27.254.137.144

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Thailand

运营商(isp): CSLOXINFO IDC

主机名(hostname): unknown

机构(organization): CS LOXINFO Public Company Limited.

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	2020-10-04T19:24:46.821714shield sshd\[3572\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root 2020-10-04T19:24:48.538114shield sshd\[3572\]: Failed password for root from 27.254.137.144 port 53268 ssh2 2020-10-04T19:27:59.094952shield sshd\[4325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root 2020-10-04T19:28:00.640844shield sshd\[4325\]: Failed password for root from 27.254.137.144 port 47106 ssh2 2020-10-04T19:31:03.735545shield sshd\[4794\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root	2020-10-05 03:43:18
attack	2020-10-04T14:12:46.701134mail.standpoint.com.ua sshd[16501]: Failed password for invalid user conectar from 27.254.137.144 port 46086 ssh2 2020-10-04T14:16:15.594958mail.standpoint.com.ua sshd[17008]: Invalid user ubuntu from 27.254.137.144 port 46150 2020-10-04T14:16:15.597482mail.standpoint.com.ua sshd[17008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 2020-10-04T14:16:15.594958mail.standpoint.com.ua sshd[17008]: Invalid user ubuntu from 27.254.137.144 port 46150 2020-10-04T14:16:17.758816mail.standpoint.com.ua sshd[17008]: Failed password for invalid user ubuntu from 27.254.137.144 port 46150 ssh2 ...	2020-10-04 19:31:50
attackbots	bruteforce detected	2020-09-29 06:36:07
attack	Time: Sun Sep 27 14:56:19 2020 +0000 IP: 27.254.137.144 (TH/Thailand/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 27 14:48:25 3 sshd[4672]: Invalid user ts3 from 27.254.137.144 port 59452 Sep 27 14:48:27 3 sshd[4672]: Failed password for invalid user ts3 from 27.254.137.144 port 59452 ssh2 Sep 27 14:49:58 3 sshd[10271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root Sep 27 14:50:00 3 sshd[10271]: Failed password for root from 27.254.137.144 port 36792 ssh2 Sep 27 14:56:13 3 sshd[26074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root	2020-09-28 23:03:18
attackspambots	27.254.137.144 (TH/Thailand/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 28 06:08:56 server sshd[1030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.241.202.58 user=root Sep 28 06:08:07 server sshd[907]: Failed password for root from 27.254.137.144 port 51164 ssh2 Sep 28 06:01:19 server sshd[32333]: Failed password for root from 51.68.44.13 port 47336 ssh2 Sep 28 06:04:43 server sshd[307]: Failed password for root from 85.247.0.210 port 58521 ssh2 Sep 28 06:08:04 server sshd[907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root IP Addresses Blocked: 218.241.202.58 (CN/China/-)	2020-09-28 15:07:14
attackspam	Aug 31 05:58:35 santamaria sshd\[3451\]: Invalid user ymn from 27.254.137.144 Aug 31 05:58:35 santamaria sshd\[3451\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Aug 31 05:58:37 santamaria sshd\[3451\]: Failed password for invalid user ymn from 27.254.137.144 port 41678 ssh2 ...	2020-08-31 12:47:52
attackbots	detected by Fail2Ban	2020-08-30 04:15:03
attackbots	Fail2Ban - SSH Bruteforce Attempt	2020-08-17 03:09:52
attackspam	(sshd) Failed SSH login from 27.254.137.144 (TH/Thailand/-): 5 in the last 3600 secs	2020-08-16 17:49:07
attackspam	Aug 4 08:04:39 buvik sshd[13958]: Failed password for root from 27.254.137.144 port 58334 ssh2 Aug 4 08:06:31 buvik sshd[14286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root Aug 4 08:06:33 buvik sshd[14286]: Failed password for root from 27.254.137.144 port 56258 ssh2 ...	2020-08-04 14:57:10
attackspam	Jul 24 07:19:31 mellenthin sshd[8728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Jul 24 07:19:33 mellenthin sshd[8728]: Failed password for invalid user ccy from 27.254.137.144 port 38364 ssh2	2020-07-24 15:19:57
attack	Invalid user lai from 27.254.137.144 port 59094	2020-07-21 06:32:55
attack	Jul 20 18:02:00 inter-technics sshd[17419]: Invalid user wyq from 27.254.137.144 port 37898 Jul 20 18:02:00 inter-technics sshd[17419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Jul 20 18:02:00 inter-technics sshd[17419]: Invalid user wyq from 27.254.137.144 port 37898 Jul 20 18:02:02 inter-technics sshd[17419]: Failed password for invalid user wyq from 27.254.137.144 port 37898 ssh2 Jul 20 18:07:03 inter-technics sshd[17848]: Invalid user uap from 27.254.137.144 port 54902 ...	2020-07-21 03:44:01
