27.1.253.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea (Republic of)

Internet Service Provider: DLIVE

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user suporte from 27.1.253.142 port 39162	2020-09-27 07:16:35
attackspam	Invalid user acct from 27.1.253.142 port 46286	2020-09-26 23:45:23
attack	Invalid user acct from 27.1.253.142 port 46286	2020-09-26 15:36:15
attack	Aug 25 13:00:29 pixelmemory sshd[387984]: Invalid user team from 27.1.253.142 port 56116 Aug 25 13:00:29 pixelmemory sshd[387984]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.1.253.142 Aug 25 13:00:29 pixelmemory sshd[387984]: Invalid user team from 27.1.253.142 port 56116 Aug 25 13:00:31 pixelmemory sshd[387984]: Failed password for invalid user team from 27.1.253.142 port 56116 ssh2 Aug 25 13:01:14 pixelmemory sshd[388117]: Invalid user hug from 27.1.253.142 port 35186 ...	2020-08-26 05:13:15
attack	Aug 21 17:29:33 journals sshd\[96101\]: Invalid user xufang from 27.1.253.142 Aug 21 17:29:33 journals sshd\[96101\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.1.253.142 Aug 21 17:29:34 journals sshd\[96101\]: Failed password for invalid user xufang from 27.1.253.142 port 39414 ssh2 Aug 21 17:32:04 journals sshd\[96374\]: Invalid user infoweb from 27.1.253.142 Aug 21 17:32:04 journals sshd\[96374\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.1.253.142 ...	2020-08-21 23:09:15
attackspambots	Aug 7 01:06:00 vpn01 sshd[17529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.1.253.142 Aug 7 01:06:02 vpn01 sshd[17529]: Failed password for invalid user enkjidc from 27.1.253.142 port 49670 ssh2 ...	2020-08-07 07:45:07
attackbotsspam	2020-08-01T13:52[Censored Hostname] sshd[25675]: Failed password for root from 27.1.253.142 port 59608 ssh2 2020-08-01T13:56[Censored Hostname] sshd[28172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.1.253.142 user=root 2020-08-01T13:56[Censored Hostname] sshd[28172]: Failed password for root from 27.1.253.142 port 48872 ssh2[...]	2020-08-01 20:02:49
attackbots	Jul 30 06:02:47 PorscheCustomer sshd[13668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.1.253.142 Jul 30 06:02:48 PorscheCustomer sshd[13668]: Failed password for invalid user tbjeong from 27.1.253.142 port 56866 ssh2 Jul 30 06:06:36 PorscheCustomer sshd[13757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.1.253.142 ...	2020-07-30 16:19:58
attackbots	Jul 27 17:08:07 server sshd[26855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.1.253.142 Jul 27 17:08:09 server sshd[26855]: Failed password for invalid user liuzc from 27.1.253.142 port 51966 ssh2 Jul 27 17:19:57 server sshd[27593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.1.253.142 Jul 27 17:20:00 server sshd[27593]: Failed password for invalid user hyoseung from 27.1.253.142 port 34308 ssh2	2020-07-27 23:53:24
attackspambots	Jul 17 15:50:30 server sshd[22739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.1.253.142 Jul 17 15:50:33 server sshd[22739]: Failed password for invalid user rapa from 27.1.253.142 port 37608 ssh2 Jul 17 15:54:55 server sshd[22988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.1.253.142 ...	2020-07-17 23:36:52
attackspam	Jun 1 06:09:42 haigwepa sshd[10463]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.1.253.142 Jun 1 06:09:44 haigwepa sshd[10463]: Failed password for invalid user 123sa\r from 27.1.253.142 port 33660 ssh2 ...	2020-06-01 13:18:11
attackspam	May 4 17:26:16 firewall sshd[22041]: Invalid user 6yhn^YHN from 27.1.253.142 May 4 17:26:18 firewall sshd[22041]: Failed password for invalid user 6yhn^YHN from 27.1.253.142 port 46072 ssh2 May 4 17:27:19 firewall sshd[22068]: Invalid user bill from 27.1.253.142 ...	2020-05-05 04:43:04
attackbotsspam	$f2bV_matches	2020-04-18 15:31:29

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.1.253.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59581
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.1.253.142.			IN	A

