Go
27.254.38.122
is a
Hacker
100 %
Thailand
Report Abuse
143attacks reported
59Brute-ForceSSH
32Port Scan
17Brute-Force
7HackingBrute-Force
5Port ScanSSH
5Brute-ForceMailserver Attack
4Brute-ForceExploited Host
4uncategorized
2Fraud VoIPBrute-Force
2Web App Attack
...
12abuse reported
4Email SpamBrute-Force
4Email Spam
2Web SpamEmail Spam
1Email SpamPort ScanBrute-Force
1Bad Web BotExploited HostWeb App Attack
from 48 distinct reporters
and 5 distinct sources : BadIPs.com, Blocklist.de, FireHOL, Charles Haley, AbuseIPDB
27.254.38.122 was first signaled at 2020-04-21 03:29 and last record was at 2020-08-04 14:15.
IP

27.254.38.122

Organization
CS LOXINFO Public Company Limited.
Localisation
Thailand
Khon Kaen, Bangkok
NetRange : First & Last IP
27.254.38.0 - 27.254.38.255
Network CIDR
27.254.38.0/24

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2020-08-04 14:15 attacks Brute-ForceSSH AbuseIPDB SSH invalid-user multiple login try
2020-08-04 12:52 abuse Email SpamBrute-Force AbuseIPDB $f2bV_matches
2020-08-04 12:30 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-08-04 05:56 abuse Email Spam AbuseIPDB f2b trigger Multiple SASL failures
2020-08-04 05:28 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-08-04 03:59 attacks Brute-Force AbuseIPDB 2020-08-04T14:58:59+02:00 <masked> exim[30046]: fixed_login authenticator failed for (USER) [27.254.38.122]: 535 Incorrect authentication data (
2020-08-03 22:21 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-08-03 18:26 attacks HackingBrute-Force AbuseIPDB Aug 4 05:26:48 www postfix/smtpd\[26888\]: lost connection after AUTH from unknown\[27.254.38.122\]
2020-08-03 15:30 abuse Email SpamBrute-Force AbuseIPDB Email login attempts - bad mail account name (SMTP)
2020-08-03 15:19 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-08-03 08:21 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-08-03 01:32 abuse Email Spam AbuseIPDB f2b trigger Multiple SASL failures
2020-08-03 01:22 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-08-02 21:32 attacks Brute-Force AbuseIPDB 2020-08-02 dovecot_login authenticator failed for \(USER\) \[27.254.38.122\]: 535 Incorrect authentication data \([email protected]**REMOVED**.ne
2020-08-02 01:07 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-08-01 19:36 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-08-01 14:11 abuse Email Spam AbuseIPDB f2b trigger Multiple SASL failures
2020-08-01 13:49 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-08-01 08:16 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-08-01 03:30 attacks Brute-Force AbuseIPDB 2020-08-01T14:29:46+02:00 <masked> exim[18631]: fixed_login authenticator failed for (USER) [27.254.38.122]: 535 Incorrect authentication data (
2020-07-31 20:12 abuse Email SpamPort ScanBrute-Force AbuseIPDB Blocked 27.254.38.122 For sending bad password count 5 tried : [email protected] & [email protected] & [email protected] &
2020-07-31 18:53 attacks HackingBrute-Force AbuseIPDB 01.08.2020 05:53:37 - Login Fail on hMailserver Detected by ELinOX-hMail-A2F
2020-07-31 18:11 attacks Brute-Force AbuseIPDB 2020-07-31 dovecot_login authenticator failed for \(USER\) \[27.254.38.122\]: 535 Incorrect authentication data \([email protected]**REMOVED**.ne
2020-07-31 15:24 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-07-31 12:26 attacks HackingBrute-Force AbuseIPDB 31.07.2020 23:26:08 - Login Fail on hMailserver Detected by ELinOX-hMail-A2F
2020-07-31 10:30 attacks Brute-ForceSSH AbuseIPDB SSH invalid-user multiple login try
2020-07-31 09:23 abuse Email Spam AbuseIPDB f2b trigger Multiple SASL failures
2020-07-31 09:17 abuse Email SpamBrute-Force AbuseIPDB $f2bV_matches
2020-07-31 09:00 abuse Email SpamBrute-Force AbuseIPDB Email login attempts - bad mail account name (SMTP)
2020-07-31 08:55 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-07-31 06:44 attacks HackingBrute-Force AbuseIPDB 31.07.2020 17:44:50 - Login Fail on hMailserver Detected by ELinOX-hMail-A2F
2020-07-31 05:07 attacks Brute-Force AbuseIPDB Jul 31 09:07:28 mailman postfix/smtpd[16829]: warning: unknown[27.254.38.122]: SASL LOGIN authentication failed: authentication failure
2020-07-30 23:06 attacks Brute-ForceExploited Host AbuseIPDB Brute force attempt
2020-07-30 22:21 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-07-30 15:53 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-07-30 11:04 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-07-30 05:54 abuse Web SpamEmail Spam AbuseIPDB $f2bV_matches
2020-07-30 04:36 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-07-30 02:03 attacks Brute-Force AbuseIPDB 2020-07-30T13:02:45+02:00 <masked> exim[28877]: fixed_login authenticator failed for (USER) [27.254.38.122]: 535 Incorrect authentication data (
2020-07-29 17:19 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-07-29 12:30 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-07-29 06:03 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-07-28 22:48 attacks Brute-Force AbuseIPDB 2020-07-29T09:47:18+02:00 <masked> exim[6137]: fixed_login authenticator failed for (USER) [27.254.38.122]: 535 Incorrect authentication data ([
2020-07-28 19:19 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-07-28 14:44 attacks Brute-Force AbuseIPDB 2020-07-28T00:58:04.123978productionscape.com postfix/smtpd[13056]: warning: unknown[27.254.38.122]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 20
2020-07-28 13:53 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-07-28 10:56 attacks Brute-Force AbuseIPDB exim email abuse
2020-07-28 08:00 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-07-28 07:48 attacks Brute-Force AbuseIPDB Jul 27 19:26:42 web postfix/smtpd\[13083\]: warning: unknown\[27.254.38.122\]: SASL LOGIN authentication failed: authentication failureJul 27 20:01:37
2020-07-28 04:37 attacks Brute-Force AbuseIPDB Jul 28 04:12:57 server postfix/smtpd[32199]: warning: unknown[27.254.38.122]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 28 04:17:32 server po
2020-04-21 03:29 attacks Brute-ForceExploited Host AbuseIPDB Brute force attempt
2020-04-21 03:33 attacks Port Scan AbuseIPDB (smtpauth) Failed SMTP AUTH login from 27.254.38.122 (TH/Thailand/27-254-38-122.lnwhostname.com): 1 in the last 3600 secs; Ports: *; Direction: inout;
2020-04-21 04:07 attacks Brute-Force AbuseIPDB Apr 21 08:07:00 mailman postfix/smtpd[19207]: warning: unknown[27.254.38.122]: SASL LOGIN authentication failed: authentication failure
2020-05-24 22:10 attacks Brute-ForceSSH AbuseIPDB Invalid user codad from 27.254.38.122 port 3890
2020-05-24 23:59 attacks Brute-ForceSSH AbuseIPDB prod6
2020-05-25 01:01 attacks Brute-ForceSSH AbuseIPDB May 25 12:01:06 prod4 sshd\[26141\]: Failed password for root from 27.254.38.122 port 59146 ssh2 May 25 12:01:08 prod4 sshd\[26141\]: Failed password
2020-05-25 02:59 attacks Brute-ForceSSH AbuseIPDB Invalid user valid from 27.254.38.122 port 30280
2020-05-25 10:10 attacks Brute-ForceSSH AbuseIPDB Invalid user codad from 27.254.38.122 port 3890
2020-05-25 13:00 attacks Brute-ForceSSH AbuseIPDB Invalid user codad from 27.254.38.122 port 3890
2020-05-25 16:10 attacks Brute-ForceSSH AbuseIPDB Invalid user codad from 27.254.38.122 port 3890
2020-07-31 15:56 attacks bi_any_0_1d BadIPs.com  
2020-07-31 15:56 attacks Brute-ForceMailserver Attack bi_mail_0_1d BadIPs.com  
2020-07-31 15:56 attacks Brute-ForceMailserver Attack bi_postfix-sasl_0_1d BadIPs.com  
2020-07-31 15:56 attacks Mailserver Attack bi_sasl_0_1d BadIPs.com  
2020-07-31 15:57 attacks blocklist_de Blocklist.de  
2020-07-31 15:57 attacks Brute-ForceMailserver Attack blocklist_de_mail Blocklist.de  
2020-07-31 16:01 attacks firehol_level2 FireHOL  
2020-07-31 16:02 attacks firehol_level4 FireHOL  
2020-07-31 16:10 attacks SSH haley_ssh Charles Haley  
2020-08-01 14:56 attacks Brute-ForceMailserver Attack blocklist_de_imap Blocklist.de  
2020-08-04 12:00 attacks Brute-ForceMailserver Attack bi_postfix_0_1d BadIPs.com  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

