27.158.48.74 - IPInfo

Basic Info

City: Shishi

Region: Fujian

Country: China

Internet Service Provider: ChinaNet Fujian Province Network

Hostname: unknown

Organization: No.31,Jin-rong Street

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
27.158.48.211	attack	2020-01-07 22:47:56 dovecot_login authenticator failed for (townp) [27.158.48.211]:60506 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangjianhua@lerctr.org) 2020-01-07 22:48:03 dovecot_login authenticator failed for (advot) [27.158.48.211]:60506 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangjianhua@lerctr.org) 2020-01-07 22:48:15 dovecot_login authenticator failed for (nfcoc) [27.158.48.211]:60506 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangjianhua@lerctr.org) ...	2020-01-08 18:15:11
27.158.48.201	attackspam	2019-12-15 00:30:04 H=(ylmf-pc) [27.158.48.201]:64605 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-15 00:30:07 H=(ylmf-pc) [27.158.48.201]:49457 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-15 00:30:08 H=(ylmf-pc) [27.158.48.201]:57027 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc ...	2019-12-15 15:23:11
27.158.48.139	attackspam	2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x 2019-08-06 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=27.158.48.139	2019-08-07 05:21:16
27.158.48.131	attack	Aug 3 08:43:44 localhost postfix/smtpd\[8440\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 08:43:52 localhost postfix/smtpd\[8409\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 08:44:04 localhost postfix/smtpd\[8409\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 08:44:19 localhost postfix/smtpd\[8409\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 08:44:27 localhost postfix/smtpd\[8440\]: warning: unknown\[27.158.48.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-03 14:52:06
27.158.48.50	attackbotsspam	Jul 24 21:44:36 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 24 21:44:50 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 24 21:45:04 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 24 21:45:27 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 24 21:46:12 localhost postfix/smtpd\[23469\]: warning: unknown\[27.158.48.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-07-25 08:26:36
27.158.48.170	attack	postfix-failedauth jail [dl]	2019-06-22 14:23:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.158.48.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28450
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.158.48.74.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 29 23:54:46 CST 2019
;; MSG SIZE  rcvd: 116