;; AUTHORITY SECTION:
.			356	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041800 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 18 15:31:24 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 142.253.1.27.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.253.1.27.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
110.49.71.143	attackbots	2020-09-28T05:21:10.150864randservbullet-proofcloud-66.localdomain sshd[25593]: Invalid user export from 110.49.71.143 port 55208 2020-09-28T05:21:10.154538randservbullet-proofcloud-66.localdomain sshd[25593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.71.143 2020-09-28T05:21:10.150864randservbullet-proofcloud-66.localdomain sshd[25593]: Invalid user export from 110.49.71.143 port 55208 2020-09-28T05:21:12.883862randservbullet-proofcloud-66.localdomain sshd[25593]: Failed password for invalid user export from 110.49.71.143 port 55208 ssh2 ...	2020-09-28 13:58:46
185.239.242.27	attackbots	TCP (SYN) 185.239.242.27:60129 -> port 22, len 44	2020-09-28 13:29:42
178.62.52.150	attackbotsspam	Sep 28 06:23:51 rocket sshd[28276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.52.150 Sep 28 06:23:53 rocket sshd[28276]: Failed password for invalid user dp from 178.62.52.150 port 38170 ssh2 ...	2020-09-28 13:30:43
103.8.119.166	attack	2020-09-28T03:33:03.998181abusebot-8.cloudsearch.cf sshd[32347]: Invalid user test123 from 103.8.119.166 port 44486 2020-09-28T03:33:04.004130abusebot-8.cloudsearch.cf sshd[32347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.8.119.166 2020-09-28T03:33:03.998181abusebot-8.cloudsearch.cf sshd[32347]: Invalid user test123 from 103.8.119.166 port 44486 2020-09-28T03:33:05.650552abusebot-8.cloudsearch.cf sshd[32347]: Failed password for invalid user test123 from 103.8.119.166 port 44486 ssh2 2020-09-28T03:37:13.787878abusebot-8.cloudsearch.cf sshd[32425]: Invalid user admin from 103.8.119.166 port 50234 2020-09-28T03:37:13.792934abusebot-8.cloudsearch.cf sshd[32425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.8.119.166 2020-09-28T03:37:13.787878abusebot-8.cloudsearch.cf sshd[32425]: Invalid user admin from 103.8.119.166 port 50234 2020-09-28T03:37:15.960564abusebot-8.cloudsearch.cf sshd[32425]: ...	2020-09-28 13:51:50
123.140.114.252	attackspambots	Sep 28 02:03:58 ws22vmsma01 sshd[206961]: Failed password for root from 123.140.114.252 port 39114 ssh2 ...	2020-09-28 13:55:26
50.192.43.149	attackspambots	Automatic report - Banned IP Access	2020-09-28 13:45:43
95.85.24.147	attackbots	2020-09-28T09:03:41.781297snf-827550 sshd[24710]: Invalid user kfserver from 95.85.24.147 port 34068 2020-09-28T09:03:44.738371snf-827550 sshd[24710]: Failed password for invalid user kfserver from 95.85.24.147 port 34068 ssh2 2020-09-28T09:07:08.301319snf-827550 sshd[24727]: Invalid user adi from 95.85.24.147 port 41832 ...	2020-09-28 14:07:45
218.108.52.58	attackspam	$f2bV_matches	2020-09-28 13:54:58
211.141.234.16	attack	Sep 27 20:38:55 TCP Attack: SRC=211.141.234.16 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=101 PROTO=TCP SPT=6000 DPT=31433 WINDOW=16384 RES=0x00 SYN URGP=0	2020-09-28 14:07:07
138.128.216.164	attackbotsspam	2020-09-28T04:33:06.444088abusebot-8.cloudsearch.cf sshd[1148]: Invalid user postgres from 138.128.216.164 port 57788 2020-09-28T04:33:06.460779abusebot-8.cloudsearch.cf sshd[1148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.128.216.164.16clouds.com 2020-09-28T04:33:06.444088abusebot-8.cloudsearch.cf sshd[1148]: Invalid user postgres from 138.128.216.164 port 57788 2020-09-28T04:33:08.605115abusebot-8.cloudsearch.cf sshd[1148]: Failed password for invalid user postgres from 138.128.216.164 port 57788 ssh2 2020-09-28T04:38:27.844867abusebot-8.cloudsearch.cf sshd[1214]: Invalid user test3 from 138.128.216.164 port 37166 2020-09-28T04:38:27.854301abusebot-8.cloudsearch.cf sshd[1214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.128.216.164.16clouds.com 2020-09-28T04:38:27.844867abusebot-8.cloudsearch.cf sshd[1214]: Invalid user test3 from 138.128.216.164 port 37166 2020-09-28T04:38:30.063053abu ...	2020-09-28 13:34:44
119.45.129.210	attackspambots	Triggered by Fail2Ban at Ares web server	2020-09-28 14:03:23
122.172.170.12	attackbots	Sep 28 11:04:42 web1 sshd[25679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.172.170.12 user=root Sep 28 11:04:44 web1 sshd[25679]: Failed password for root from 122.172.170.12 port 55777 ssh2 Sep 28 11:13:13 web1 sshd[28960]: Invalid user git from 122.172.170.12 port 26497 Sep 28 11:13:13 web1 sshd[28960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.172.170.12 Sep 28 11:13:13 web1 sshd[28960]: Invalid user git from 122.172.170.12 port 26497 Sep 28 11:13:15 web1 sshd[28960]: Failed password for invalid user git from 122.172.170.12 port 26497 ssh2 Sep 28 11:17:27 web1 sshd[30332]: Invalid user sales from 122.172.170.12 port 43585 Sep 28 11:17:27 web1 sshd[30332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.172.170.12 Sep 28 11:17:27 web1 sshd[30332]: Invalid user sales from 122.172.170.12 port 43585 Sep 28 11:17:30 web1 sshd[30332]: Failed pas ...	2020-09-28 13:32:52
139.59.141.196	attack	WordPress wp-login brute force :: 139.59.141.196 0.116 - [28/Sep/2020:05:49:23 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 2414 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-09-28 13:58:01
202.184.30.216	attackbotsspam	Sep 28 07:38:03 haigwepa sshd[21147]: Failed password for root from 202.184.30.216 port 35916 ssh2 Sep 28 07:40:52 haigwepa sshd[21531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.184.30.216 ...	2020-09-28 14:08:37
150.109.52.213	attack	srv02 Mass scanning activity detected Target: 22464 ..	2020-09-28 13:59:20

Recently Reported IPs

5.180.138.253	62.234.151.121	210.112.27.51	164.68.127.40
110.137.44.19	193.182.144.49	89.187.178.155	186.88.222.187
64.225.36.201	142.93.112.41	106.75.157.51	111.229.111.160
184.154.87.41	178.128.39.131	60.211.203.150	194.5.233.129
106.12.98.42	50.27.238.105	84.225.93.8	200.124.146.72