27.254.63.73 Threat Intelligence and Host Information

Share on:
Aug 13, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 27.254.63.73 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

  • Tags: Nextray, cyber security, ioc, malicious, phishing

  • JARM: 29d29d16d29d29d00042d42d0000005fd00fabd213a5ac89229012f70afd5c

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: gpf_comics, hphosts_psh

  • Country: Thailand
  • Network: AS9891 cs loxinfo public company limited.
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: www.subthaionly.com subthaionly.com ftp.poki.in.th smtp.poki.in.th www.poki.in.th poki.in.th pop.poki.in.th smtp.smoothiesclubs.com pop.smoothiesclubs.com www.smoothiesclubs.com ftp.smoothiesclubs.com ftp.adosushi.com pop.adosushi.com ftp.lekcooking.com www.lekcooking.com pop.lekcooking.com smtp.lekcooking.com www.y8.in.th y8.in.th www.m.javsuck.com m.javsuck.com mobile.y8.in.th mobile.hdgames.net ftp.nattawoot.online nattawoot.online smtp.nattawoot.online pop.nattawoot.online www.nattawoot.online ro.hdgames.net domain.teddyclub.net www.domain.teddyclub.net javkuy.net smtp.javkuy.net pop.javkuy.net ftp.javkuy.net www.javkuy.net www.qfi-global.com ftp.qfi-global.com smtp.qfi-global.com pop.qfi-global.com www.admin.teddyclub.net admin.teddyclub.net pop.teddyclub.net www.teddyclub.net smtp.teddyclub.net teddyclub.net ftp.teddyclub.net www.chavalriverside.com smtp.chavalriverside.com chavalriverside.com ftp.chavalriverside.com pop.chavalriverside.com pop.gelateicecream.com www.gelateicecream.com ftp.gelateicecream.com smtp.gelateicecream.com pop.thailandscreen.com ftp.thailandscreen.com smtp.thailandscreen.com www.thailandscreen.com ftp.bangkokmetalsheet.com smtp.bangkokmetalsheet.com www.bangkokmetalsheet.com pop.bangkokmetalsheet.com www.hey.rtna97.com hey.rtna97.com www.buu-cu6-e-learning.rtna97.com buu-cu6-e-learning.rtna97.com www.navtecgroup.com ftp.navtecgroup.com pop.navtecgroup.com smtp.navtecgroup.com www.iccp.navtecgroup.com iccp.navtecgroup.com www.covid19.navtecgroup.com covid19.navtecgroup.com pop.ngoodin.com www.ngoodin.com ftp.ngoodin.com smtp.ngoodin.com smtp.pcb.in.th ftp.pcb.in.th pop.pcb.in.th pcb.in.th www.pcb.in.th www.382.navtecgroup.com 382.navtecgroup.com pop.xn–62ci2a8d3and2b8b6e0dq.com smtp.xn–62ci2a8d3and2b8b6e0dq.com ftp.xn–62ci2a8d3and2b8b6e0dq.com xn–62ci2a8d3and2b8b6e0dq.com www.xn–62ci2a8d3and2b8b6e0dq.com smtp.xn–l3c2ahkqn3d4a.com pop.xn–l3c2ahkqn3d4a.com www.xn–l3c2ahkqn3d4a.com ftp.xn–l3c2ahkqn3d4a.com kuraburiresort.com ftp.kuraburiresort.com smtp.kuraburiresort.com www.kuraburiresort.com pop.kuraburiresort.com ftp.firstandfern.com www.firstandfern.com pop.firstandfern.com smtp.firstandfern.com ftp.blistoncollection.com pop.blistoncollection.com smtp.blistoncollection.com www.blistoncollection.com pop.buildingauditor.com ftp.buildingauditor.com smtp.buildingauditor.com www.buildingauditor.com pop.baitonggroup.com www.baitonggroup.com smtp.baitonggroup.com ftp.baitonggroup.com ftp.jw-audit.com pop.jw-audit.com smtp.jw-audit.com www.jw-audit.com ftp.agaloagale.com agaloagale.com pop.agaloagale.com smtp.agaloagale.com www.agaloagale.com ftp.kruood.com pop.kruood.com smtp.kruood.com www.kruood.com www.coolclubair.com smtp.coolclubair.com ftp.coolclubair.com pop.coolclubair.com pop.arquusnoir.com smtp.arquusnoir.com ftp.arquusnoir.com www.arquusnoir.com ftp.bkkmetalsheet.com www.bkkmetalsheet.com pop.bkkmetalsheet.com bkkmetalsheet.com smtp.bkkmetalsheet.com pop.khaothaluchumporncoffee.com smtp.khaothaluchumporncoffee.com khaothaluchumporncoffee.com ftp.khaothaluchumporncoffee.com www.khaothaluchumporncoffee.com ftp.ams-eoffice.com smtp.ams-eoffice.com pop.ams-eoffice.com www.ams-eoffice.com pop.namheng-th.com ftp.namheng-th.com www.namheng-th.com smtp.namheng-th.com namheng-th.com pop.chavalth.com www.chavalth.com ftp.chavalth.com smtp.chavalth.com chavalth.com pop.alumsoft.com ftp.alumsoft.com smtp.alumsoft.com smtp.a1audit.com ftp.a1audit.com www.a1audit.com pop.a1audit.com smtp.a1account.com a1account.com www.a1account.com pop.a1account.com ftp.a1account.com www.pacificmercury.com pop.pacificmercury.com ftp.pacificmercury.com smtp.pacificmercury.com ftp.haadrinfairyland.com pop.haadrinfairyland.com www.haadrinfairyland.com haadrinfairyland.com smtp.haadrinfairyland.com ftp.promduang.com pop.promduang.com promduang.com smtp.promduang.com www.promduang.com smtp.air-ban.com www.air-ban.com pop.air-ban.com ftp.air-ban.com smtp.krutrat.com www.krutrat.com pop.krutrat.com ftp.krutrat.com pop.pongsuwansaimai.org www.pongsuwansaimai.org smtp.pongsuwansaimai.org ftp.pongsuwansaimai.org ftp.rtna97.com www.rtna97.com pop.rtna97.com smtp.rtna97.com www.go.rtna97.com go.rtna97.com www.guntronic.navtecgroup.com guntronic.navtecgroup.com www.seku19.navtecgroup.com seku19.navtecgroup.com safety.navtecgroup.com www.safety.navtecgroup.com www.dockyard.navtecgroup.com dockyard.navtecgroup.com www.pcm.navtecgroup.com pcm.navtecgroup.com www.pum.navtecgroup.com pum.navtecgroup.com www.blog.navtecgroup.com blog.navtecgroup.com smtp.daradrama.com ftp.daradrama.com pop.daradrama.com www.daradrama.com www.suanzanook.com ftp.suanzanook.com pop.suanzanook.com smtp.suanzanook.com centralpigment.com pop.centralpigment.com www.centralpigment.com smtp.centralpigment.com ftp.centralpigment.com www.ex-training.com pop.ex-training.com ftp.ex-training.com smtp.ex-training.com www.bantaharn.in.th bantaharn.in.th ftp.bantaharn.in.th smtp.bantaharn.in.th pop.bantaharn.in.th ftp.kroo-suchat.com smtp.kroo-suchat.com www.kroo-suchat.com pop.kroo-suchat.com smtp.iam25.com www.iam25.com pop.iam25.com ftp.iam25.com smtp.termitebug.com ftp.termitebug.com www.termitebug.com pop.termitebug.com smtp.banddesignshop.com pop.banddesignshop.com www.banddesignshop.com ftp.banddesignshop.com www.baanpranee.com ftp.baanpranee.com smtp.baanpranee.com pop.baanpranee.com pop.javsuck.com ftp.javsuck.com smtp.javsuck.com www.alumsoft.com alumsoft.com suanzanook.com firstandfern.com ams-eoffice.com rtna97.com bknumber.com air-ban.com antiqueathome.com baitonggroup.com 12meaw.com ex-training.com arquusnoir.com jw-audit.com kruood.com krutrat.com navyhost.net daradrama.com coolclubair.com bangkokmetalsheet.com nungphamancr.com baanpranee.com gelateicecream.com pongsuwansaimai.org buildingauditor.com thailandscreen.com termitebug.com xn–q3cdscz2b5ae2nb9bb.com iam25.com qfi-global.com ngoodin.com banddesignshop.com xn–l3c2ahkqn3d4a.com a1audit.com seksanair.com pacificmercury.com navtecgroup.com barbiebrownies.com mix-page.com succeed-steel.com kongsom.xyz blistoncollection.com flourperfume.com blackwrenchs.com namkati.com akascafe.com crochetsr.com seku19.xyz saenarak.com kroo-suchat.com rbs909.com

