27.158.48.74 - IPInfo

Basic Info

City: Shishi

Region: Fujian

Country: China

Internet Service Provider: ChinaNet Fujian Province Network

Hostname: unknown

Organization: No.31,Jin-rong Street

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
27.158.48.211	attack	2020-01-07 22:47:56 dovecot_login authenticator failed for (townp) [27.158.48.211]:60506 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangjianhua@lerctr.org) 2020-01-07 22:48:03 dovecot_login authenticator failed for (advot) [27.158.48.211]:60506 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangjianhua@lerctr.org) 2020-01-07 22:48:15 dovecot_login authenticator failed for (nfcoc) [27.158.48.211]:60506 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangjianhua@lerctr.org) ...	2020-01-08 18:15:11
27.158.48.201	attackspam	2019-12-15 00:30:04 H=(ylmf-pc) [27.158.48.201]:64605 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-15 00:30:07 H=(ylmf-pc) [27.158.48.201]:49457 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-15 00:30:08 H=(ylmf-pc) [27.158.48.201]:57027 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc ...	2019-12-15 15:23:11
27.158.48.139	attackspam	2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=27.158.48.139	2019-08-07 05:21:16
27.158.48.131	attack	Aug 3 08:43:44 localhost postfix/smtpd\[8440\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 08:43:52 localhost postfix/smtpd\[8409\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 08:44:04 localhost postfix/smtpd\[8409\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 08:44:19 localhost postfix/smtpd\[8409\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 08:44:27 localhost postfix/smtpd\[8440\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-03 14:52:06
27.158.48.50	attackbotsspam	Jul 24 21:44:36 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 24 21:44:50 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 24 21:45:04 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 24 21:45:27 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 24 21:46:12 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-07-25 08:26:36
27.158.48.170	attack	postfix-failedauth jail [dl]	2019-06-22 14:23:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.158.48.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28450
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.158.48.74.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 29 23:54:46 CST 2019
;; MSG SIZE  rcvd: 116

Host info

74.48.158.27.in-addr.arpa domain name pointer 74.48.158.27.broad.zz.fj.dynamic.163data.com.cn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
74.48.158.27.in-addr.arpa	name = 74.48.158.27.broad.zz.fj.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.27.228.176	attackbots	TCP (SYN) 193.27.228.176:54135 -> port 3389, len 44	2020-09-28 01:49:43
180.76.182.19	attackspambots	3x Failed Password	2020-09-28 01:44:31
52.166.130.230	attackbotsspam	Invalid user donjuanmariscos from 52.166.130.230 port 1978	2020-09-28 01:46:50
165.22.121.56	attackbots	Sep 27 18:37:59 prox sshd[18897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.121.56 Sep 27 18:38:00 prox sshd[18897]: Failed password for invalid user cisco from 165.22.121.56 port 56794 ssh2	2020-09-28 01:23:53
203.195.175.47	attackbotsspam	Sep 27 10:45:49 vmd17057 sshd[5500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.175.47 Sep 27 10:45:51 vmd17057 sshd[5500]: Failed password for invalid user titan from 203.195.175.47 port 45462 ssh2 ...	2020-09-28 01:30:41
142.11.193.243	attackbotsspam	spammed contact form	2020-09-28 01:36:46
5.188.0.148	attackspam	[portscan] Port scan	2020-09-28 01:48:15
221.148.207.22	attackspam	Invalid user csgosrv from 221.148.207.22 port 43494	2020-09-28 01:50:36
151.80.241.204	attackbotsspam	Unauthorised Access Attempt - Invalid Credentials	2020-09-28 01:20:57
49.234.95.219	attack	Sep 27 08:35:28 vps208890 sshd[83499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.95.219	2020-09-28 01:24:21
13.92.116.167	attackbotsspam	Invalid user admin from 13.92.116.167 port 41147	2020-09-28 01:20:43
185.65.253.1	attack	Hamring	2020-09-28 01:20:41
13.74.35.24	attackbotsspam	2020-09-23 14:30:22 server sshd[13644]: Failed password for invalid user root from 13.74.35.24 port 36205 ssh2	2020-09-28 01:28:40
128.199.249.19	attack	Invalid user bash from 128.199.249.19 port 44058	2020-09-28 01:36:58
81.214.254.24	attack	hzb4 81.214.254.24 [27/Sep/2020:17:49:16 "-" "POST /wp-login.php 200 3095 81.214.254.24 [27/Sep/2020:17:49:17 "-" "GET /wp-login.php 200 2670 81.214.254.24 [27/Sep/2020:17:49:18 "-" "POST /wp-login.php 200 3068	2020-09-28 01:28:05

Recently Reported IPs

138.189.9.46	65.124.94.138	46.144.191.181	128.199.164.87
90.196.95.32	180.173.56.43	195.206.107.154	198.63.116.47
3.210.217.44	128.199.154.177	204.168.71.216	87.239.85.169
195.250.65.142	74.248.88.130	201.137.245.64	114.84.243.208
210.28.110.215	122.224.55.130	88.125.245.197	202.248.114.157