27.254.137.144

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: CSLOXINFO IDC

Hostname: unknown

Organization: CS LOXINFO Public Company Limited.

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	2020-10-04T19:24:46.821714shield sshd\[3572\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root 2020-10-04T19:24:48.538114shield sshd\[3572\]: Failed password for root from 27.254.137.144 port 53268 ssh2 2020-10-04T19:27:59.094952shield sshd\[4325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root 2020-10-04T19:28:00.640844shield sshd\[4325\]: Failed password for root from 27.254.137.144 port 47106 ssh2 2020-10-04T19:31:03.735545shield sshd\[4794\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root	2020-10-05 03:43:18
attack	2020-10-04T14:12:46.701134mail.standpoint.com.ua sshd[16501]: Failed password for invalid user conectar from 27.254.137.144 port 46086 ssh2 2020-10-04T14:16:15.594958mail.standpoint.com.ua sshd[17008]: Invalid user ubuntu from 27.254.137.144 port 46150 2020-10-04T14:16:15.597482mail.standpoint.com.ua sshd[17008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 2020-10-04T14:16:15.594958mail.standpoint.com.ua sshd[17008]: Invalid user ubuntu from 27.254.137.144 port 46150 2020-10-04T14:16:17.758816mail.standpoint.com.ua sshd[17008]: Failed password for invalid user ubuntu from 27.254.137.144 port 46150 ssh2 ...	2020-10-04 19:31:50
attackbots	bruteforce detected	2020-09-29 06:36:07
attack	Time: Sun Sep 27 14:56:19 2020 +0000 IP: 27.254.137.144 (TH/Thailand/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 27 14:48:25 3 sshd[4672]: Invalid user ts3 from 27.254.137.144 port 59452 Sep 27 14:48:27 3 sshd[4672]: Failed password for invalid user ts3 from 27.254.137.144 port 59452 ssh2 Sep 27 14:49:58 3 sshd[10271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root Sep 27 14:50:00 3 sshd[10271]: Failed password for root from 27.254.137.144 port 36792 ssh2 Sep 27 14:56:13 3 sshd[26074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root	2020-09-28 23:03:18
attackspambots	27.254.137.144 (TH/Thailand/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 28 06:08:56 server sshd[1030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.241.202.58 user=root Sep 28 06:08:07 server sshd[907]: Failed password for root from 27.254.137.144 port 51164 ssh2 Sep 28 06:01:19 server sshd[32333]: Failed password for root from 51.68.44.13 port 47336 ssh2 Sep 28 06:04:43 server sshd[307]: Failed password for root from 85.247.0.210 port 58521 ssh2 Sep 28 06:08:04 server sshd[907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root IP Addresses Blocked: 218.241.202.58 (CN/China/-)	2020-09-28 15:07:14
attackspam	Aug 31 05:58:35 santamaria sshd\[3451\]: Invalid user ymn from 27.254.137.144 Aug 31 05:58:35 santamaria sshd\[3451\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Aug 31 05:58:37 santamaria sshd\[3451\]: Failed password for invalid user ymn from 27.254.137.144 port 41678 ssh2 ...	2020-08-31 12:47:52
attackbots	detected by Fail2Ban	2020-08-30 04:15:03
attackbots	Fail2Ban - SSH Bruteforce Attempt	2020-08-17 03:09:52
attackspam	(sshd) Failed SSH login from 27.254.137.144 (TH/Thailand/-): 5 in the last 3600 secs	2020-08-16 17:49:07
attackspam	Aug 4 08:04:39 buvik sshd[13958]: Failed password for root from 27.254.137.144 port 58334 ssh2 Aug 4 08:06:31 buvik sshd[14286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root Aug 4 08:06:33 buvik sshd[14286]: Failed password for root from 27.254.137.144 port 56258 ssh2 ...	2020-08-04 14:57:10
attackspam	Jul 24 07:19:31 mellenthin sshd[8728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Jul 24 07:19:33 mellenthin sshd[8728]: Failed password for invalid user ccy from 27.254.137.144 port 38364 ssh2	2020-07-24 15:19:57
attack	Invalid user lai from 27.254.137.144 port 59094	2020-07-21 06:32:55
attack	Jul 20 18:02:00 inter-technics sshd[17419]: Invalid user wyq from 27.254.137.144 port 37898 Jul 20 18:02:00 inter-technics sshd[17419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Jul 20 18:02:00 inter-technics sshd[17419]: Invalid user wyq from 27.254.137.144 port 37898 Jul 20 18:02:02 inter-technics sshd[17419]: Failed password for invalid user wyq from 27.254.137.144 port 37898 ssh2 Jul 20 18:07:03 inter-technics sshd[17848]: Invalid user uap from 27.254.137.144 port 54902 ...	2020-07-21 03:44:01
