27.145.136.34 - IPInfo

Basic Info

City: Nakhon Ratchasima

Region: Changwat Nakhon Ratchasima

Country: Thailand

Internet Service Provider: True Internet Co. Ltd.

Hostname: unknown

Organization: True Internet Co.,Ltd.

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Sun, 21 Jul 2019 18:28:58 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:23:48

Comments on same subnet:

IP	Type	Details	Datetime
27.145.136.221	attackbots	Invalid user r00t from 27.145.136.221 port 58335	2020-05-23 14:39:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.145.136.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38342
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.145.136.34.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 22 03:23:43 CST 2019
;; MSG SIZE  rcvd: 117

Host info

34.136.145.27.in-addr.arpa domain name pointer cm-27-145-136-34.revip12.asianet.co.th.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
34.136.145.27.in-addr.arpa	name = cm-27-145-136-34.revip12.asianet.co.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.180.6	attackspambots	Mar 4 12:38:22 web9 sshd\[15429\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.6 user=root Mar 4 12:38:24 web9 sshd\[15429\]: Failed password for root from 222.186.180.6 port 59748 ssh2 Mar 4 12:38:39 web9 sshd\[15455\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.6 user=root Mar 4 12:38:41 web9 sshd\[15455\]: Failed password for root from 222.186.180.6 port 60672 ssh2 Mar 4 12:38:59 web9 sshd\[15536\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.6 user=root	2020-03-05 06:44:24
92.118.38.58	attackspambots	Mar 4 23:06:55 mail postfix/smtpd\[24520\]: warning: unknown\[92.118.38.58\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 4 23:07:23 mail postfix/smtpd\[24520\]: warning: unknown\[92.118.38.58\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 4 23:38:02 mail postfix/smtpd\[25188\]: warning: unknown\[92.118.38.58\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 4 23:38:32 mail postfix/smtpd\[25188\]: warning: unknown\[92.118.38.58\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-03-05 06:38:36
101.231.126.114	attackspam	SSH Authentication Attempts Exceeded	2020-03-05 06:37:56
37.114.170.147	attack	2020-03-0422:52:381j9bwU-0000sU-FP\<=verena@rs-solution.chH=$localhost$[37.114.170.147]:34930P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2302id=6E6BDD8E85517FCC10155CE41038DAD7@rs-solution.chT="Onlyrequireabitofyourinterest"forjosecarcamo22@icloud.comrakadani16@gmail.com2020-03-0422:52:291j9bwK-0000pf-DG\<=verena@rs-solution.chH=mx-ll-183.89.237-32.dynamic.3bb.co.th$localhost$[183.89.237.32]:55899P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2260id=8A8F396A61B59B28F4F1B800F4410E79@rs-solution.chT="Onlydecidedtogetacquaintedwithyou"forjopat051@hotmail.comaleksirainaka@gmail.com2020-03-0422:53:321j9bxL-0000wU-8T\<=verena@rs-solution.chH=$localhost$[123.21.203.160]:38817P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2257id=363385D6DD092794484D04BC48C9E402@rs-solution.chT="Wishtogettoknowmoreaboutyou"forvillegassamuel2002@gmail.comnealtig007@yahoo.com2020-03-042	2020-03-05 06:46:54
192.241.211.209	attackspam	Automatic report - Port Scan Attack	2020-03-05 06:44:47
92.63.194.25	attackspam	Mar 5 05:33:14 itv-usvr-02 sshd[9806]: Invalid user Administrator from 92.63.194.25 port 34391	2020-03-05 06:46:31
198.55.106.250	attackbots	Mar 4 22:54:15 grey postfix/smtpd\[11738\]: NOQUEUE: reject: RCPT from unknown\[198.55.106.250\]: 554 5.7.1 Service unavailable\; Client host \[198.55.106.250\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[198.55.106.250\]\; from=\<379-37-1166453-98-principal=learning-steps.com@mail.seeingnearly.top\> to=\ proto=ESMTP helo=\ ...	2020-03-05 06:18:04
91.230.153.121	attack	Mar 4 22:54:16 debian-2gb-nbg1-2 kernel: \[5618028.670097\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=91.230.153.121 DST=195.201.40.59 LEN=40 TOS=0x10 PREC=0x60 TTL=245 ID=18636 PROTO=TCP SPT=42053 DPT=53904 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-05 06:16:10
210.212.233.34	attack	Mar 4 12:11:39 web1 sshd\[4874\]: Invalid user arkserver from 210.212.233.34 Mar 4 12:11:39 web1 sshd\[4874\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.212.233.34 Mar 4 12:11:42 web1 sshd\[4874\]: Failed password for invalid user arkserver from 210.212.233.34 port 57322 ssh2 Mar 4 12:21:04 web1 sshd\[5867\]: Invalid user office2 from 210.212.233.34 Mar 4 12:21:05 web1 sshd\[5867\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.212.233.34	2020-03-05 06:23:48
5.101.0.209	attackbotsspam	firewall-block, port(s): 8081/tcp, 8088/tcp	2020-03-05 06:50:39
54.38.241.162	attack	Mar 4 22:51:03 lnxmysql61 sshd[16660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.241.162 Mar 4 22:51:05 lnxmysql61 sshd[16660]: Failed password for invalid user postgres from 54.38.241.162 port 54072 ssh2 Mar 4 22:54:14 lnxmysql61 sshd[16772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.241.162	2020-03-05 06:18:44
90.108.97.255	attackbots	$f2bV_matches	2020-03-05 06:40:57
89.248.168.217	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 6886 proto: UDP cat: Misc Attack	2020-03-05 06:48:28
222.186.175.212	attackspam	Mar 5 03:23:59 gw1 sshd[30946]: Failed password for root from 222.186.175.212 port 2752 ssh2 Mar 5 03:24:13 gw1 sshd[30946]: error: maximum authentication attempts exceeded for root from 222.186.175.212 port 2752 ssh2 [preauth] ...	2020-03-05 06:26:53
60.250.23.233	attack	Mar 4 18:46:42 firewall sshd[22119]: Invalid user system from 60.250.23.233 Mar 4 18:46:44 firewall sshd[22119]: Failed password for invalid user system from 60.250.23.233 port 50436 ssh2 Mar 4 18:54:12 firewall sshd[22259]: Invalid user tom from 60.250.23.233 ...	2020-03-05 06:20:06

Recently Reported IPs

8.34.135.84	121.74.134.1	191.88.217.88	193.122.27.11
180.241.44.208	200.93.42.99	179.139.55.238	179.49.20.195
2003:d7:4f35:4544:3819:8357:4533:336c	183.137.109.13	63.111.84.106	141.105.139.44
184.66.147.41	116.103.136.36	158.148.247.170	169.228.243.9
86.124.8.81	182.99.107.251	54.213.173.233	92.59.81.174