27.100.42.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: Advanced Info Service Public Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 16-11-2019 06:20:33.	2019-11-16 20:17:48

Comments on same subnet:

IP	Type	Details	Datetime
27.100.42.1	attackspambots	Unauthorized connection attempt from IP address 27.100.42.1 on Port 445(SMB)	2020-02-10 01:39:56
27.100.42.0	attack	Unauthorized connection attempt from IP address 27.100.42.0 on Port 445(SMB)	2019-10-20 00:08:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.100.42.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46118
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.100.42.2.			IN	A

;; AUTHORITY SECTION:
.			595	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111600 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 16 20:17:38 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 2.42.100.27.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.42.100.27.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.135.48.40	attackbotsspam	Jul 6 23:12:16 ip-172-31-1-72 sshd\[1774\]: Invalid user ftptest from 220.135.48.40 Jul 6 23:12:16 ip-172-31-1-72 sshd\[1774\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.135.48.40 Jul 6 23:12:18 ip-172-31-1-72 sshd\[1774\]: Failed password for invalid user ftptest from 220.135.48.40 port 60808 ssh2 Jul 6 23:15:29 ip-172-31-1-72 sshd\[1828\]: Invalid user username from 220.135.48.40 Jul 6 23:15:29 ip-172-31-1-72 sshd\[1828\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.135.48.40	2019-07-07 07:23:48
37.139.24.190	attack	Jul 7 00:07:12 dev sshd\[23354\]: Invalid user pokemon from 37.139.24.190 port 41222 Jul 7 00:07:12 dev sshd\[23354\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.24.190 ...	2019-07-07 07:16:09
162.255.87.22	attackbotsspam	$f2bV_matches	2019-07-07 06:35:58
129.150.122.243	attackspambots	Jul 7 01:12:46 cp sshd[7631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.150.122.243 Jul 7 01:12:47 cp sshd[7631]: Failed password for invalid user apagar from 129.150.122.243 port 30122 ssh2 Jul 7 01:15:41 cp sshd[9285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.150.122.243	2019-07-07 07:22:51
157.55.39.101	attackbots	Automatic report - Web App Attack	2019-07-07 07:03:12
142.93.241.93	attackbots	SSH bruteforce	2019-07-07 07:13:27
45.114.68.168	attack	proto=tcp . spt=42713 . dpt=25 . (listed on Github Combined on 3 lists ) (515)	2019-07-07 06:52:44
117.50.44.215	attackspam	Jul 6 18:43:52 server01 sshd\[30795\]: Invalid user typo3 from 117.50.44.215 Jul 6 18:43:52 server01 sshd\[30795\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 Jul 6 18:43:54 server01 sshd\[30795\]: Failed password for invalid user typo3 from 117.50.44.215 port 50762 ssh2 ...	2019-07-07 06:54:27
187.61.125.233	attackbotsspam	SMTP-sasl brute force ...	2019-07-07 06:59:52
58.72.155.170	attack	Jul 2 00:32:05 xb0 sshd[29334]: Failed password for invalid user user3 from 58.72.155.170 port 47948 ssh2 Jul 2 00:32:05 xb0 sshd[29334]: Received disconnect from 58.72.155.170: 11: Bye Bye [preauth] Jul 2 00:37:31 xb0 sshd[30567]: Failed password for invalid user Rupesh from 58.72.155.170 port 47646 ssh2 Jul 2 00:37:31 xb0 sshd[30567]: Received disconnect from 58.72.155.170: 11: Bye Bye [preauth] Jul 2 00:40:04 xb0 sshd[4185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.72.155.170 user=r.r Jul 2 00:40:05 xb0 sshd[4185]: Failed password for r.r from 58.72.155.170 port 45232 ssh2 Jul 2 00:40:06 xb0 sshd[4185]: Received disconnect from 58.72.155.170: 11: Bye Bye [preauth] Jul 2 00:42:38 xb0 sshd[31011]: Failed password for invalid user sinusbot from 58.72.155.170 port 42828 ssh2 Jul 2 00:42:38 xb0 sshd[31011]: Received disconnect from 58.72.155.170: 11: Bye Bye [preauth] Jul 2 00:45:04 xb0 sshd[3712]: Failed passwo........ -------------------------------	2019-07-07 06:48:52
88.138.112.63	attack	Jul 6 13:14:15 marvibiene sshd[23810]: Invalid user pi from 88.138.112.63 port 57412 Jul 6 13:14:15 marvibiene sshd[23811]: Invalid user pi from 88.138.112.63 port 57410 ...	2019-07-07 06:56:31
184.105.139.113	attack	30005/tcp 9200/tcp 8443/tcp... [2019-05-07/07-05]40pkt,9pt.(tcp),3pt.(udp)	2019-07-07 06:47:37
140.246.140.86	attack	Multiple failed RDP login attempts	2019-07-07 07:17:21
78.128.113.66	attack	Jul 7 00:24:48 mail postfix/smtpd\[25622\]: warning: unknown\[78.128.113.66\]: SASL PLAIN authentication failed: \ Jul 7 01:15:09 mail postfix/smtpd\[26619\]: warning: unknown\[78.128.113.66\]: SASL PLAIN authentication failed: \ Jul 7 01:15:17 mail postfix/smtpd\[26619\]: warning: unknown\[78.128.113.66\]: SASL PLAIN authentication failed: \ Jul 7 01:17:04 mail postfix/smtpd\[26855\]: warning: unknown\[78.128.113.66\]: SASL PLAIN authentication failed: \	2019-07-07 07:25:17
114.108.177.104	attack	proto=tcp . spt=34942 . dpt=25 . (listed on Blocklist de Jul 05) (522)	2019-07-07 06:41:55

Recently Reported IPs

119.27.165.198	170.83.240.225	130.0.35.62	120.29.77.165
118.69.116.52	118.194.226.100	151.184.170.193	117.241.247.239
245.101.228.55	24.157.143.154	113.254.211.100	103.233.122.55
103.99.37.39	148.121.103.20	1.55.227.84	112.225.253.170
216.6.152.52	213.39.181.205	204.132.77.54	173.245.52.79