attack	$f2bV_matches	2020-07-16 08:05:03
attack	Jul 10 17:26:43 ns381471 sshd[25590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Jul 10 17:26:45 ns381471 sshd[25590]: Failed password for invalid user jingke from 27.254.137.144 port 37486 ssh2	2020-07-10 23:26:56
attackbotsspam	Jul 5 21:59:42 abendstille sshd\[20394\]: Invalid user soap from 27.254.137.144 Jul 5 21:59:42 abendstille sshd\[20394\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Jul 5 21:59:44 abendstille sshd\[20394\]: Failed password for invalid user soap from 27.254.137.144 port 38238 ssh2 Jul 5 22:01:37 abendstille sshd\[22302\]: Invalid user lihb from 27.254.137.144 Jul 5 22:01:37 abendstille sshd\[22302\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 ...	2020-07-06 04:35:24
attack	Invalid user envoybenefits from 27.254.137.144 port 54246	2020-06-12 13:01:08
attack	May 25 05:55:59 edebian sshd[8614]: Failed password for root from 27.254.137.144 port 56704 ssh2 ...	2020-05-25 12:11:35
attackbots	May 23 15:16:49 ny01 sshd[25448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 May 23 15:16:51 ny01 sshd[25448]: Failed password for invalid user wmb from 27.254.137.144 port 43314 ssh2 May 23 15:19:26 ny01 sshd[25760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144	2020-05-24 03:33:27
attackbotsspam	Brute-force attempt banned	2020-05-21 18:57:21
attackbots	5x Failed Password	2020-05-10 17:33:21
attackspam	(sshd) Failed SSH login from 27.254.137.144 (TH/Thailand/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 8 22:44:14 amsweb01 sshd[2294]: Invalid user auxiliar from 27.254.137.144 port 54128 May 8 22:44:17 amsweb01 sshd[2294]: Failed password for invalid user auxiliar from 27.254.137.144 port 54128 ssh2 May 8 22:51:04 amsweb01 sshd[2959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root May 8 22:51:06 amsweb01 sshd[2959]: Failed password for root from 27.254.137.144 port 60368 ssh2 May 8 22:54:38 amsweb01 sshd[3278]: Invalid user uftp from 27.254.137.144 port 58326	2020-05-09 06:12:44
attackspam	Apr 5 03:49:15 game-panel sshd[12849]: Failed password for root from 27.254.137.144 port 42566 ssh2 Apr 5 03:54:00 game-panel sshd[12993]: Failed password for root from 27.254.137.144 port 34662 ssh2	2020-04-05 12:15:48
attackspambots	Apr 3 21:52:43 mail sshd[20315]: Invalid user ruanhuabin from 27.254.137.144 Apr 3 21:52:43 mail sshd[20315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Apr 3 21:52:43 mail sshd[20315]: Invalid user ruanhuabin from 27.254.137.144 Apr 3 21:52:45 mail sshd[20315]: Failed password for invalid user ruanhuabin from 27.254.137.144 port 33968 ssh2 Apr 3 22:08:47 mail sshd[22722]: Invalid user www from 27.254.137.144 ...	2020-04-04 05:17:34
attackspambots	Mar 29 05:53:10 meumeu sshd[838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Mar 29 05:53:12 meumeu sshd[838]: Failed password for invalid user ae from 27.254.137.144 port 57948 ssh2 Mar 29 05:58:14 meumeu sshd[1701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 ...	2020-03-29 12:12:07
attackbots	Invalid user usuario from 27.254.137.144 port 36110	2020-03-27 22:32:16
attack	frenzy	2020-03-08 05:34:52
attackbotsspam	Mar 1 10:15:28 main sshd[19876]: Failed password for invalid user appimgr from 27.254.137.144 port 41312 ssh2	2020-03-02 05:43:19
attackbotsspam	Feb 17 14:21:52 work-partkepr sshd\[21066\]: Invalid user ubuntu from 27.254.137.144 port 57222 Feb 17 14:21:52 work-partkepr sshd\[21066\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 ...	2020-02-17 22:46:48
attackspambots	Feb 16 20:03:46 hpm sshd\[19943\]: Invalid user luan from 27.254.137.144 Feb 16 20:03:46 hpm sshd\[19943\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Feb 16 20:03:48 hpm sshd\[19943\]: Failed password for invalid user luan from 27.254.137.144 port 58780 ssh2 Feb 16 20:07:55 hpm sshd\[20637\]: Invalid user gayle from 27.254.137.144 Feb 16 20:07:55 hpm sshd\[20637\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144	2020-02-17 17:01:05