inetnum: 27.254.38.0 - 27.254.38.255
netname: idc-csloxinfo
country: TH
descr: CSLOXINFO-IDC
descr: contact
admin-c: LIA1-AP
tech-c: LIA1-AP
status: ASSIGNED NON-PORTABLE
mnt-by: LOXINFO-IS
mnt-irt: IRT-CSLOXINFO-TH
last-modified: 2014-09-03T02:45:19Z
source: APNIC

irt: IRT-CSLOXINFO-TH
address: CW Tower
address: Ratchadapisek Road, Huai Khwang, Bangkok 10310
phone: +66 2 2638000
fax-no: +66 2 2638790
e-mail: ip_admin@csl.co.th
abuse-mailbox: ip_admin@csl.co.th
admin-c: LIA1-AP
tech-c: LIA1-AP
auth: # Filtered
remarks: ip_admin@csl.co.th was validated on 2020-07-14
mnt-by: CSLOXINFO-IS
last-modified: 2020-07-14T06:17:10Z
source: APNIC

role: Loxinfo IP Admins
remarks: CS LOXINFO PUBLIC COMPANY LIMITED
address: CW Tower
address: Ratchadapisek Road, Huai Khwang, Bangkok 10310
country: TH
phone: +66-2263-8000
fax-no: +66-2263-8790
e-mail: ip_admin@csloxinfo.net
admin-c: LIA1-AP
tech-c: LIA1-AP
nic-hdl: LIA1-AP
mnt-by: CSLOXINFO-IS
last-modified: 2017-06-09T17:43:45Z
source: APNIC
most specific ip range is highlighted
Updated : 2020-09-17