129.211.80.201

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Dec 23 16:56:18 XXX sshd[62334]: Invalid user vagrant from 129.211.80.201 port 38830	2019-12-24 01:43:15
attackspambots	Dec 14 13:57:13 ArkNodeAT sshd\[11623\]: Invalid user schryburt from 129.211.80.201 Dec 14 13:57:13 ArkNodeAT sshd\[11623\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.80.201 Dec 14 13:57:15 ArkNodeAT sshd\[11623\]: Failed password for invalid user schryburt from 129.211.80.201 port 32077 ssh2	2019-12-14 21:36:10
attack	$f2bV_matches	2019-12-10 03:02:50
attack	Automatic report - Banned IP Access	2019-11-17 21:42:48
attackbotsspam	2019-11-08T09:39:46.288269shield sshd\[22414\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.80.201 user=root 2019-11-08T09:39:48.823681shield sshd\[22414\]: Failed password for root from 129.211.80.201 port 43036 ssh2 2019-11-08T09:44:25.255107shield sshd\[23078\]: Invalid user sys from 129.211.80.201 port 23981 2019-11-08T09:44:25.259680shield sshd\[23078\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.80.201 2019-11-08T09:44:26.761509shield sshd\[23078\]: Failed password for invalid user sys from 129.211.80.201 port 23981 ssh2	2019-11-08 21:24:08
attackspambots	detected by Fail2Ban	2019-10-25 06:42:16
attack	Invalid user pimp from 129.211.80.201 port 64205	2019-10-24 22:10:51
attack	Automatic report - Banned IP Access	2019-10-22 18:19:08
attackspam	Oct 13 03:26:40 wbs sshd\[17426\]: Invalid user q1w2e3r4 from 129.211.80.201 Oct 13 03:26:40 wbs sshd\[17426\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.80.201 Oct 13 03:26:42 wbs sshd\[17426\]: Failed password for invalid user q1w2e3r4 from 129.211.80.201 port 25502 ssh2 Oct 13 03:32:19 wbs sshd\[17907\]: Invalid user Backup@2017 from 129.211.80.201 Oct 13 03:32:19 wbs sshd\[17907\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.80.201	2019-10-13 21:41:41
attackbots	Oct 2 09:31:36 heissa sshd\[10385\]: Invalid user nina from 129.211.80.201 port 12285 Oct 2 09:31:36 heissa sshd\[10385\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.80.201 Oct 2 09:31:38 heissa sshd\[10385\]: Failed password for invalid user nina from 129.211.80.201 port 12285 ssh2 Oct 2 09:37:39 heissa sshd\[11263\]: Invalid user charles from 129.211.80.201 port 57191 Oct 2 09:37:39 heissa sshd\[11263\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.80.201	2019-10-02 19:26:39
attackspambots	Sep 23 19:24:49 hiderm sshd\[31015\]: Invalid user alpha from 129.211.80.201 Sep 23 19:24:49 hiderm sshd\[31015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.80.201 Sep 23 19:24:51 hiderm sshd\[31015\]: Failed password for invalid user alpha from 129.211.80.201 port 24425 ssh2 Sep 23 19:30:06 hiderm sshd\[31489\]: Invalid user terisocks from 129.211.80.201 Sep 23 19:30:06 hiderm sshd\[31489\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.80.201	2019-09-24 19:55:00
attack	Sep 22 07:03:13 h2177944 sshd\[3047\]: Invalid user attack from 129.211.80.201 port 29561 Sep 22 07:03:13 h2177944 sshd\[3047\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.80.201 Sep 22 07:03:15 h2177944 sshd\[3047\]: Failed password for invalid user attack from 129.211.80.201 port 29561 ssh2 Sep 22 07:08:53 h2177944 sshd\[3197\]: Invalid user salaun from 129.211.80.201 port 14596 ...	2019-09-22 20:01:37
attackbotsspam	Sep 7 03:47:38 localhost sshd\[2459\]: Invalid user 123456789 from 129.211.80.201 port 52991 Sep 7 03:47:38 localhost sshd\[2459\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.80.201 Sep 7 03:47:39 localhost sshd\[2459\]: Failed password for invalid user 123456789 from 129.211.80.201 port 52991 ssh2	2019-09-07 14:33:28
attack	Sep 5 22:56:16 dedicated sshd[22589]: Invalid user ftpuser from 129.211.80.201 port 10838	2019-09-06 05:16:14

