27.254.137.144

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Thailand

运营商(isp): CSLOXINFO IDC

主机名(hostname): unknown

机构(organization): CS LOXINFO Public Company Limited.

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	2020-10-04T19:24:46.821714shield sshd\[3572\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root 2020-10-04T19:24:48.538114shield sshd\[3572\]: Failed password for root from 27.254.137.144 port 53268 ssh2 2020-10-04T19:27:59.094952shield sshd\[4325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root 2020-10-04T19:28:00.640844shield sshd\[4325\]: Failed password for root from 27.254.137.144 port 47106 ssh2 2020-10-04T19:31:03.735545shield sshd\[4794\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root	2020-10-05 03:43:18
attack	2020-10-04T14:12:46.701134mail.standpoint.com.ua sshd[16501]: Failed password for invalid user conectar from 27.254.137.144 port 46086 ssh2 2020-10-04T14:16:15.594958mail.standpoint.com.ua sshd[17008]: Invalid user ubuntu from 27.254.137.144 port 46150 2020-10-04T14:16:15.597482mail.standpoint.com.ua sshd[17008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 2020-10-04T14:16:15.594958mail.standpoint.com.ua sshd[17008]: Invalid user ubuntu from 27.254.137.144 port 46150 2020-10-04T14:16:17.758816mail.standpoint.com.ua sshd[17008]: Failed password for invalid user ubuntu from 27.254.137.144 port 46150 ssh2 ...	2020-10-04 19:31:50
attackbots	bruteforce detected	2020-09-29 06:36:07
attack	Time: Sun Sep 27 14:56:19 2020 +0000 IP: 27.254.137.144 (TH/Thailand/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 27 14:48:25 3 sshd[4672]: Invalid user ts3 from 27.254.137.144 port 59452 Sep 27 14:48:27 3 sshd[4672]: Failed password for invalid user ts3 from 27.254.137.144 port 59452 ssh2 Sep 27 14:49:58 3 sshd[10271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root Sep 27 14:50:00 3 sshd[10271]: Failed password for root from 27.254.137.144 port 36792 ssh2 Sep 27 14:56:13 3 sshd[26074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root	2020-09-28 23:03:18
attackspambots	27.254.137.144 (TH/Thailand/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 28 06:08:56 server sshd[1030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.241.202.58 user=root Sep 28 06:08:07 server sshd[907]: Failed password for root from 27.254.137.144 port 51164 ssh2 Sep 28 06:01:19 server sshd[32333]: Failed password for root from 51.68.44.13 port 47336 ssh2 Sep 28 06:04:43 server sshd[307]: Failed password for root from 85.247.0.210 port 58521 ssh2 Sep 28 06:08:04 server sshd[907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root IP Addresses Blocked: 218.241.202.58 (CN/China/-)	2020-09-28 15:07:14
attackspam	Aug 31 05:58:35 santamaria sshd\[3451\]: Invalid user ymn from 27.254.137.144 Aug 31 05:58:35 santamaria sshd\[3451\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Aug 31 05:58:37 santamaria sshd\[3451\]: Failed password for invalid user ymn from 27.254.137.144 port 41678 ssh2 ...	2020-08-31 12:47:52
attackbots	detected by Fail2Ban	2020-08-30 04:15:03
attackbots	Fail2Ban - SSH Bruteforce Attempt	2020-08-17 03:09:52
attackspam	(sshd) Failed SSH login from 27.254.137.144 (TH/Thailand/-): 5 in the last 3600 secs	2020-08-16 17:49:07
attackspam	Aug 4 08:04:39 buvik sshd[13958]: Failed password for root from 27.254.137.144 port 58334 ssh2 Aug 4 08:06:31 buvik sshd[14286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root Aug 4 08:06:33 buvik sshd[14286]: Failed password for root from 27.254.137.144 port 56258 ssh2 ...	2020-08-04 14:57:10
attackspam	Jul 24 07:19:31 mellenthin sshd[8728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Jul 24 07:19:33 mellenthin sshd[8728]: Failed password for invalid user ccy from 27.254.137.144 port 38364 ssh2	2020-07-24 15:19:57
attack	Invalid user lai from 27.254.137.144 port 59094	2020-07-21 06:32:55
attack	Jul 20 18:02:00 inter-technics sshd[17419]: Invalid user wyq from 27.254.137.144 port 37898 Jul 20 18:02:00 inter-technics sshd[17419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Jul 20 18:02:00 inter-technics sshd[17419]: Invalid user wyq from 27.254.137.144 port 37898 Jul 20 18:02:02 inter-technics sshd[17419]: Failed password for invalid user wyq from 27.254.137.144 port 37898 ssh2 Jul 20 18:07:03 inter-technics sshd[17848]: Invalid user uap from 27.254.137.144 port 54902 ...	2020-07-21 03:44:01
