27.2.104.68 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Saigon Tourist Cable Television

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 27.2.104.68 to port 5555	2020-01-02 20:38:46
attackspambots	firewall-block, port(s): 5555/tcp	2019-12-29 21:46:01
attackspambots	5555/tcp [2019-10-30]1pkt	2019-10-30 16:12:46

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.2.104.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46418
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.2.104.68.			IN	A

;; AUTHORITY SECTION:
.			335	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019103000 1800 900 604800 86400

;; Query time: 132 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 30 16:12:43 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 68.104.2.27.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 68.104.2.27.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.146.168.196	attackspam	Oct 14 18:42:39 sso sshd[12423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.146.168.196 Oct 14 18:42:41 sso sshd[12423]: Failed password for invalid user adminhaosf999 from 129.146.168.196 port 55822 ssh2 ...	2019-10-15 03:45:33
106.12.205.227	attackbots	Oct 14 20:59:59 ms-srv sshd[44273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.205.227 user=root Oct 14 21:00:01 ms-srv sshd[44273]: Failed password for invalid user root from 106.12.205.227 port 41612 ssh2	2019-10-15 04:02:05
51.38.234.54	attack	Feb 1 23:25:34 vtv3 sshd\[11879\]: Invalid user postgres from 51.38.234.54 port 38980 Feb 1 23:25:34 vtv3 sshd\[11879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.234.54 Feb 1 23:25:36 vtv3 sshd\[11879\]: Failed password for invalid user postgres from 51.38.234.54 port 38980 ssh2 Feb 1 23:29:40 vtv3 sshd\[12463\]: Invalid user alex from 51.38.234.54 port 42908 Feb 1 23:29:40 vtv3 sshd\[12463\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.234.54 Feb 4 08:03:34 vtv3 sshd\[16029\]: Invalid user ob from 51.38.234.54 port 50782 Feb 4 08:03:34 vtv3 sshd\[16029\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.234.54 Feb 4 08:03:36 vtv3 sshd\[16029\]: Failed password for invalid user ob from 51.38.234.54 port 50782 ssh2 Feb 4 08:07:36 vtv3 sshd\[17261\]: Invalid user sqlite from 51.38.234.54 port 54654 Feb 4 08:07:36 vtv3 sshd\[17261\]: pam_unix\(sshd	2019-10-15 04:06:24
193.32.160.139	attack	Oct 14 21:02:06 relay postfix/smtpd\[19163\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.139\]: 554 5.7.1 \: Relay access denied\; from=\<3p71lwbhajvnlh2@aseco.dk\> to=\ proto=ESMTP helo=\<\[193.32.160.142\]\> Oct 14 21:02:06 relay postfix/smtpd\[19163\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.139\]: 554 5.7.1 \: Relay access denied\; from=\<3p71lwbhajvnlh2@aseco.dk\> to=\ proto=ESMTP helo=\<\[193.32.160.142\]\> Oct 14 21:02:06 relay postfix/smtpd\[19163\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.139\]: 554 5.7.1 \: Relay access denied\; from=\<3p71lwbhajvnlh2@aseco.dk\> to=\ proto=ESMTP helo=\<\[193.32.160.142\]\> Oct 14 21:02:06 relay postfix/smtpd\[19163\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.139\]: 554 5.7.1 \: Relay access denied\; from=\<3p71lwbhajvnlh2@aseco.dk\> to=\	2019-10-15 03:44:51
183.103.35.198	attackspambots	Oct 14 21:09:08 XXX sshd[60830]: Invalid user ofsaa from 183.103.35.198 port 52136	2019-10-15 04:04:42
51.75.248.251	attackspam	10/14/2019-16:12:58.535070 51.75.248.251 Protocol: 6 ET SCAN Potential SSH Scan	2019-10-15 04:14:29
177.19.238.230	attackspam	Brute force attempt	2019-10-15 04:08:11
137.59.51.73	attackbots	Port 1433 Scan	2019-10-15 03:39:49
163.44.170.33	attack	Oct 14 19:06:41 XXXXXX sshd[25723]: Invalid user gmodserver from 163.44.170.33 port 47684	2019-10-15 04:06:57
222.186.42.4	attackspambots	Oct 15 03:08:14 itv-usvr-02 sshd[14730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root Oct 15 03:08:16 itv-usvr-02 sshd[14730]: Failed password for root from 222.186.42.4 port 58518 ssh2	2019-10-15 04:11:40
117.141.105.44	attack	Port 1433 Scan	2019-10-15 03:51:51
91.144.20.22	attackspambots	Automatic report - XMLRPC Attack	2019-10-15 03:47:12
116.111.109.223	attackbots	Oct 14 14:39:48 b2b-pharm sshd[26154]: Invalid user admin from 116.111.109.223 port 53833 Oct 14 14:39:48 b2b-pharm sshd[26154]: error: maximum authentication attempts exceeded for invalid user admin from 116.111.109.223 port 53833 ssh2 [preauth] Oct 14 14:39:48 b2b-pharm sshd[26154]: Invalid user admin from 116.111.109.223 port 53833 Oct 14 14:39:48 b2b-pharm sshd[26154]: error: maximum authentication attempts exceeded for invalid user admin from 116.111.109.223 port 53833 ssh2 [preauth] Oct 14 14:39:48 b2b-pharm sshd[26154]: Invalid user admin from 116.111.109.223 port 53833 Oct 14 14:39:48 b2b-pharm sshd[26154]: error: maximum authentication attempts exceeded for invalid user admin from 116.111.109.223 port 53833 ssh2 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=116.111.109.223	2019-10-15 03:43:49
185.2.4.144	attack	WordPress login Brute force / Web App Attack on client site.	2019-10-15 04:14:57
31.210.65.150	attackspam	Automatic report - Banned IP Access	2019-10-15 03:43:22

Recently Reported IPs

95.141.72.124	200.200.90.225	229.185.32.247	230.51.127.146
48.51.168.220	87.95.37.36	225.159.38.223	209.63.232.224
250.97.25.239	124.35.33.100	6.197.72.150	32.158.244.110
205.86.134.67	36.99.225.103	137.233.240.35	77.81.83.26
9.48.180.203	175.193.244.88	241.40.121.217	122.3.156.133