attack	$f2bV_matches	2020-07-16 08:05:03
attack	Jul 10 17:26:43 ns381471 sshd[25590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Jul 10 17:26:45 ns381471 sshd[25590]: Failed password for invalid user jingke from 27.254.137.144 port 37486 ssh2	2020-07-10 23:26:56
attackbotsspam	Jul 5 21:59:42 abendstille sshd\[20394\]: Invalid user soap from 27.254.137.144 Jul 5 21:59:42 abendstille sshd\[20394\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Jul 5 21:59:44 abendstille sshd\[20394\]: Failed password for invalid user soap from 27.254.137.144 port 38238 ssh2 Jul 5 22:01:37 abendstille sshd\[22302\]: Invalid user lihb from 27.254.137.144 Jul 5 22:01:37 abendstille sshd\[22302\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 ...	2020-07-06 04:35:24
attack	Invalid user envoybenefits from 27.254.137.144 port 54246	2020-06-12 13:01:08
attack	May 25 05:55:59 edebian sshd[8614]: Failed password for root from 27.254.137.144 port 56704 ssh2 ...	2020-05-25 12:11:35
attackbots	May 23 15:16:49 ny01 sshd[25448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 May 23 15:16:51 ny01 sshd[25448]: Failed password for invalid user wmb from 27.254.137.144 port 43314 ssh2 May 23 15:19:26 ny01 sshd[25760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144	2020-05-24 03:33:27
attackbotsspam	Brute-force attempt banned	2020-05-21 18:57:21
attackbots	5x Failed Password	2020-05-10 17:33:21
attackspam	(sshd) Failed SSH login from 27.254.137.144 (TH/Thailand/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 8 22:44:14 amsweb01 sshd[2294]: Invalid user auxiliar from 27.254.137.144 port 54128 May 8 22:44:17 amsweb01 sshd[2294]: Failed password for invalid user auxiliar from 27.254.137.144 port 54128 ssh2 May 8 22:51:04 amsweb01 sshd[2959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 user=root May 8 22:51:06 amsweb01 sshd[2959]: Failed password for root from 27.254.137.144 port 60368 ssh2 May 8 22:54:38 amsweb01 sshd[3278]: Invalid user uftp from 27.254.137.144 port 58326	2020-05-09 06:12:44
attackspam	Apr 5 03:49:15 game-panel sshd[12849]: Failed password for root from 27.254.137.144 port 42566 ssh2 Apr 5 03:54:00 game-panel sshd[12993]: Failed password for root from 27.254.137.144 port 34662 ssh2	2020-04-05 12:15:48
attackspambots	Apr 3 21:52:43 mail sshd[20315]: Invalid user ruanhuabin from 27.254.137.144 Apr 3 21:52:43 mail sshd[20315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Apr 3 21:52:43 mail sshd[20315]: Invalid user ruanhuabin from 27.254.137.144 Apr 3 21:52:45 mail sshd[20315]: Failed password for invalid user ruanhuabin from 27.254.137.144 port 33968 ssh2 Apr 3 22:08:47 mail sshd[22722]: Invalid user www from 27.254.137.144 ...	2020-04-04 05:17:34
attackspambots	Mar 29 05:53:10 meumeu sshd[838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Mar 29 05:53:12 meumeu sshd[838]: Failed password for invalid user ae from 27.254.137.144 port 57948 ssh2 Mar 29 05:58:14 meumeu sshd[1701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 ...	2020-03-29 12:12:07
attackbots	Invalid user usuario from 27.254.137.144 port 36110	2020-03-27 22:32:16
attack	frenzy	2020-03-08 05:34:52
attackbotsspam	Mar 1 10:15:28 main sshd[19876]: Failed password for invalid user appimgr from 27.254.137.144 port 41312 ssh2	2020-03-02 05:43:19
attackbotsspam	Feb 17 14:21:52 work-partkepr sshd\[21066\]: Invalid user ubuntu from 27.254.137.144 port 57222 Feb 17 14:21:52 work-partkepr sshd\[21066\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 ...	2020-02-17 22:46:48
attackspambots	Feb 16 20:03:46 hpm sshd\[19943\]: Invalid user luan from 27.254.137.144 Feb 16 20:03:46 hpm sshd\[19943\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144 Feb 16 20:03:48 hpm sshd\[19943\]: Failed password for invalid user luan from 27.254.137.144 port 58780 ssh2 Feb 16 20:07:55 hpm sshd\[20637\]: Invalid user gayle from 27.254.137.144 Feb 16 20:07:55 hpm sshd\[20637\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.137.144	2020-02-17 17:01:05