attack	$f2bV_matches	2020-07-16 08:05:03
attack	Jul 10 17:26:43 ns381471 sshd[25590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Jul 10 17:26:45 ns381471 sshd[25590]: Failed password for invalid user jingke from 27.254.137.144 port 37486 ssh2	2020-07-10 23:26:56
attackbotsspam	Jul 5 21:59:42 abendstille sshd\[20394\]: Invalid user soap from 27.254.137.144 Jul 5 21:59:42 abendstille sshd\[20394\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Jul 5 21:59:44 abendstille sshd\[20394\]: Failed password for invalid user soap from 27.254.137.144 port 38238 ssh2 Jul 5 22:01:37 abendstille sshd\[22302\]: Invalid user lihb from 27.254.137.144 Jul 5 22:01:37 abendstille sshd\[22302\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 ...	2020-07-06 04:35:24
attack	Invalid user envoybenefits from 27.254.137.144 port 54246	2020-06-12 13:01:08
attack	May 25 05:55:59 edebian sshd[8614]: Failed password for root from 27.254.137.144 port 56704 ssh2 ...	2020-05-25 12:11:35
attackbots	May 23 15:16:49 ny01 sshd[25448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 May 23 15:16:51 ny01 sshd[25448]: Failed password for invalid user wmb from 27.254.137.144 port 43314 ssh2 May 23 15:19:26 ny01 sshd[25760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144	2020-05-24 03:33:27
attackbotsspam	Brute-force attempt banned	2020-05-21 18:57:21
attackbots	5x Failed Password	2020-05-10 17:33:21
attackspam	(sshd) Failed SSH login from 27.254.137.144 (TH/Thailand/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 8 22:44:14 amsweb01 sshd[2294]: Invalid user auxiliar from 27.254.137.144 port 54128 May 8 22:44:17 amsweb01 sshd[2294]: Failed password for invalid user auxiliar from 27.254.137.144 port 54128 ssh2 May 8 22:51:04 amsweb01 sshd[2959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root May 8 22:51:06 amsweb01 sshd[2959]: Failed password for root from 27.254.137.144 port 60368 ssh2 May 8 22:54:38 amsweb01 sshd[3278]: Invalid user uftp from 27.254.137.144 port 58326	2020-05-09 06:12:44
attackspam	Apr 5 03:49:15 game-panel sshd[12849]: Failed password for root from 27.254.137.144 port 42566 ssh2 Apr 5 03:54:00 game-panel sshd[12993]: Failed password for root from 27.254.137.144 port 34662 ssh2	2020-04-05 12:15:48
attackspambots	Apr 3 21:52:43 mail sshd[20315]: Invalid user ruanhuabin from 27.254.137.144 Apr 3 21:52:43 mail sshd[20315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Apr 3 21:52:43 mail sshd[20315]: Invalid user ruanhuabin from 27.254.137.144 Apr 3 21:52:45 mail sshd[20315]: Failed password for invalid user ruanhuabin from 27.254.137.144 port 33968 ssh2 Apr 3 22:08:47 mail sshd[22722]: Invalid user www from 27.254.137.144 ...	2020-04-04 05:17:34
attackspambots	Mar 29 05:53:10 meumeu sshd[838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Mar 29 05:53:12 meumeu sshd[838]: Failed password for invalid user ae from 27.254.137.144 port 57948 ssh2 Mar 29 05:58:14 meumeu sshd[1701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 ...	2020-03-29 12:12:07
attackbots	Invalid user usuario from 27.254.137.144 port 36110	2020-03-27 22:32:16
attack	frenzy	2020-03-08 05:34:52
attackbotsspam	Mar 1 10:15:28 main sshd[19876]: Failed password for invalid user appimgr from 27.254.137.144 port 41312 ssh2	2020-03-02 05:43:19
attackbotsspam	Feb 17 14:21:52 work-partkepr sshd\[21066\]: Invalid user ubuntu from 27.254.137.144 port 57222 Feb 17 14:21:52 work-partkepr sshd\[21066\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 ...	2020-02-17 22:46:48
attackspambots	Feb 16 20:03:46 hpm sshd\[19943\]: Invalid user luan from 27.254.137.144 Feb 16 20:03:46 hpm sshd\[19943\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Feb 16 20:03:48 hpm sshd\[19943\]: Failed password for invalid user luan from 27.254.137.144 port 58780 ssh2 Feb 16 20:07:55 hpm sshd\[20637\]: Invalid user gayle from 27.254.137.144 Feb 16 20:07:55 hpm sshd\[20637\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144	2020-02-17 17:01:05

相同子网IP讨论:

