129.211.72.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	16100/tcp 27370/tcp 9148/tcp... [2020-06-23/08-13]7pkt,7pt.(tcp)	2020-08-13 16:08:42
attack	$f2bV_matches	2020-08-08 16:34:54
attackspambots	Invalid user yixin from 129.211.72.48 port 35328	2020-08-02 15:45:23
attackspam	Invalid user git from 129.211.72.48 port 50576	2020-06-20 16:33:52
attack	2020-06-17T05:41:26.543252shield sshd\[15701\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.72.48 user=root 2020-06-17T05:41:28.711769shield sshd\[15701\]: Failed password for root from 129.211.72.48 port 33008 ssh2 2020-06-17T05:45:12.771978shield sshd\[16397\]: Invalid user liyuan from 129.211.72.48 port 47972 2020-06-17T05:45:12.775720shield sshd\[16397\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.72.48 2020-06-17T05:45:14.969371shield sshd\[16397\]: Failed password for invalid user liyuan from 129.211.72.48 port 47972 ssh2	2020-06-17 15:46:40
attackbotsspam	Jun 4 09:06:40 hosting sshd[6836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.72.48 user=root Jun 4 09:06:42 hosting sshd[6836]: Failed password for root from 129.211.72.48 port 55578 ssh2 ...	2020-06-04 18:17:58
attackbotsspam	Jun 1 08:17:22 odroid64 sshd\[26272\]: User root from 129.211.72.48 not allowed because not listed in AllowUsers Jun 1 08:17:22 odroid64 sshd\[26272\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.72.48 user=root ...	2020-06-01 18:09:09
attackspam	SSH login attempts.	2020-05-05 21:23:36
attackbots	May 4 08:18:22 ns382633 sshd\[1003\]: Invalid user user1 from 129.211.72.48 port 43258 May 4 08:18:22 ns382633 sshd\[1003\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.72.48 May 4 08:18:24 ns382633 sshd\[1003\]: Failed password for invalid user user1 from 129.211.72.48 port 43258 ssh2 May 4 08:27:21 ns382633 sshd\[2935\]: Invalid user uftp from 129.211.72.48 port 41740 May 4 08:27:21 ns382633 sshd\[2935\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.72.48	2020-05-04 15:32:46
attackbots	Apr 25 08:35:34 srv01 sshd[18061]: Invalid user azureuser from 129.211.72.48 port 45424 Apr 25 08:35:34 srv01 sshd[18061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.72.48 Apr 25 08:35:34 srv01 sshd[18061]: Invalid user azureuser from 129.211.72.48 port 45424 Apr 25 08:35:36 srv01 sshd[18061]: Failed password for invalid user azureuser from 129.211.72.48 port 45424 ssh2 Apr 25 08:39:21 srv01 sshd[18462]: Invalid user mana from 129.211.72.48 port 58244 ...	2020-04-25 14:42:46

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.211.72.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26711
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.211.72.48.			IN	A

