks SSH AbuseIPDB Aug 1 18:23:28 OPSO sshd\[26227\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 user=root
2020-08-01 07:11 attacks SSH AbuseIPDB Aug 1 18:02:51 OPSO sshd\[22077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 user=root
2020-08-01 00:37 attacks Brute-Force AbuseIPDB 2020-07-29 11:28:44,187 fail2ban.actions [18606]: NOTICE [sshd] Ban 129.213.38.54 2020-07-29 11:43:47,510 fail2ban.actions [18606]: NOTICE [sshd] Ban
2020-07-31 21:24 attacks Brute-ForceSSH AbuseIPDB  
2020-07-31 21:06 attacks SSH AbuseIPDB Connection to SSH Honeypot - Detected by HoneypotDB
2020-07-31 21:01 attacks Brute-ForceSSH AbuseIPDB Jul 31 19:53:08 web9 sshd\[30746\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 user=root
2020-07-31 20:20 attacks Brute-ForceSSH AbuseIPDB Jul 31 19:12:42 web9 sshd\[25089\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 user=root
2020-07-31 20:01 attacks Brute-ForceSSH AbuseIPDB Jul 31 18:53:15 web9 sshd\[22690\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 user=root
2020-07-31 19:41 attacks Brute-ForceSSH AbuseIPDB Jul 31 18:33:54 web9 sshd\[20235\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 user=root
2020-07-31 19:22 attacks Brute-ForceSSH AbuseIPDB Jul 31 18:14:41 web9 sshd\[17654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 user=root
2020-07-31 19:03 attacks Brute-ForceSSH AbuseIPDB Jul 31 17:55:25 web9 sshd\[14749\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 user=root
2020-07-31 18:29 attacks Brute-ForceSSH AbuseIPDB Failed password for root from 129.213.38.54 port 48482 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12
2020-07-31 18:24 attacks Brute-Force AbuseIPDB $f2bV_matches
2020-07-31 15:24 attacks Brute-Force AbuseIPDB (sshd) Failed SSH login from 129.213.38.54 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 1 02
2020-07-31 11:05 attacks Brute-ForceSSH AbuseIPDB (sshd) Failed SSH login from 129.213.38.54 (US/United States/-): 5 in the last 3600 secs
2020-07-31 11:03 attacks Brute-ForceSSH AbuseIPDB  
2020-07-31 03:24 attacks Brute-ForceSSH AbuseIPDB 'Fail2Ban'
2020-07-31 00:27 attacks Brute-ForceSSH AbuseIPDB Jul 31 11:17:32 prod4 sshd\[8784\]: Failed password for root from 129.213.38.54 port 58254 ssh2 Jul 31 11:23:10 prod4 sshd\[11612\]: Failed password f
2020-07-30 21:11 attacks Brute-Force AbuseIPDB 2020-07-31T01:11:24.752619morrigan.ad5gb.com sshd[110103]: Failed password for root from 129.213.38.54 port 40990 ssh2 2020-07-31T01:11:25.412502morri
2020-07-30 18:32 attacks Brute-ForceSSH AbuseIPDB 2020-07-31T05:25:01.025253mail.broermann.family sshd[10345]: Failed password for root from 129.213.38.54 port 43080 ssh2 2020-07-31T05:28:45.845620mai
2020-07-30 13:01 attacks Brute-ForceSSH AbuseIPDB Jul 30 23:51:54 melroy-server sshd[19001]: Failed password for root from 129.213.38.54 port 55050 ssh2
2020-07-30 07:38 attacks Brute-ForceSSH AbuseIPDB SSH BruteForce Attack
2020-07-30 04:42 attacks Brute-ForceSSH AbuseIPDB Jul 30 20:42:54 webhost01 sshd[6700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 Jul 30 20:
2020-07-30 01:37 attacks Brute-ForceSSH AbuseIPDB Jul 30 12:37:55 pornomens sshd\[11195\]: Invalid user iao from 129.213.38.54 port 41156 Jul 30 12:37:55 pornomens sshd\[11195\]: pam_unix\(sshd:auth\)
2020-07-05 01:02 attacks Brute-Force AbuseIPDB " "
2020-07-05 01:21 attacks FTP Brute-ForceHacking AbuseIPDB Jul 5 11:59:38 atlas sshd[30431]: Failed password for r.r from 129.213.38.54 port 52684 ssh2 Jul 5 12:07:03 atlas sshd[30700]: pam_unix(sshd:auth): au
2020-07-05 01:28 attacks Brute-ForceSSH AbuseIPDB 20 attempts against mh-ssh on ship
2020-07-05 04:11 attacks Brute-ForceSSH AbuseIPDB  
2020-07-05 10:17 attacks HackingBrute-ForceSSH AbuseIPDB SSH/22 MH Probe, BF, Hack -
2020-07-05 10:21 attacks Brute-ForceSSH AbuseIPDB Jul 5 19:18:21 vlre-nyc-1 sshd\[23389\]: Invalid user marina from 129.213.38.54 Jul 5 19:18:21 vlre-nyc-1 sshd\[23389\]: pam_unix\(sshd:auth\): authen
2020-07-05 10:33 attacks Brute-ForceSSH AbuseIPDB 20 attempts against mh-ssh on flow
2020-07-05 13:08 attacks Brute-ForceSSH AbuseIPDB Jul 6 00:07:52 ArkNodeAT sshd\[12477\]: Invalid user dolores from 129.213.38.54 Jul 6 00:07:52 ArkNodeAT sshd\[12477\]: pam_unix\(sshd:auth\): authent
2020-07-05 16:10 attacks Brute-ForceSSH AbuseIPDB $f2bV_matches
2020-07-05 16:12 attacks Brute-ForceSSH AbuseIPDB Jul 6 03:12:43 ns3164893 sshd[20084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 Jul 6 03:1
2020-07-31 15:56 attacks bi_any_0_1d BadIPs.com  
2020-07-31 15:56 attacks SSH bi_sshd_0_1d BadIPs.com  
2020-07-31 15:57 attacks SSH bi_ssh_0_1d BadIPs.com  
2020-07-31 15:57 attacks blocklist_de Blocklist.de  
2020-07-31 15:57 attacks SSH blocklist_de_ssh Blocklist.de  
2020-07-31 15:59 attacks darklist_de darklist.de  
2020-07-31 16:01 attacks firehol_level2 FireHOL  
2020-08-01 15:06 attacks greensnow GreenSnow.co  
2020-08-02 14:00 attacks SSH bi_ssh-ddos_0_1d BadIPs.com  
2020-08-04 12:00 attacks Bad Web Bot bi_badbots_0_1d BadIPs.com  
2020-08-04 12:00 attacks Brute-Force bi_bruteforce_0_1d BadIPs.com  
2020-08-04 12:23 attacks Fraud VoIP voipbl VoIPBL.org  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

