138.204.27.114

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Copel Telecomunicacoes S.A.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Bruteforce detected by fail2ban	2020-04-13 19:47:46
attackbots	Apr 12 05:24:34 game-panel sshd[19027]: Failed password for root from 138.204.27.114 port 59697 ssh2 Apr 12 05:29:33 game-panel sshd[19235]: Failed password for root from 138.204.27.114 port 34193 ssh2	2020-04-12 14:08:23

Type

Details

Datetime

attackspambots

Bruteforce detected by fail2ban

2020-04-13 19:47:46

attackbots

Apr 12 05:24:34 game-panel sshd[19027]: Failed password for root from 138.204.27.114 port 59697 ssh2
Apr 12 05:29:33 game-panel sshd[19235]: Failed password for root from 138.204.27.114 port 34193 ssh2

2020-04-12 14:08:23

Comments on same subnet:

IP	Type	Details	Datetime
138.204.27.200	attack	Lines containing failures of 138.204.27.200 Sep 4 08:37:47 penfold sshd[21276]: Invalid user returnbikegate from 138.204.27.200 port 43170 Sep 4 08:37:47 penfold sshd[21276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.27.200 Sep 4 08:37:49 penfold sshd[21276]: Failed password for invalid user returnbikegate from 138.204.27.200 port 43170 ssh2 Sep 4 08:37:52 penfold sshd[21276]: Received disconnect from 138.204.27.200 port 43170:11: Bye Bye [preauth] Sep 4 08:37:52 penfold sshd[21276]: Disconnected from invalid user returnbikegate 138.204.27.200 port 43170 [preauth] Sep 4 09:02:52 penfold sshd[23630]: Invalid user app from 138.204.27.200 port 48805 Sep 4 09:02:52 penfold sshd[23630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.27.200 Sep 4 09:02:54 penfold sshd[23630]: Failed password for invalid user app from 138.204.27.200 port 48805 ssh2 Sep 4 09:02:55 pe........ ------------------------------	2020-09-07 03:00:46
138.204.27.200	attackspambots	Lines containing failures of 138.204.27.200 Sep 4 08:37:47 penfold sshd[21276]: Invalid user returnbikegate from 138.204.27.200 port 43170 Sep 4 08:37:47 penfold sshd[21276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.27.200 Sep 4 08:37:49 penfold sshd[21276]: Failed password for invalid user returnbikegate from 138.204.27.200 port 43170 ssh2 Sep 4 08:37:52 penfold sshd[21276]: Received disconnect from 138.204.27.200 port 43170:11: Bye Bye [preauth] Sep 4 08:37:52 penfold sshd[21276]: Disconnected from invalid user returnbikegate 138.204.27.200 port 43170 [preauth] Sep 4 09:02:52 penfold sshd[23630]: Invalid user app from 138.204.27.200 port 48805 Sep 4 09:02:52 penfold sshd[23630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.27.200 Sep 4 09:02:54 penfold sshd[23630]: Failed password for invalid user app from 138.204.27.200 port 48805 ssh2 Sep 4 09:02:55 pe........ ------------------------------	2020-09-06 18:26:06
138.204.27.214	attackspam	SSH BruteForce Attack	2020-07-09 15:29:43
138.204.27.192	attackbots	Jun 22 15:06:20 mockhub sshd[28590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.27.192 Jun 22 15:06:23 mockhub sshd[28590]: Failed password for invalid user developer from 138.204.27.192 port 23265 ssh2 ...	2020-06-23 07:29:53
138.204.27.192	attackspambots	Jun 5 15:15:53 vmi345603 sshd[8295]: Failed password for root from 138.204.27.192 port 18517 ssh2 ...	2020-06-05 22:07:37

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.204.27.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15869
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.204.27.114.			IN	A

;; AUTHORITY SECTION:
.			579	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041200 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 12 14:08:16 CST 2020
;; MSG SIZE  rcvd: 118