Comments on same subnet:

IP	Type	Details	Datetime
27.254.137.1	attackspambots	SSH login attempts with user root at 2020-01-02.	2020-01-03 01:05:00

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.254.137.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52899
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.254.137.144.			IN	A

;; AUTHORITY SECTION:
.			2542	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040601 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 07 04:17:54 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 144.137.254.27.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 144.137.254.27.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.211.83.206	attackbots	Mar 10 21:44:11 sd-53420 sshd\[32538\]: Invalid user Pass@w0rd0111 from 129.211.83.206 Mar 10 21:44:11 sd-53420 sshd\[32538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.83.206 Mar 10 21:44:13 sd-53420 sshd\[32538\]: Failed password for invalid user Pass@w0rd0111 from 129.211.83.206 port 48738 ssh2 Mar 10 21:47:39 sd-53420 sshd\[447\]: Invalid user redhat from 129.211.83.206 Mar 10 21:47:39 sd-53420 sshd\[447\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.83.206 ...	2020-03-11 04:52:35
193.92.166.180	attackbots	Port probing on unauthorized port 23	2020-03-11 05:10:09
176.118.125.62	attack	DATE:2020-03-10 19:11:48, IP:176.118.125.62, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-03-11 05:17:36
103.30.94.210	attackbots	suspicious action Tue, 10 Mar 2020 15:14:48 -0300	2020-03-11 05:18:07
80.244.179.6	attackspam	2020-03-10T21:59:00.647193vps751288.ovh.net sshd\[11976\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=school.asazs.co.uk user=root 2020-03-10T21:59:02.803625vps751288.ovh.net sshd\[11976\]: Failed password for root from 80.244.179.6 port 37886 ssh2 2020-03-10T22:05:30.429523vps751288.ovh.net sshd\[12002\]: Invalid user uftp from 80.244.179.6 port 46284 2020-03-10T22:05:30.438704vps751288.ovh.net sshd\[12002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=school.asazs.co.uk 2020-03-10T22:05:32.802156vps751288.ovh.net sshd\[12002\]: Failed password for invalid user uftp from 80.244.179.6 port 46284 ssh2	2020-03-11 05:18:48
122.114.177.239	attackbots	2020-03-10T19:48:47.071921jannga.de sshd[4555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.177.239 user=root 2020-03-10T19:48:49.636247jannga.de sshd[4555]: Failed password for root from 122.114.177.239 port 45992 ssh2 ...	2020-03-11 04:48:06
218.92.0.198	attackspambots	Mar 10 19:13:41 amit sshd\[21344\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.198 user=root Mar 10 19:13:43 amit sshd\[21344\]: Failed password for root from 218.92.0.198 port 30794 ssh2 Mar 10 19:14:41 amit sshd\[21368\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.198 user=root ...	2020-03-11 05:20:36
128.199.255.81	attackspambots	Automatic report - XMLRPC Attack	2020-03-11 04:53:50
92.118.38.42	attackbotsspam	2020-03-10 22:56:14 dovecot_login authenticator failed for $User$ \[92.118.38.42\]: 535 Incorrect authentication data $set_id=lthompson@org.ua$2020-03-10 22:56:38 dovecot_login authenticator failed for $User$ \[92.118.38.42\]: 535 Incorrect authentication data $set_id=lgarcia@org.ua$2020-03-10 22:57:01 dovecot_login authenticator failed for $User$ \[92.118.38.42\]: 535 Incorrect authentication data $set_id=lmartinez@org.ua$ ...	2020-03-11 05:01:40
93.171.241.5	attackbotsspam	Mar 11 02:20:26 areeb-Workstation sshd[7777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.171.241.5 Mar 11 02:20:27 areeb-Workstation sshd[7777]: Failed password for invalid user gitlab-prometheus from 93.171.241.5 port 39600 ssh2 ...	2020-03-11 05:05:10
128.199.106.169	attackbots	Mar 10 21:13:50 163-172-32-151 sshd[1431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.106.169 user=root Mar 10 21:13:52 163-172-32-151 sshd[1431]: Failed password for root from 128.199.106.169 port 52954 ssh2 ...	2020-03-11 05:19:46
222.186.173.238	attackbotsspam	Mar 10 22:02:51 minden010 sshd[21306]: Failed password for root from 222.186.173.238 port 30734 ssh2 Mar 10 22:02:54 minden010 sshd[21306]: Failed password for root from 222.186.173.238 port 30734 ssh2 Mar 10 22:02:57 minden010 sshd[21306]: Failed password for root from 222.186.173.238 port 30734 ssh2 Mar 10 22:03:01 minden010 sshd[21306]: Failed password for root from 222.186.173.238 port 30734 ssh2 ...	2020-03-11 05:04:16
47.20.216.248	attack	This IP hacked into my account.	2020-03-11 05:06:55
185.173.35.53	attackbots	" "	2020-03-11 04:59:26
188.254.0.2	attackbotsspam	$f2bV_matches	2020-03-11 05:21:00

Recently Reported IPs

84.51.16.131	140.206.32.247	121.46.94.66	183.83.67.150
115.236.33.226	189.86.186.62	103.68.0.179	212.46.251.150
37.187.6.235	78.173.51.77	186.92.118.144	36.66.116.219
14.18.47.233	123.207.96.242	91.238.230.107	131.156.200.13
104.203.96.6	140.143.208.180	85.26.164.25	81.30.126.103