129.211.72.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	16100/tcp 27370/tcp 9148/tcp... [2020-06-23/08-13]7pkt,7pt.(tcp)	2020-08-13 16:08:42
attack	$f2bV_matches	2020-08-08 16:34:54
attackspambots	Invalid user yixin from 129.211.72.48 port 35328	2020-08-02 15:45:23
attackspam	Invalid user git from 129.211.72.48 port 50576	2020-06-20 16:33:52
attack	2020-06-17T05:41:26.543252shield sshd\[15701\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.72.48 user=root 2020-06-17T05:41:28.711769shield sshd\[15701\]: Failed password for root from 129.211.72.48 port 33008 ssh2 2020-06-17T05:45:12.771978shield sshd\[16397\]: Invalid user liyuan from 129.211.72.48 port 47972 2020-06-17T05:45:12.775720shield sshd\[16397\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.72.48 2020-06-17T05:45:14.969371shield sshd\[16397\]: Failed password for invalid user liyuan from 129.211.72.48 port 47972 ssh2	2020-06-17 15:46:40
attackbotsspam	Jun 4 09:06:40 hosting sshd[6836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.72.48 user=root Jun 4 09:06:42 hosting sshd[6836]: Failed password for root from 129.211.72.48 port 55578 ssh2 ...	2020-06-04 18:17:58
attackbotsspam	Jun 1 08:17:22 odroid64 sshd\[26272\]: User root from 129.211.72.48 not allowed because not listed in AllowUsers Jun 1 08:17:22 odroid64 sshd\[26272\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.72.48 user=root ...	2020-06-01 18:09:09
attackspam	SSH login attempts.	2020-05-05 21:23:36
attackbots	May 4 08:18:22 ns382633 sshd\[1003\]: Invalid user user1 from 129.211.72.48 port 43258 May 4 08:18:22 ns382633 sshd\[1003\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.72.48 May 4 08:18:24 ns382633 sshd\[1003\]: Failed password for invalid user user1 from 129.211.72.48 port 43258 ssh2 May 4 08:27:21 ns382633 sshd\[2935\]: Invalid user uftp from 129.211.72.48 port 41740 May 4 08:27:21 ns382633 sshd\[2935\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.72.48	2020-05-04 15:32:46
attackbots	Apr 25 08:35:34 srv01 sshd[18061]: Invalid user azureuser from 129.211.72.48 port 45424 Apr 25 08:35:34 srv01 sshd[18061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.72.48 Apr 25 08:35:34 srv01 sshd[18061]: Invalid user azureuser from 129.211.72.48 port 45424 Apr 25 08:35:36 srv01 sshd[18061]: Failed password for invalid user azureuser from 129.211.72.48 port 45424 ssh2 Apr 25 08:39:21 srv01 sshd[18462]: Invalid user mana from 129.211.72.48 port 58244 ...	2020-04-25 14:42:46

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.211.72.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26711
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.211.72.48.			IN	A

