27.158.48.50 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Fujian Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Jul 24 21:44:36 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 24 21:44:50 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 24 21:45:04 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 24 21:45:27 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 24 21:46:12 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-07-25 08:26:36

Type

Details

Datetime

attackbotsspam

Jul 24 21:44:36 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jul 24 21:44:50 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jul 24 21:45:04 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jul 24 21:45:27 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jul 24 21:46:12 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
...

2019-07-25 08:26:36

Comments on same subnet:

IP	Type	Details	Datetime
27.158.48.211	attack	2020-01-07 22:47:56 dovecot_login authenticator failed for (townp) [27.158.48.211]:60506 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangjianhua@lerctr.org) 2020-01-07 22:48:03 dovecot_login authenticator failed for (advot) [27.158.48.211]:60506 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangjianhua@lerctr.org) 2020-01-07 22:48:15 dovecot_login authenticator failed for (nfcoc) [27.158.48.211]:60506 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangjianhua@lerctr.org) ...	2020-01-08 18:15:11
27.158.48.201	attackspam	2019-12-15 00:30:04 H=(ylmf-pc) [27.158.48.201]:64605 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-15 00:30:07 H=(ylmf-pc) [27.158.48.201]:49457 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-15 00:30:08 H=(ylmf-pc) [27.158.48.201]:57027 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc ...	2019-12-15 15:23:11
27.158.48.139	attackspam	2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=27.158.48.139	2019-08-07 05:21:16
27.158.48.131	attack	Aug 3 08:43:44 localhost postfix/smtpd\[8440\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 08:43:52 localhost postfix/smtpd\[8409\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 08:44:04 localhost postfix/smtpd\[8409\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 08:44:19 localhost postfix/smtpd\[8409\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 08:44:27 localhost postfix/smtpd\[8440\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-03 14:52:06
27.158.48.170	attack	postfix-failedauth jail [dl]	2019-06-22 14:23:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.158.48.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47490
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.158.48.50.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072401 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 25 08:26:30 CST 2019
;; MSG SIZE  rcvd: 116

Host info

50.48.158.27.in-addr.arpa domain name pointer 50.48.158.27.broad.zz.fj.dynamic.163data.com.cn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
50.48.158.27.in-addr.arpa	name = 50.48.158.27.broad.zz.fj.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.29.216.238	attackbotsspam	May 8 03:40:25 raspberrypi sshd\[25889\]: Invalid user dp from 119.29.216.238May 8 03:40:27 raspberrypi sshd\[25889\]: Failed password for invalid user dp from 119.29.216.238 port 59468 ssh2May 8 03:56:50 raspberrypi sshd\[5342\]: Invalid user new from 119.29.216.238 ...	2020-05-08 13:55:39
216.244.66.232	attack	20 attempts against mh-misbehave-ban on float	2020-05-08 13:48:23
202.29.80.133	attackspam	May 8 08:00:09 lukav-desktop sshd\[31483\]: Invalid user amit from 202.29.80.133 May 8 08:00:09 lukav-desktop sshd\[31483\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.80.133 May 8 08:00:12 lukav-desktop sshd\[31483\]: Failed password for invalid user amit from 202.29.80.133 port 37987 ssh2 May 8 08:04:43 lukav-desktop sshd\[31520\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.80.133 user=root May 8 08:04:45 lukav-desktop sshd\[31520\]: Failed password for root from 202.29.80.133 port 43395 ssh2	2020-05-08 13:17:42
103.4.217.96	attack	2020-05-07T23:56:27.034093sorsha.thespaminator.com sshd[641]: Invalid user harrypotter from 103.4.217.96 port 48154 2020-05-07T23:56:28.852407sorsha.thespaminator.com sshd[641]: Failed password for invalid user harrypotter from 103.4.217.96 port 48154 ssh2 ...	2020-05-08 14:13:52
67.143.176.81	attack	Brute forcing email accounts	2020-05-08 14:07:28
13.92.102.213	attack	May 8 07:38:40 server sshd[13396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.102.213 May 8 07:38:42 server sshd[13396]: Failed password for invalid user wdk from 13.92.102.213 port 40276 ssh2 May 8 07:43:08 server sshd[14202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.102.213 ...	2020-05-08 13:56:13
111.185.23.107	attackbotsspam	Honeypot Spam Send	2020-05-08 13:41:36
218.64.226.55	attackspam	Unauthorised access (May 8) SRC=218.64.226.55 LEN=52 TTL=112 ID=45 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-08 14:11:13
102.177.145.221	attackbots	May 8 07:06:31 PorscheCustomer sshd[5618]: Failed password for root from 102.177.145.221 port 49094 ssh2 May 8 07:11:20 PorscheCustomer sshd[5766]: Failed password for root from 102.177.145.221 port 59362 ssh2 ...	2020-05-08 13:16:48
146.66.244.246	attack	May 7 19:06:42 hpm sshd\[29874\]: Invalid user mirna from 146.66.244.246 May 7 19:06:42 hpm sshd\[29874\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.66.244.246 May 7 19:06:44 hpm sshd\[29874\]: Failed password for invalid user mirna from 146.66.244.246 port 58476 ssh2 May 7 19:10:51 hpm sshd\[30181\]: Invalid user anton from 146.66.244.246 May 7 19:10:51 hpm sshd\[30181\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.66.244.246	2020-05-08 13:21:31
113.87.14.56	attackbotsspam	Unauthorized connection attempt detected from IP address 113.87.14.56 to port 5555 [T]	2020-05-08 14:01:41
117.89.13.216	attackspambots	May 8 06:27:51 [host] sshd[21825]: pam_unix(sshd: May 8 06:27:53 [host] sshd[21825]: Failed passwor May 8 06:31:53 [host] sshd[22035]: Invalid user c	2020-05-08 13:19:57
58.152.50.202	attackbotsspam	May 8 06:14:09 inter-technics sshd[6868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.152.50.202 user=root May 8 06:14:11 inter-technics sshd[6868]: Failed password for root from 58.152.50.202 port 42550 ssh2 May 8 06:22:11 inter-technics sshd[7625]: Invalid user fileshare from 58.152.50.202 port 38672 May 8 06:22:11 inter-technics sshd[7625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.152.50.202 May 8 06:22:11 inter-technics sshd[7625]: Invalid user fileshare from 58.152.50.202 port 38672 May 8 06:22:12 inter-technics sshd[7625]: Failed password for invalid user fileshare from 58.152.50.202 port 38672 ssh2 ...	2020-05-08 13:16:00
116.126.102.68	attackspam	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-05-08 13:20:57
222.186.42.155	attackbots	May 8 07:50:13 santamaria sshd\[27375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root May 8 07:50:15 santamaria sshd\[27375\]: Failed password for root from 222.186.42.155 port 57346 ssh2 May 8 07:50:17 santamaria sshd\[27375\]: Failed password for root from 222.186.42.155 port 57346 ssh2 ...	2020-05-08 13:54:59

Recently Reported IPs

114.41.179.160	59.188.250.56	0.178.55.179	43.240.4.79
104.70.157.0	126.24.156.124	77.48.198.10	192.3.70.104
179.228.242.43	14.248.84.229	185.126.179.185	180.175.199.50
109.207.112.101	103.255.240.93	49.50.76.29	27.78.48.128
137.6.169.192	88.247.139.213	179.191.118.206	123.27.3.25