;; AUTHORITY SECTION:
.			478	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042500 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 25 14:42:41 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 48.72.211.129.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.72.211.129.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.77.230.125	attackspambots	$f2bV_matches	2019-12-05 23:27:34
54.37.154.254	attack	Dec 5 15:58:45 sd-53420 sshd\[1434\]: Invalid user burdette from 54.37.154.254 Dec 5 15:58:45 sd-53420 sshd\[1434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.154.254 Dec 5 15:58:46 sd-53420 sshd\[1434\]: Failed password for invalid user burdette from 54.37.154.254 port 45002 ssh2 Dec 5 16:04:14 sd-53420 sshd\[2390\]: Invalid user sync1 from 54.37.154.254 Dec 5 16:04:14 sd-53420 sshd\[2390\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.154.254 ...	2019-12-05 23:11:24
42.242.73.253	attackbotsspam	FTP Brute Force	2019-12-05 22:58:02
37.59.51.51	attack	5x Failed Password	2019-12-05 23:08:01
49.247.214.67	attack	Lines containing failures of 49.247.214.67 Dec 3 18:56:52 zabbix sshd[73959]: Invalid user engen from 49.247.214.67 port 60520 Dec 3 18:56:52 zabbix sshd[73959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.247.214.67 Dec 3 18:56:53 zabbix sshd[73959]: Failed password for invalid user engen from 49.247.214.67 port 60520 ssh2 Dec 3 18:56:54 zabbix sshd[73959]: Received disconnect from 49.247.214.67 port 60520:11: Bye Bye [preauth] Dec 3 18:56:54 zabbix sshd[73959]: Disconnected from invalid user engen 49.247.214.67 port 60520 [preauth] Dec 3 19:08:15 zabbix sshd[75146]: Invalid user izalan from 49.247.214.67 port 49754 Dec 3 19:08:15 zabbix sshd[75146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.247.214.67 Dec 3 19:08:16 zabbix sshd[75146]: Failed password for invalid user izalan from 49.247.214.67 port 49754 ssh2 Dec 3 19:08:16 zabbix sshd[75146]: Received disconnect fr........ ------------------------------	2019-12-05 22:53:55
93.138.98.113	attackbotsspam	(sshd) Failed SSH login from 93.138.98.113 (HR/Croatia/93-138-98-113.adsl.net.t-com.hr): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Dec 5 15:17:35 elude sshd[4325]: Did not receive identification string from 93.138.98.113 port 33382 Dec 5 15:30:35 elude sshd[6236]: Invalid user admin from 93.138.98.113 port 36562 Dec 5 15:30:37 elude sshd[6236]: Failed password for invalid user admin from 93.138.98.113 port 36562 ssh2 Dec 5 15:36:07 elude sshd[7022]: Invalid user ubuntu from 93.138.98.113 port 38078 Dec 5 15:36:09 elude sshd[7022]: Failed password for invalid user ubuntu from 93.138.98.113 port 38078 ssh2	2019-12-05 22:55:29
220.165.149.46	attackspambots	firewall-block, port(s): 23/tcp	2019-12-05 23:30:31
202.123.177.18	attack	Dec 5 16:04:13 ns41 sshd[20355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.123.177.18	2019-12-05 23:13:05
45.125.66.181	attack	2019-12-05 dovecot_login authenticator failed for $User$ \[45.125.66.181\]: 535 Incorrect authentication data $set_id=username12@REMOVED.REMOVED$ 2019-12-05 dovecot_login authenticator failed for $User$ \[45.125.66.181\]: 535 Incorrect authentication data $set_id=username12@REMOVED.REMOVED$ 2019-12-05 dovecot_login authenticator failed for $User$ \[45.125.66.181\]: 535 Incorrect authentication data $set_id=username12@REMOVED.REMOVED$	2019-12-05 23:12:21
23.254.225.191	attackspam	2019-12-05 09:05:01 H=(0289abc2.gpstrackr.icu) [23.254.225.191]:37182 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-12-05 09:05:01 H=(02947c79.gpstrackr.icu) [23.254.225.191]:36221 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-12-05 09:05:01 H=(028ad8db.gpstrackr.icu) [23.254.225.191]:39165 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-12-05 09:05:01 H=(028b6dbf.gpstrackr.icu) [23.254.225.191]:41319 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in t ...	2019-12-05 23:08:20
89.185.206.236	attack	TCP Port Scanning	2019-12-05 22:47:15
170.210.214.50	attackspam	Dec 5 11:36:27 vmanager6029 sshd\[13985\]: Invalid user janice from 170.210.214.50 port 59396 Dec 5 11:36:27 vmanager6029 sshd\[13985\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.210.214.50 Dec 5 11:36:28 vmanager6029 sshd\[13985\]: Failed password for invalid user janice from 170.210.214.50 port 59396 ssh2	2019-12-05 22:46:45
124.156.116.72	attackbots	2019-12-05T15:14:39.732310abusebot-3.cloudsearch.cf sshd\[24011\]: Invalid user saundercook from 124.156.116.72 port 42934	2019-12-05 23:19:39
37.49.230.29	attackspam	\[2019-12-05 10:03:19\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-05T10:03:19.553-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="00012810441975359003",SessionID="0x7f26c51e62b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.29/52861",ACLName="no_extension_match" \[2019-12-05 10:03:44\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-05T10:03:44.942-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="00013810441975359003",SessionID="0x7f26c4fc9888",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.29/50856",ACLName="no_extension_match" \[2019-12-05 10:04:09\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-05T10:04:09.710-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="00016810441975359003",SessionID="0x7f26c4f72618",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.29/64329",ACL	2019-12-05 23:18:25
175.139.243.82	attackspambots	Dec 5 13:46:58 server sshd\[25756\]: Invalid user kenji from 175.139.243.82 Dec 5 13:46:58 server sshd\[25756\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.243.82 Dec 5 13:47:00 server sshd\[25756\]: Failed password for invalid user kenji from 175.139.243.82 port 26004 ssh2 Dec 5 13:56:29 server sshd\[28403\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.243.82 user=root Dec 5 13:56:31 server sshd\[28403\]: Failed password for root from 175.139.243.82 port 44478 ssh2 ...	2019-12-05 23:00:03

Recently Reported IPs

194.31.244.14	27.50.131.212	46.20.69.17	176.103.56.220
45.248.70.109	173.249.17.19	122.114.170.130	167.172.184.1
124.13.252.63	167.172.126.45	209.141.50.185	209.97.134.47
121.141.75.184	36.91.151.2	156.90.171.24	174.231.195.102
129.204.5.153	88.230.30.113	162.213.251.201	125.132.224.207