;; AUTHORITY SECTION:
.			478	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042500 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 25 14:42:41 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 48.72.211.129.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.72.211.129.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.65.99.232	attackbotsspam	Sep 9 21:36:12 hiderm sshd\[18536\]: Invalid user tom from 159.65.99.232 Sep 9 21:36:12 hiderm sshd\[18536\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.99.232 Sep 9 21:36:14 hiderm sshd\[18536\]: Failed password for invalid user tom from 159.65.99.232 port 42940 ssh2 Sep 9 21:42:42 hiderm sshd\[19259\]: Invalid user test from 159.65.99.232 Sep 9 21:42:42 hiderm sshd\[19259\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.99.232	2019-09-10 15:49:25
116.199.9.238	attack	Sep 10 03:17:52 [munged] sshd[23422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.199.9.238	2019-09-10 15:07:04
1.34.136.15	attackspambots	Sep 10 03:17:31 smtp postfix/smtpd[66611]: NOQUEUE: reject: RCPT from 1-34-136-15.HINET-IP.hinet.net[1.34.136.15]: 554 5.7.1 Service unavailable; Client host [1.34.136.15] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?1.34.136.15; from= to= proto=ESMTP helo= ...	2019-09-10 15:23:39
178.176.60.196	attack	Sep 10 07:38:04 hb sshd\[3470\]: Invalid user ubuntu from 178.176.60.196 Sep 10 07:38:04 hb sshd\[3470\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.176.60.196 Sep 10 07:38:05 hb sshd\[3470\]: Failed password for invalid user ubuntu from 178.176.60.196 port 56900 ssh2 Sep 10 07:44:04 hb sshd\[3964\]: Invalid user bot from 178.176.60.196 Sep 10 07:44:04 hb sshd\[3964\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.176.60.196	2019-09-10 15:46:22
218.98.40.149	attackbotsspam	Sep 10 09:07:49 v22019058497090703 sshd[14233]: Failed password for root from 218.98.40.149 port 13392 ssh2 Sep 10 09:07:51 v22019058497090703 sshd[14233]: Failed password for root from 218.98.40.149 port 13392 ssh2 Sep 10 09:07:53 v22019058497090703 sshd[14233]: Failed password for root from 218.98.40.149 port 13392 ssh2 ...	2019-09-10 15:32:57
123.108.35.186	attackspam	Sep 10 05:20:27 MainVPS sshd[21873]: Invalid user oracle123 from 123.108.35.186 port 50750 Sep 10 05:20:27 MainVPS sshd[21873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.108.35.186 Sep 10 05:20:27 MainVPS sshd[21873]: Invalid user oracle123 from 123.108.35.186 port 50750 Sep 10 05:20:29 MainVPS sshd[21873]: Failed password for invalid user oracle123 from 123.108.35.186 port 50750 ssh2 Sep 10 05:26:55 MainVPS sshd[22362]: Invalid user webcam123 from 123.108.35.186 port 56490 ...	2019-09-10 15:25:25
103.92.30.33	attack	103.92.30.33 - - [10/Sep/2019:06:00:54 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:00:56 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:00:57 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:00:59 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:01:00 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.92.30.33 - - [10/Sep/2019:06:01:02 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-10 15:12:49
189.211.111.99	attack	Sep 10 03:17:21 herz-der-gamer sshd[10319]: Invalid user deploy from 189.211.111.99 port 50196 Sep 10 03:17:21 herz-der-gamer sshd[10319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.211.111.99 Sep 10 03:17:21 herz-der-gamer sshd[10319]: Invalid user deploy from 189.211.111.99 port 50196 Sep 10 03:17:23 herz-der-gamer sshd[10319]: Failed password for invalid user deploy from 189.211.111.99 port 50196 ssh2 ...	2019-09-10 15:35:34
222.186.15.101	attack	2019-09-10T09:08:28.952406centos sshd\[17817\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.101 user=root 2019-09-10T09:08:30.870804centos sshd\[17817\]: Failed password for root from 222.186.15.101 port 43024 ssh2 2019-09-10T09:08:32.808945centos sshd\[17817\]: Failed password for root from 222.186.15.101 port 43024 ssh2	2019-09-10 15:14:56
180.127.79.248	attackbots	[Aegis] @ 2019-09-10 02:17:41 0100 -> Sendmail rejected message.	2019-09-10 15:09:41
58.218.56.120	attackspambots	09/10/2019-02:26:11.937945 58.218.56.120 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306	2019-09-10 15:38:03
134.209.159.216	attack	134.209.159.216 - - [09/Sep/2019:12:48:55 +0200] "POST /wp-login.php HTTP/1.1" 403 1598 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 738c1222f7697b4b06d4ae98ecda33d0 United States US Massachusetts Mansfield 134.209.159.216 - - [10/Sep/2019:03:17:31 +0200] "POST /wp-login.php HTTP/1.1" 403 1613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" c8ed3871ac52be044f58f9b204a790df United States US Massachusetts Mansfield	2019-09-10 15:24:20
67.205.135.127	attack	Sep 10 06:36:22 MK-Soft-VM6 sshd\[17656\]: Invalid user test123 from 67.205.135.127 port 52972 Sep 10 06:36:22 MK-Soft-VM6 sshd\[17656\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.127 Sep 10 06:36:25 MK-Soft-VM6 sshd\[17656\]: Failed password for invalid user test123 from 67.205.135.127 port 52972 ssh2 ...	2019-09-10 15:24:55
200.60.99.146	attackbotsspam	SPF Fail sender not permitted to send mail for @0sg.net / Mail sent to address hacked/leaked from Last.fm	2019-09-10 15:28:52
51.75.23.242	attackspambots	2019-09-10T06:46:18.732775abusebot-8.cloudsearch.cf sshd\[22195\]: Invalid user deployer from 51.75.23.242 port 50150	2019-09-10 15:10:04

Recently Reported IPs

194.31.244.14	27.50.131.212	46.20.69.17	176.103.56.220
45.248.70.109	173.249.17.19	122.114.170.130	167.172.184.1
124.13.252.63	167.172.126.45	209.141.50.185	209.97.134.47
121.141.75.184	36.91.151.2	156.90.171.24	174.231.195.102
129.204.5.153	88.230.30.113	162.213.251.201	125.132.224.207