NetRange: 129.213.0.0 - 129.213.255.255
CIDR: 129.213.0.0/16
NetName: OC-195
NetHandle: NET-129-213-0-0-1
Parent: NET129 (NET-129-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Oracle Corporation (ORACLE-4)
RegDate: 2016-10-14
Updated: 2017-11-27
Ref: https://rdap.arin.net/registry/ip/ 129.213.0.0

OrgName: Oracle Corporation
OrgId: ORACLE-4
Address: 500 Oracle Parkway
Address: Attn: Domain Administrator
City: Redwood Shores
StateProv: CA
PostalCode: 94065
Country: US
RegDate: 1988-04-28
Updated: 2017-01-28
Ref: https://rdap.arin.net/registry/entity/ORACLE-4

OrgTechHandle: ORACL1-ARIN
OrgTechName: ORACLE NIS
OrgTechPhone: +1-650-506-2220
OrgTechEmail: domain-contact_ww_grp@oracle.com
OrgTechRef: https://rdap.arin.net/registry/entity/ORACL1-ARIN

OrgAbuseHandle: NISAM-ARIN
OrgAbuseName: Network Information Systems Abuse Management
OrgAbusePhone: +1-650-506-2220
OrgAbuseEmail: network-contact_ww_grp@oracle.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/NISAM-ARIN


NetRange: 129.213.0.0 - 129.213.255.255
CIDR: 129.213.0.0/16
NetName: OC-195
NetHandle: NET-129-213-0-0-2
Parent: OC-195 (NET-129-213-0-0-1)
NetType: Reassigned
OriginAS:
Organization: Oracle Public Cloud (OC-195)
RegDate: 2017-12-01
Updated: 2017-12-01
Ref: https://rdap.arin.net/registry/ip/ 129.213.0.0

OrgName: Oracle Public Cloud
OrgId: OC-195
Address: 1501 4th Ave
Address: #1800
City: Seattle
StateProv: WA
PostalCode: 98101
Country: US
RegDate: 2016-04-06
Updated: 2017-11-28
Ref: https://rdap.arin.net/registry/entity/OC-195

OrgAbuseHandle: OBMO-ARIN
OrgAbuseName: Oracle Bare Metal Operations
OrgAbusePhone: +1-512-712-7403
OrgAbuseEmail: domain-contact_ww_grp@oracle.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/OBMO-ARIN

OrgTechHandle: OBMO-ARIN
OrgTechName: Oracle Bare Metal Operations
OrgTechPhone: +1-512-712-7403
OrgTechEmail: domain-contact_ww_grp@oracle.com
OrgTechRef: https://rdap.arin.net/registry/entity/OBMO-ARIN
most specific ip range is highlighted
Updated : 2020-07-17