Host info

74.48.158.27.in-addr.arpa domain name pointer 74.48.158.27.broad.zz.fj.dynamic.163data.com.cn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
74.48.158.27.in-addr.arpa	name = 74.48.158.27.broad.zz.fj.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.61.124.40	attack	Aug 11 00:17:14 xeon postfix/smtpd[18163]: warning: unknown[187.61.124.40]: SASL PLAIN authentication failed: authentication failure	2019-08-11 14:49:31
59.55.39.51	attackspam	Lines containing failures of 59.55.39.51 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=59.55.39.51	2019-08-11 14:48:54
221.8.8.251	attackspambots	Aug 10 20:18:58 TORMINT sshd\[4146\]: Invalid user bonec from 221.8.8.251 Aug 10 20:18:58 TORMINT sshd\[4146\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.8.8.251 Aug 10 20:19:00 TORMINT sshd\[4146\]: Failed password for invalid user bonec from 221.8.8.251 port 51392 ssh2 ...	2019-08-11 15:03:05
59.10.5.156	attackspam	Aug 11 00:51:47 xtremcommunity sshd\[16982\]: Invalid user log from 59.10.5.156 port 38220 Aug 11 00:51:47 xtremcommunity sshd\[16982\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.10.5.156 Aug 11 00:51:49 xtremcommunity sshd\[16982\]: Failed password for invalid user log from 59.10.5.156 port 38220 ssh2 Aug 11 00:56:19 xtremcommunity sshd\[17089\]: Invalid user server from 59.10.5.156 port 55762 Aug 11 00:56:19 xtremcommunity sshd\[17089\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.10.5.156 ...	2019-08-11 15:16:36
49.50.64.213	attackspambots	Automatic report - Banned IP Access	2019-08-11 15:38:47
45.42.109.89	attackbots	SSH/22 MH Probe, BF, Hack -	2019-08-11 15:46:35
218.92.1.187	attack	Dec 13 10:23:37 motanud sshd\[5867\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.1.187 user=root Dec 13 10:23:39 motanud sshd\[5867\]: Failed password for root from 218.92.1.187 port 6242 ssh2 Dec 13 10:23:43 motanud sshd\[5867\]: Failed password for root from 218.92.1.187 port 6242 ssh2	2019-08-11 16:00:30
191.33.247.103	attackbots	Aug 11 00:53:09 srv206 sshd[16638]: Invalid user ubuntu from 191.33.247.103 ...	2019-08-11 15:44:46
121.79.131.234	attackspam	Aug 11 01:39:16 server sshd\[15747\]: User root from 121.79.131.234 not allowed because listed in DenyUsers Aug 11 01:39:16 server sshd\[15747\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.79.131.234 user=root Aug 11 01:39:18 server sshd\[15747\]: Failed password for invalid user root from 121.79.131.234 port 60110 ssh2 Aug 11 01:44:01 server sshd\[970\]: User root from 121.79.131.234 not allowed because listed in DenyUsers Aug 11 01:44:01 server sshd\[970\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.79.131.234 user=root	2019-08-11 14:49:58
69.162.68.54	attackbotsspam	Aug 11 06:08:59 [munged] sshd[6383]: Invalid user jmcginley from 69.162.68.54 port 40434 Aug 11 06:08:59 [munged] sshd[6383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.162.68.54	2019-08-11 15:43:53
61.147.57.102	attackbotsspam	Aug 10 03:34:04 iago sshd[16794]: Invalid user admin from 61.147.57.102 Aug 10 03:34:04 iago sshd[16794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.147.57.102 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=61.147.57.102	2019-08-11 15:19:30
123.206.88.24	attackspambots	Aug 11 01:11:35 localhost sshd\[13728\]: Invalid user fx@123 from 123.206.88.24 Aug 11 01:11:35 localhost sshd\[13728\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.88.24 Aug 11 01:11:38 localhost sshd\[13728\]: Failed password for invalid user fx@123 from 123.206.88.24 port 49232 ssh2 Aug 11 01:16:21 localhost sshd\[13909\]: Invalid user danb from 123.206.88.24 Aug 11 01:16:21 localhost sshd\[13909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.88.24 ...	2019-08-11 15:01:53
143.208.249.111	attack	failed_logins	2019-08-11 15:31:45
129.144.180.112	attackspambots	Aug 11 00:04:42 mail1 sshd\[24516\]: Invalid user amandabackup from 129.144.180.112 port 44938 Aug 11 00:04:42 mail1 sshd\[24516\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.144.180.112 Aug 11 00:04:44 mail1 sshd\[24516\]: Failed password for invalid user amandabackup from 129.144.180.112 port 44938 ssh2 Aug 11 00:19:54 mail1 sshd\[31399\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.144.180.112 user=root Aug 11 00:19:56 mail1 sshd\[31399\]: Failed password for root from 129.144.180.112 port 22052 ssh2 ...	2019-08-11 14:56:46
112.85.42.94	attackbots	Aug 11 02:17:01 ny01 sshd[12815]: Failed password for root from 112.85.42.94 port 34350 ssh2 Aug 11 02:17:04 ny01 sshd[12815]: Failed password for root from 112.85.42.94 port 34350 ssh2 Aug 11 02:17:06 ny01 sshd[12815]: Failed password for root from 112.85.42.94 port 34350 ssh2	2019-08-11 15:18:18

Recently Reported IPs

138.189.9.46	65.124.94.138	46.144.191.181	128.199.164.87
90.196.95.32	180.173.56.43	195.206.107.154	198.63.116.47
3.210.217.44	128.199.154.177	204.168.71.216	87.239.85.169
195.250.65.142	74.248.88.130	201.137.245.64	114.84.243.208
210.28.110.215	122.224.55.130	88.125.245.197	202.248.114.157