相同子网IP讨论:

IP	类型	评论内容	时间
27.254.137.1	attackspambots	SSH login attempts with user root at 2020-01-02.	2020-01-03 01:05:00

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.254.137.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52899
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.254.137.144.			IN	A

;; AUTHORITY SECTION:
.			2542	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040601 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 07 04:17:54 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 144.137.254.27.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 144.137.254.27.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
186.213.140.175	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:53:25,734 INFO [amun_request_handler] PortScan Detected on Port: 445 (186.213.140.175)	2019-06-30 06:34:35
45.227.253.211	attackspam	SMTP Fraud Orders	2019-06-30 06:46:10
85.174.190.218	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:52:58,663 INFO [amun_request_handler] PortScan Detected on Port: 445 (85.174.190.218)	2019-06-30 06:40:16
193.32.161.150	attackspam	Unauthorized connection attempt from IP address 193.32.161.150 on Port 3389(RDP)	2019-06-30 06:44:49
43.242.212.81	attackbotsspam	$f2bV_matches	2019-06-30 06:46:41
1.52.203.142	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:51:10,403 INFO [amun_request_handler] PortScan Detected on Port: 445 (1.52.203.142)	2019-06-30 06:43:31
42.201.247.243	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:52:52,645 INFO [amun_request_handler] PortScan Detected on Port: 445 (42.201.247.243)	2019-06-30 06:41:27
92.118.160.33	attack	Port scan attempt detected by AWS-CCS, CTS, India	2019-06-30 07:15:25
138.99.216.65	attack	Portscan or hack attempt detected by psad/fwsnort	2019-06-30 07:05:44
182.76.213.66	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:47:08,615 INFO [amun_request_handler] PortScan Detected on Port: 445 (182.76.213.66)	2019-06-30 06:50:33
107.170.203.244	attackbots	2376/tcp 5351/udp 2086/tcp... [2019-05-01/06-29]60pkt,43pt.(tcp),5pt.(udp)	2019-06-30 07:14:02
92.118.160.21	attackspambots	Port scan: Attack repeated for 24 hours	2019-06-30 07:16:27
108.62.202.210	attackbots	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-06-30 07:13:34
193.192.176.2	attack	SSH-BruteForce	2019-06-30 06:55:06
181.143.153.74	attackbotsspam	Port scan: Attack repeated for 24 hours	2019-06-30 07:03:46

最近上报的IP列表

84.51.16.131	140.206.32.247	121.46.94.66	183.83.67.150
115.236.33.226	189.86.186.62	103.68.0.179	212.46.251.150
37.187.6.235	78.173.51.77	186.92.118.144	36.66.116.219
14.18.47.233	123.207.96.242	91.238.230.107	131.156.200.13
104.203.96.6	140.143.208.180	85.26.164.25	81.30.126.103