Open Ports Detected

21 22 2222 25 443 53 80 993

Map

Whois Information

  • inetnum: 27.254.63.0 - 27.254.63.255
  • netname: idc-csloxinfo
  • descr: CSLOXINFO-IDC
  • descr: contact
  • country: TH
  • admin-c: LIA1-AP
  • tech-c: LIA1-AP
  • abuse-c: AC1613-AP
  • status: ASSIGNED NON-PORTABLE
  • mnt-by: LOXINFO-IS
  • mnt-irt: IRT-CSLOXINFO-TH
  • last-modified: 2021-01-20T01:50:24Z
  • irt: IRT-CSLOXINFO-TH
  • address: CW Tower
  • address: Ratchadapisek Road, Huai Khwang, Bangkok 10310
  • phone: +66 2 2638000
  • fax-no: +66 2 2638790
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: LIA1-AP
  • tech-c: LIA1-AP
  • mnt-by: CSLOXINFO-IS
  • last-modified: 2023-08-09T02:02:54Z
  • role: ABUSE CSLOXINFOTH
  • address: CW Tower
  • address: Ratchadapisek Road, Huai Khwang, Bangkok 10310
  • country: ZZ
  • phone: +66 2 2638000
  • e-mail: [email protected]
  • admin-c: LIA1-AP
  • tech-c: LIA1-AP
  • nic-hdl: AC1613-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2023-08-09T02:03:11Z
  • role: Loxinfo IP Admins
  • address: CW Tower
  • address: Ratchadapisek Road, Huai Khwang, Bangkok 10310
  • country: TH
  • phone: +66-2263-8000
  • fax-no: +66-2263-8790
  • e-mail: [email protected]
  • admin-c: LIA1-AP
  • tech-c: LIA1-AP
  • nic-hdl: LIA1-AP
  • mnt-by: CSLOXINFO-IS
  • last-modified: 2017-06-09T17:43:45Z
  • route: 27.254.0.0/16
  • origin: AS4750
  • descr: CS Loxinfo Public Company Limited
  • mnt-by: LOXINFO-IS
  • last-modified: 2022-05-28T17:59:27Z

Links to attack logs

ftp-bruteforce-ip-list-2022-06-16