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.211.80.201
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7607
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.211.80.201.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Sep 06 05:16:09 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 201.80.211.129.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 201.80.211.129.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.104.231.2	attackspambots	Failed password for invalid user admin1 from 218.104.231.2 port 52952 ssh2 Invalid user linux from 218.104.231.2 port 49494 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.104.231.2 Failed password for invalid user linux from 218.104.231.2 port 49494 ssh2 Invalid user jboss from 218.104.231.2 port 46261	2020-02-25 09:14:07
200.229.204.134	attackspam	Trying ports that it shouldn't be.	2020-02-25 09:18:51
222.186.30.76	attack	Feb 25 01:59:50 server sshd[567935]: Failed password for root from 222.186.30.76 port 21727 ssh2 Feb 25 01:59:52 server sshd[567935]: Failed password for root from 222.186.30.76 port 21727 ssh2 Feb 25 01:59:55 server sshd[567935]: Failed password for root from 222.186.30.76 port 21727 ssh2	2020-02-25 09:07:23
110.136.112.224	attackspambots	kp-sea2-01 recorded 2 login violations from 110.136.112.224 and was blocked at 2020-02-24 23:30:24. 110.136.112.224 has been blocked on 0 previous occasions. 110.136.112.224's first attempt was recorded at 2020-02-24 23:30:24	2020-02-25 09:22:47
218.92.0.173	attack	SSH-BruteForce	2020-02-25 09:20:46
221.127.49.198	attackspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-02-25 09:33:22
112.85.42.188	attack	02/24/2020-20:21:19.785623 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-02-25 09:21:28
187.74.208.21	attack	DATE:2020-02-25 01:50:04, IP:187.74.208.21, PORT:ssh SSH brute force auth (docker-dc)	2020-02-25 08:55:14
68.183.124.53	attackspam	suspicious action Mon, 24 Feb 2020 20:23:58 -0300	2020-02-25 09:09:12
59.127.142.58	attackspambots	DATE:2020-02-25 00:23:50, IP:59.127.142.58, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-02-25 09:20:01
123.30.169.117	attackbots	" "	2020-02-25 08:53:49
106.12.45.32	attackbots	Feb 25 01:39:44 sd-53420 sshd\[481\]: Invalid user debian from 106.12.45.32 Feb 25 01:39:44 sd-53420 sshd\[481\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.32 Feb 25 01:39:46 sd-53420 sshd\[481\]: Failed password for invalid user debian from 106.12.45.32 port 36882 ssh2 Feb 25 01:44:37 sd-53420 sshd\[894\]: Invalid user ts3bot from 106.12.45.32 Feb 25 01:44:37 sd-53420 sshd\[894\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.32 ...	2020-02-25 08:59:05
47.110.150.235	attackbotsspam	Feb 25 00:00:56 carla sshd[24019]: Invalid user rstudio-server from 47.110.150.235 Feb 25 00:00:56 carla sshd[24019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.110.150.235 Feb 25 00:00:58 carla sshd[24019]: Failed password for invalid user rstudio-server from 47.110.150.235 port 51554 ssh2 Feb 25 00:00:59 carla sshd[24020]: Received disconnect from 47.110.150.235: 11: Bye Bye Feb 25 00:05:00 carla sshd[24098]: Invalid user steve from 47.110.150.235 Feb 25 00:05:00 carla sshd[24098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.110.150.235 Feb 25 00:05:02 carla sshd[24098]: Failed password for invalid user steve from 47.110.150.235 port 42462 ssh2 Feb 25 00:05:03 carla sshd[24099]: Received disconnect from 47.110.150.235: 11: Bye Bye ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=47.110.150.235	2020-02-25 09:13:54
83.227.8.200	attack	Honeypot attack, port: 5555, PTR: ua-83-227-8-200.bbcust.telenor.se.	2020-02-25 08:53:07
209.105.243.145	attackbotsspam	Feb 25 01:36:18 mout sshd[22737]: Invalid user sinusbot from 209.105.243.145 port 43771	2020-02-25 09:03:25

Recently Reported IPs

46.15.228.80	147.16.34.250	193.95.102.6	192.214.23.2
214.140.109.77	185.244.151.136	106.52.187.75	2607:5300:60:6d87::
27.192.103.151	107.155.48.14	83.97.20.174	179.184.134.18
24.207.207.249	123.213.74.132	71.95.68.23	63.143.98.72
178.62.98.196	185.145.127.66	176.10.232.53	54.38.22.27