Host info

114.27.204.138.in-addr.arpa domain name pointer 114.27.204.138.rfc6598.dynamic.copelfibra.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
114.27.204.138.in-addr.arpa	name = 114.27.204.138.rfc6598.dynamic.copelfibra.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.211.92.41	attack	ssh brute force	2020-06-13 17:32:14
106.75.28.38	attack	Jun 13 14:47:42 gw1 sshd[27896]: Failed password for root from 106.75.28.38 port 43141 ssh2 ...	2020-06-13 17:57:26
104.41.39.100	attackspambots	Jun 13 09:34:06 vps639187 sshd\[17273\]: Invalid user azure from 104.41.39.100 port 51680 Jun 13 09:34:06 vps639187 sshd\[17273\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.41.39.100 Jun 13 09:34:08 vps639187 sshd\[17273\]: Failed password for invalid user azure from 104.41.39.100 port 51680 ssh2 ...	2020-06-13 17:39:31
178.216.249.168	attackspambots	Jun 13 09:16:51 marvibiene sshd[37071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.216.249.168 user=root Jun 13 09:16:53 marvibiene sshd[37071]: Failed password for root from 178.216.249.168 port 44198 ssh2 Jun 13 09:35:37 marvibiene sshd[37214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.216.249.168 user=root Jun 13 09:35:39 marvibiene sshd[37214]: Failed password for root from 178.216.249.168 port 39914 ssh2 ...	2020-06-13 17:48:40
90.93.188.157	attackbotsspam	Lines containing failures of 90.93.188.157 Jun 11 09:08:07 jarvis sshd[17343]: Invalid user admin from 90.93.188.157 port 48588 Jun 11 09:08:07 jarvis sshd[17343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.93.188.157 Jun 11 09:08:08 jarvis sshd[17343]: Failed password for invalid user admin from 90.93.188.157 port 48588 ssh2 Jun 11 09:08:10 jarvis sshd[17343]: Received disconnect from 90.93.188.157 port 48588:11: Bye Bye [preauth] Jun 11 09:08:10 jarvis sshd[17343]: Disconnected from invalid user admin 90.93.188.157 port 48588 [preauth] Jun 11 09:24:16 jarvis sshd[18942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.93.188.157 user=r.r Jun 11 09:24:19 jarvis sshd[18942]: Failed password for r.r from 90.93.188.157 port 39995 ssh2 Jun 11 09:24:20 jarvis sshd[18942]: Received disconnect from 90.93.188.157 port 39995:11: Bye Bye [preauth] Jun 11 09:24:20 jarvis sshd[18942]: Disco........ ------------------------------	2020-06-13 17:37:31
198.27.90.106	attack	2020-06-13T10:58:07.175939vps773228.ovh.net sshd[7400]: Failed password for root from 198.27.90.106 port 59395 ssh2 2020-06-13T11:01:25.902473vps773228.ovh.net sshd[7469]: Invalid user db2adm1 from 198.27.90.106 port 59940 2020-06-13T11:01:25.909467vps773228.ovh.net sshd[7469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.27.90.106 2020-06-13T11:01:25.902473vps773228.ovh.net sshd[7469]: Invalid user db2adm1 from 198.27.90.106 port 59940 2020-06-13T11:01:27.803091vps773228.ovh.net sshd[7469]: Failed password for invalid user db2adm1 from 198.27.90.106 port 59940 ssh2 ...	2020-06-13 17:44:43
62.12.114.172	attackbotsspam	(sshd) Failed SSH login from 62.12.114.172 (KE/Kenya/static-62-12-114-172.ips.angani.co): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 13 10:17:46 amsweb01 sshd[15048]: User daemon from 62.12.114.172 not allowed because not listed in AllowUsers Jun 13 10:17:46 amsweb01 sshd[15048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.12.114.172 user=daemon Jun 13 10:17:46 amsweb01 sshd[15046]: User daemon from 62.12.114.172 not allowed because not listed in AllowUsers Jun 13 10:17:46 amsweb01 sshd[15046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.12.114.172 user=daemon Jun 13 10:17:48 amsweb01 sshd[15048]: Failed password for invalid user daemon from 62.12.114.172 port 41318 ssh2	2020-06-13 18:12:25