IP	类型	评论内容	时间
27.254.137.1	attackspambots	SSH login attempts with user root at 2020-01-02.	2020-01-03 01:05:00

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.254.137.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52899
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.254.137.144.			IN	A

;; AUTHORITY SECTION:
.			2542	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040601 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 07 04:17:54 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 144.137.254.27.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 144.137.254.27.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
34.85.33.91	attackbotsspam	34.85.33.91 - - [15/May/2020:07:15:03 +0200] "GET /wp-login.php HTTP/1.1" 200 6451 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.85.33.91 - - [15/May/2020:07:15:06 +0200] "POST /wp-login.php HTTP/1.1" 200 6702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.85.33.91 - - [15/May/2020:07:15:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-15 15:03:59
51.178.78.152	attackspam	TCP port 5432: Scan and connection	2020-05-15 14:35:34
104.248.45.204	attackbotsspam	May 15 08:31:29 ns381471 sshd[30965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 May 15 08:31:31 ns381471 sshd[30965]: Failed password for invalid user louise from 104.248.45.204 port 53702 ssh2	2020-05-15 14:54:06
45.148.124.236	attackspambots	Chat Spam	2020-05-15 14:50:59
120.53.30.243	attack	May 15 13:55:36 itv-usvr-01 sshd[2365]: Invalid user ubnt from 120.53.30.243 May 15 13:55:36 itv-usvr-01 sshd[2365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.53.30.243 May 15 13:55:36 itv-usvr-01 sshd[2365]: Invalid user ubnt from 120.53.30.243 May 15 13:55:39 itv-usvr-01 sshd[2365]: Failed password for invalid user ubnt from 120.53.30.243 port 50956 ssh2 May 15 13:58:04 itv-usvr-01 sshd[2440]: Invalid user nadine from 120.53.30.243	2020-05-15 15:14:13
185.137.234.155	attack	May 15 08:44:53 debian-2gb-nbg1-2 kernel: \[11783943.244720\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.137.234.155 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=6442 PROTO=TCP SPT=41586 DPT=3353 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-15 14:59:12
193.115.119.29	attack	Invalid user guest from 193.115.119.29 port 48612	2020-05-15 14:45:58
185.232.65.36	attackspam	scanner	2020-05-15 15:07:40
212.129.250.84	attackbotsspam	May 15 08:08:00 vserver sshd\[17069\]: Invalid user deploy from 212.129.250.84May 15 08:08:02 vserver sshd\[17069\]: Failed password for invalid user deploy from 212.129.250.84 port 52538 ssh2May 15 08:12:18 vserver sshd\[17150\]: Invalid user mobile from 212.129.250.84May 15 08:12:21 vserver sshd\[17150\]: Failed password for invalid user mobile from 212.129.250.84 port 44948 ssh2 ...	2020-05-15 15:15:10
114.98.126.14	attackbots	May 15 07:30:54 buvik sshd[14901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.98.126.14 May 15 07:30:55 buvik sshd[14901]: Failed password for invalid user jaxson from 114.98.126.14 port 57212 ssh2 May 15 07:33:57 buvik sshd[15326]: Invalid user camera from 114.98.126.14 ...	2020-05-15 15:21:30
112.137.138.4	attack	C1,DEF GET /phpMyAdmin/scripts/setup.php	2020-05-15 15:06:49
61.177.172.128	attackspam	May 15 08:53:16 minden010 sshd[29240]: Failed password for root from 61.177.172.128 port 37495 ssh2 May 15 08:53:19 minden010 sshd[29240]: Failed password for root from 61.177.172.128 port 37495 ssh2 May 15 08:53:22 minden010 sshd[29240]: Failed password for root from 61.177.172.128 port 37495 ssh2 May 15 08:53:28 minden010 sshd[29240]: error: maximum authentication attempts exceeded for root from 61.177.172.128 port 37495 ssh2 [preauth] ...	2020-05-15 14:57:02
202.168.205.181	attackspam	Invalid user jefferson from 202.168.205.181 port 32059	2020-05-15 15:13:40
87.122.207.193	attackbotsspam	$f2bV_matches	2020-05-15 14:54:38
188.208.213.219	attackspam	From CCTV User Interface Log ...::ffff:188.208.213.219 - - [14/May/2020:23:54:44 +0000] "GET / HTTP/1.1" 200 960 ...	2020-05-15 14:43:20

最近上报的IP列表

84.51.16.131	140.206.32.247	121.46.94.66	183.83.67.150
115.236.33.226	189.86.186.62	103.68.0.179	212.46.251.150
37.187.6.235	78.173.51.77	186.92.118.144	36.66.116.219
14.18.47.233	123.207.96.242	91.238.230.107	131.156.200.13
104.203.96.6	140.143.208.180	85.26.164.25	81.30.126.103