27.104.135.156

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: M1 Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	May 9 04:23:12 ns382633 sshd\[7758\]: Invalid user ives from 27.104.135.156 port 36544 May 9 04:23:12 ns382633 sshd\[7758\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.104.135.156 May 9 04:23:14 ns382633 sshd\[7758\]: Failed password for invalid user ives from 27.104.135.156 port 36544 ssh2 May 9 04:31:42 ns382633 sshd\[9367\]: Invalid user user6 from 27.104.135.156 port 36323 May 9 04:31:42 ns382633 sshd\[9367\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.104.135.156	2020-05-09 22:06:42
attackspam	2020-04-29T17:36:42.171998struts4.enskede.local sshd\[31010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.104.135.156 user=root 2020-04-29T17:36:45.383628struts4.enskede.local sshd\[31010\]: Failed password for root from 27.104.135.156 port 58387 ssh2 2020-04-29T17:42:56.076615struts4.enskede.local sshd\[31065\]: Invalid user jerald from 27.104.135.156 port 45613 2020-04-29T17:42:56.083804struts4.enskede.local sshd\[31065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.104.135.156 2020-04-29T17:42:59.310524struts4.enskede.local sshd\[31065\]: Failed password for invalid user jerald from 27.104.135.156 port 45613 ssh2 ...	2020-04-30 01:53:52
attack	Invalid user prosper from 27.104.135.156 port 40578	2020-04-18 13:11:09
attackspam	SSH Brute-Force reported by Fail2Ban	2020-04-13 16:53:05
attackbotsspam	2020-04-07T00:49:54.871238shield sshd\[29424\]: Invalid user celery from 27.104.135.156 port 32930 2020-04-07T00:49:54.875682shield sshd\[29424\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.104.135.156 2020-04-07T00:49:56.749661shield sshd\[29424\]: Failed password for invalid user celery from 27.104.135.156 port 32930 ssh2 2020-04-07T00:54:09.749359shield sshd\[30843\]: Invalid user zimbra from 27.104.135.156 port 38666 2020-04-07T00:54:09.753585shield sshd\[30843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.104.135.156	2020-04-07 09:06:12
attack	20 attempts against mh-ssh on echoip	2020-03-28 20:44:38
attack	Mar 26 13:22:13 ns3042688 sshd\[9208\]: Invalid user lukas from 27.104.135.156 Mar 26 13:22:13 ns3042688 sshd\[9208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.104.135.156 Mar 26 13:22:15 ns3042688 sshd\[9208\]: Failed password for invalid user lukas from 27.104.135.156 port 41264 ssh2 Mar 26 13:26:17 ns3042688 sshd\[9527\]: Invalid user ok from 27.104.135.156 Mar 26 13:26:17 ns3042688 sshd\[9527\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.104.135.156 ...	2020-03-26 20:33:03
attackspambots	Repeated brute force against a port	2020-03-25 06:16:29
attack	SSH Brute Force	2020-03-20 21:52:40

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.104.135.156
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15901
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.104.135.156.			IN	A

;; AUTHORITY SECTION:
.			140	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031900 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 19 20:55:03 CST 2020
;; MSG SIZE  rcvd: 118

Host info

156.135.104.27.in-addr.arpa domain name pointer 156.135.104.27.unknown.m1.com.sg.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
156.135.104.27.in-addr.arpa	name = 156.135.104.27.unknown.m1.com.sg.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
121.57.224.240	attackspam	Unauthorized connection attempt detected from IP address 121.57.224.240 to port 9991	2020-01-04 08:59:24
100.73.26.212	spambotsattackproxynormal	Jalpan	2020-01-04 11:09:30
35.195.198.163	attackbotsspam	Unauthorised access (Jan 4) SRC=35.195.198.163 LEN=40 TTL=59 ID=29208 TCP DPT=8080 WINDOW=16229 SYN Unauthorised access (Jan 3) SRC=35.195.198.163 LEN=40 TTL=59 ID=28587 TCP DPT=8080 WINDOW=16229 SYN Unauthorised access (Jan 3) SRC=35.195.198.163 LEN=40 TTL=62 ID=13303 TCP DPT=8080 WINDOW=16229 SYN Unauthorised access (Jan 3) SRC=35.195.198.163 LEN=40 TTL=59 ID=2104 TCP DPT=8080 WINDOW=16229 SYN Unauthorised access (Jan 3) SRC=35.195.198.163 LEN=40 TTL=59 ID=57388 TCP DPT=8080 WINDOW=53510 SYN Unauthorised access (Jan 3) SRC=35.195.198.163 LEN=40 TTL=59 ID=35875 TCP DPT=8080 WINDOW=16229 SYN	2020-01-04 09:09:36
164.52.24.182	attackbots	Unauthorized connection attempt detected from IP address 164.52.24.182 to port 81	2020-01-04 09:20:39
164.52.24.178	attackspam	" "	2020-01-04 09:21:10
220.172.156.100	attackspambots	Unauthorized connection attempt detected from IP address 220.172.156.100 to port 23	2020-01-04 09:16:30
123.191.130.91	attackbotsspam	Unauthorized connection attempt detected from IP address 123.191.130.91 to port 8118	2020-01-04 08:57:29
58.248.200.202	attack	Unauthorized connection attempt detected from IP address 58.248.200.202 to port 8118	2020-01-04 09:08:34
113.128.104.117	attackbots	Unauthorized connection attempt detected from IP address 113.128.104.117 to port 9991	2020-01-04 09:01:53
115.86.177.84	attackspam	Unauthorized connection attempt detected from IP address 115.86.177.84 to port 26	2020-01-04 09:01:37
207.46.13.177	attackspambots	Automatic report - Banned IP Access	2020-01-04 13:02:07
1.54.222.220	attack	Unauthorized connection attempt detected from IP address 1.54.222.220 to port 23	2020-01-04 09:12:44
123.160.173.27	attackspambots	Unauthorized connection attempt detected from IP address 123.160.173.27 to port 8123	2020-01-04 08:58:26
119.39.47.3	attackspambots	Unauthorized connection attempt detected from IP address 119.39.47.3 to port 8082	2020-01-04 09:25:44
36.155.114.82	attackbotsspam	Jan 4 04:47:37 ip-172-31-62-245 sshd\[6805\]: Invalid user sandi from 36.155.114.82\ Jan 4 04:47:39 ip-172-31-62-245 sshd\[6805\]: Failed password for invalid user sandi from 36.155.114.82 port 46849 ssh2\ Jan 4 04:52:31 ip-172-31-62-245 sshd\[6850\]: Failed password for gnats from 36.155.114.82 port 60066 ssh2\ Jan 4 04:57:12 ip-172-31-62-245 sshd\[6915\]: Invalid user rabbitmq from 36.155.114.82\ Jan 4 04:57:14 ip-172-31-62-245 sshd\[6915\]: Failed password for invalid user rabbitmq from 36.155.114.82 port 45050 ssh2\	2020-01-04 13:01:35

Recently Reported IPs

70.142.57.21	87.251.76.196	102.157.43.106	172.94.23.136
61.74.158.114	189.172.82.212	186.46.41.134	201.77.124.248
78.189.26.52	126.115.111.3	190.105.73.142	91.103.248.36
83.234.176.36	49.70.59.58	43.251.117.161	66.161.227.18
18.218.131.215	189.211.0.245	70.110.19.191	156.204.236.51