106.12.197.232	attackspambots	Jun 13 07:40:35 ns382633 sshd\[15788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.232 user=root Jun 13 07:40:38 ns382633 sshd\[15788\]: Failed password for root from 106.12.197.232 port 51268 ssh2 Jun 13 08:02:07 ns382633 sshd\[19285\]: Invalid user luciano from 106.12.197.232 port 44496 Jun 13 08:02:07 ns382633 sshd\[19285\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.232 Jun 13 08:02:09 ns382633 sshd\[19285\]: Failed password for invalid user luciano from 106.12.197.232 port 44496 ssh2	2020-06-13 18:18:18
118.24.30.97	attack	Jun 13 07:23:48 django-0 sshd\[6486\]: Invalid user postgres from 118.24.30.97Jun 13 07:23:49 django-0 sshd\[6486\]: Failed password for invalid user postgres from 118.24.30.97 port 47948 ssh2Jun 13 07:26:46 django-0 sshd\[6572\]: Invalid user centos from 118.24.30.97 ...	2020-06-13 17:32:28
112.85.42.173	attack	Jun 13 12:05:29 vps sshd[131860]: Failed password for root from 112.85.42.173 port 33368 ssh2 Jun 13 12:05:34 vps sshd[131860]: Failed password for root from 112.85.42.173 port 33368 ssh2 Jun 13 12:05:37 vps sshd[131860]: Failed password for root from 112.85.42.173 port 33368 ssh2 Jun 13 12:05:41 vps sshd[131860]: Failed password for root from 112.85.42.173 port 33368 ssh2 Jun 13 12:05:44 vps sshd[131860]: Failed password for root from 112.85.42.173 port 33368 ssh2 ...	2020-06-13 18:15:14
182.122.19.133	attackspambots	Wordpress malicious attack:[sshd]	2020-06-13 17:50:23
213.0.69.74	attackspambots	2020-06-13T08:28:45.916989ionos.janbro.de sshd[106332]: Failed password for invalid user wyjeong from 213.0.69.74 port 38176 ssh2 2020-06-13T08:32:26.351873ionos.janbro.de sshd[106351]: Invalid user smh from 213.0.69.74 port 47808 2020-06-13T08:32:26.365242ionos.janbro.de sshd[106351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.0.69.74 2020-06-13T08:32:26.351873ionos.janbro.de sshd[106351]: Invalid user smh from 213.0.69.74 port 47808 2020-06-13T08:32:28.529292ionos.janbro.de sshd[106351]: Failed password for invalid user smh from 213.0.69.74 port 47808 ssh2 2020-06-13T08:35:46.168274ionos.janbro.de sshd[106372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.0.69.74 user=root 2020-06-13T08:35:48.117190ionos.janbro.de sshd[106372]: Failed password for root from 213.0.69.74 port 57460 ssh2 2020-06-13T08:39:10.532465ionos.janbro.de sshd[106381]: pam_unix(sshd:auth): authentication failure; logn ...	2020-06-13 17:52:52
45.138.100.247	attackspambots	Chat Spam	2020-06-13 17:38:30
123.118.20.146	attack	Unauthorized connection attempt detected from IP address 123.118.20.146 to port 23	2020-06-13 17:57:04
192.35.169.34	attackbots	Jun 13 10:48:40 debian-2gb-nbg1-2 kernel: \[14296837.762386\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=192.35.169.34 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=34 ID=52178 PROTO=TCP SPT=48269 DPT=9213 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-13 17:41:04

Recently Reported IPs

125.71.133.252	125.163.177.69	37.43.60.43	34.216.59.105
219.92.251.237	111.206.250.203	110.137.139.155	66.249.79.145
171.226.4.142	5.135.189.48	3.21.125.205	51.77.39.255
106.13.129.119	103.133.26.55	27.62.190.33	14.228.107.237
116.119.80.144	62.210.219.124	81.55.122.205	13.76.161.26