27.145.136.34 - IPInfo

Basic Info

City: Nakhon Ratchasima

Region: Changwat Nakhon Ratchasima

Country: Thailand

Internet Service Provider: True Internet Co. Ltd.

Hostname: unknown

Organization: True Internet Co.,Ltd.

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Sun, 21 Jul 2019 18:28:58 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:23:48

Comments on same subnet:

IP	Type	Details	Datetime
27.145.136.221	attackbots	Invalid user r00t from 27.145.136.221 port 58335	2020-05-23 14:39:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.145.136.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38342
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.145.136.34.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 22 03:23:43 CST 2019
;; MSG SIZE  rcvd: 117

Host info

34.136.145.27.in-addr.arpa domain name pointer cm-27-145-136-34.revip12.asianet.co.th.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
34.136.145.27.in-addr.arpa	name = cm-27-145-136-34.revip12.asianet.co.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.146.96.34	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-07 12:12:32,624 INFO [amun_request_handler] PortScan Detected on Port: 445 (122.146.96.34)	2019-08-08 00:10:07
77.21.120.197	attackspambots	Aug 5 17:42:40 vpxxxxxxx22308 sshd[8917]: Invalid user admin from 77.21.120.197 Aug 5 17:42:40 vpxxxxxxx22308 sshd[8917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.21.120.197 Aug 5 17:42:43 vpxxxxxxx22308 sshd[8917]: Failed password for invalid user admin from 77.21.120.197 port 42886 ssh2 Aug 5 17:42:45 vpxxxxxxx22308 sshd[8917]: Failed password for invalid user admin from 77.21.120.197 port 42886 ssh2 Aug 5 17:42:47 vpxxxxxxx22308 sshd[8917]: Failed password for invalid user admin from 77.21.120.197 port 42886 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=77.21.120.197	2019-08-07 23:28:42
46.38.235.236	attack	Aug 7 15:19:20 server sshd\[8750\]: Invalid user marius from 46.38.235.236 port 39058 Aug 7 15:19:20 server sshd\[8750\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.38.235.236 Aug 7 15:19:22 server sshd\[8750\]: Failed password for invalid user marius from 46.38.235.236 port 39058 ssh2 Aug 7 15:27:29 server sshd\[918\]: Invalid user areyes from 46.38.235.236 port 36824 Aug 7 15:27:29 server sshd\[918\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.38.235.236	2019-08-07 23:18:28
129.204.47.217	attackbots	Aug 7 16:21:47 minden010 sshd[22138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.47.217 Aug 7 16:21:50 minden010 sshd[22138]: Failed password for invalid user geena from 129.204.47.217 port 57104 ssh2 Aug 7 16:27:44 minden010 sshd[24123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.47.217 ...	2019-08-07 23:25:08
27.197.82.49	attackspam	DATE:2019-08-07 08:45:36, IP:27.197.82.49, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc-bis)	2019-08-07 23:42:06
117.81.151.98	attackbotsspam	EventTime:Wed Aug 7 16:49:38 AEST 2019,EventName:GET: Forbidden,TargetDataNamespace:/,TargetDataContainer:otsmobile/app/mgs/,TargetDataName:mgw.htm,SourceIP:117.81.151.98,VendorOutcomeCode:403,InitiatorServiceName:Go-http-client/1.1	2019-08-08 00:19:14
196.244.191.10	attack	localhost 196.244.191.10 - - [07/Aug/2019:14:50:42 +0800] "GET /index.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36" VLOG=- localhost 196.244.191.10 - - [07/Aug/2019:14:50:43 +0800] "GET /index.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36" VLOG=- localhost 196.244.191.10 - - [07/Aug/2019:14:50:43 +0800] "GET /suspendedpage.cgi HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36" VLOG=- localhost 196.244.191.10 - - [07/Aug/2019:14:50:45 +0800] "GET /0708us3/D07.F7A4D4D39F9E441E29F450D6B1A123B5/5/spk/164.195.55.206/ HTTP/1.1" 404 329 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36" VLOG=- localhost 196.244.191.10 - - [07/Aug/2019:14:50:45 +0800] "GET /0708us3/VHL.25111 ...	2019-08-07 23:43:19
178.65.75.207	attackspam	Aug 7 08:26:47 nexus sshd[30267]: Invalid user admin from 178.65.75.207 port 47188 Aug 7 08:26:47 nexus sshd[30267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.65.75.207 Aug 7 08:26:49 nexus sshd[30267]: Failed password for invalid user admin from 178.65.75.207 port 47188 ssh2 Aug 7 08:26:49 nexus sshd[30267]: Connection closed by 178.65.75.207 port 47188 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=178.65.75.207	2019-08-08 00:37:32
125.160.49.227	attackspam	Honeypot hit.	2019-08-07 23:19:35
165.22.59.82	attackbotsspam	Aug 7 13:08:52 dedicated sshd[22107]: Failed password for invalid user daren from 165.22.59.82 port 59908 ssh2 Aug 7 13:13:11 dedicated sshd[22622]: Invalid user tw from 165.22.59.82 port 47382 Aug 7 13:13:11 dedicated sshd[22622]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.59.82 Aug 7 13:13:11 dedicated sshd[22622]: Invalid user tw from 165.22.59.82 port 47382 Aug 7 13:13:13 dedicated sshd[22622]: Failed password for invalid user tw from 165.22.59.82 port 47382 ssh2	2019-08-08 00:39:46
103.103.181.19	attackspambots	Automatic report - Banned IP Access	2019-08-08 00:39:22
115.110.249.114	attack	Aug 7 09:50:21 srv-4 sshd\[24457\]: Invalid user deployer from 115.110.249.114 Aug 7 09:50:21 srv-4 sshd\[24457\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.110.249.114 Aug 7 09:50:23 srv-4 sshd\[24457\]: Failed password for invalid user deployer from 115.110.249.114 port 45546 ssh2 ...	2019-08-08 00:03:00
205.185.115.78	attackspam	ZTE Router Exploit Scanner	2019-08-07 23:20:18
185.232.41.110	attackbotsspam	[portscan] Port scan	2019-08-07 23:56:28
80.211.237.20	attackspam	Aug 7 15:34:00 heissa sshd\[13802\]: Invalid user tes from 80.211.237.20 port 47086 Aug 7 15:34:00 heissa sshd\[13802\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.237.20 Aug 7 15:34:01 heissa sshd\[13802\]: Failed password for invalid user tes from 80.211.237.20 port 47086 ssh2 Aug 7 15:39:35 heissa sshd\[14405\]: Invalid user august from 80.211.237.20 port 41028 Aug 7 15:39:35 heissa sshd\[14405\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.237.20	2019-08-07 23:47:55

Recently Reported IPs

8.34.135.84	121.74.134.1	191.88.217.88	193.122.27.11
180.241.44.208	200.93.42.99	179.139.55.238	179.49.20.195
2003:d7:4f35:4544:3819:8357:4533:336c	183.137.109.13	63.111.84.106	141.105.139.44
184.66.147.41	116.103.136.36	158.148.247.170	169.228.243.9
86.124.8.81	182.99.107.251	54.213.173.233	92.59.81.174