138.99.7.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Argentina

Internet Service Provider: AMX Argentina S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 17 23:11:31 MK-Soft-VM7 sshd\[26538\]: Invalid user fps from 138.99.7.2 port 47272 Jul 17 23:11:31 MK-Soft-VM7 sshd\[26538\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.2 Jul 17 23:11:33 MK-Soft-VM7 sshd\[26538\]: Failed password for invalid user fps from 138.99.7.2 port 47272 ssh2 ...	2019-07-18 08:17:06
attack	Automatic report - Web App Attack	2019-07-08 11:39:17

Type

Details

Datetime

attack

Jul 17 23:11:31 MK-Soft-VM7 sshd\[26538\]: Invalid user fps from 138.99.7.2 port 47272
Jul 17 23:11:31 MK-Soft-VM7 sshd\[26538\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.2
Jul 17 23:11:33 MK-Soft-VM7 sshd\[26538\]: Failed password for invalid user fps from 138.99.7.2 port 47272 ssh2
...

2019-07-18 08:17:06

attack

Automatic report - Web App Attack

2019-07-08 11:39:17

Comments on same subnet:

IP	Type	Details	Datetime
138.99.79.192	attackspam	DATE:2020-09-30 22:38:59, IP:138.99.79.192, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-10-02 04:31:18
138.99.79.192	attackspambots	DATE:2020-09-30 22:38:59, IP:138.99.79.192, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-10-01 20:47:39
138.99.79.192	attackspambots	DATE:2020-09-30 22:38:59, IP:138.99.79.192, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-10-01 12:59:50
138.99.7.29	attack	Sep 21 14:28:02 localhost sshd\[4429\]: Invalid user testmail1 from 138.99.7.29 Sep 21 14:28:02 localhost sshd\[4429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.29 Sep 21 14:28:04 localhost sshd\[4429\]: Failed password for invalid user testmail1 from 138.99.7.29 port 56880 ssh2 Sep 21 14:37:33 localhost sshd\[5102\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.29 user=root Sep 21 14:37:36 localhost sshd\[5102\]: Failed password for root from 138.99.7.29 port 39850 ssh2 ...	2020-09-22 01:46:54
138.99.7.29	attack	2020-09-21 03:31:28,046 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 2020-09-21 04:13:22,125 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 2020-09-21 05:01:54,220 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 2020-09-21 05:42:45,401 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 2020-09-21 10:30:53,148 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 ...	2020-09-21 17:30:54
138.99.7.29	attack	Automatic report - Banned IP Access	2020-08-24 04:40:45
138.99.7.29	attack	2020-08-11T15:59:35.098926ks3355764 sshd[23602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.29 user=root 2020-08-11T15:59:37.675376ks3355764 sshd[23602]: Failed password for root from 138.99.7.29 port 58834 ssh2 ...	2020-08-11 23:21:48
138.99.7.29	attackbots	Port Scan detected from 138.99.7.29 (AR/Argentina/Buenos Aires F.D./Buenos Aires/host29.138-99-7.telmex.net.ar). 4 hits in the last 255 seconds	2020-08-07 06:27:04
138.99.7.29	attack	Jul 23 06:01:23 h2427292 sshd\[14200\]: Invalid user administrador from 138.99.7.29 Jul 23 06:01:23 h2427292 sshd\[14200\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.29 Jul 23 06:01:25 h2427292 sshd\[14200\]: Failed password for invalid user administrador from 138.99.7.29 port 36738 ssh2 ...	2020-07-23 12:05:03
138.99.76.14	attackspambots	Automatic report - Port Scan Attack	2020-05-08 20:55:22
138.99.7.54	attackspambots	Apr 9 15:38:06 santamaria sshd\[12892\]: Invalid user data from 138.99.7.54 Apr 9 15:38:06 santamaria sshd\[12892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 Apr 9 15:38:08 santamaria sshd\[12892\]: Failed password for invalid user data from 138.99.7.54 port 55902 ssh2 ...	2020-04-10 03:15:04
138.99.7.54	attackspam	Apr 7 19:32:31 cloud sshd[1753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 Apr 7 19:32:32 cloud sshd[1753]: Failed password for invalid user ubuntu from 138.99.7.54 port 54398 ssh2	2020-04-08 04:43:54
138.99.7.54	attackbots	Apr 2 07:05:32 server1 sshd\[27542\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 user=root Apr 2 07:05:34 server1 sshd\[27542\]: Failed password for root from 138.99.7.54 port 46016 ssh2 Apr 2 07:07:41 server1 sshd\[28230\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 user=root Apr 2 07:07:43 server1 sshd\[28230\]: Failed password for root from 138.99.7.54 port 45624 ssh2 Apr 2 07:09:53 server1 sshd\[28906\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 user=root ...	2020-04-02 23:29:47
138.99.7.137	attack	Feb 23 11:39:56 *** sshd[19994]: Invalid user debian-spamd from 138.99.7.137	2020-02-23 20:55:06
138.99.79.231	attackspam	Automatic report - Port Scan Attack	2020-02-18 03:17:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.99.7.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13151
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.99.7.2.			IN	A

;; AUTHORITY SECTION:
.			566	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070701 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 08 11:39:08 CST 2019
;; MSG SIZE  rcvd: 114

Host info

2.7.99.138.in-addr.arpa domain name pointer host2.138-99-7.telmex.net.ar.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
2.7.99.138.in-addr.arpa	name = host2.138-99-7.telmex.net.ar.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.42.96.25	attackspambots	Automatic report - Port Scan Attack	2020-04-30 15:51:00
222.186.15.62	attackspam	2020-04-30T09:52:10.266854centos sshd[19990]: Failed password for root from 222.186.15.62 port 59696 ssh2 2020-04-30T09:52:14.593389centos sshd[19990]: Failed password for root from 222.186.15.62 port 59696 ssh2 2020-04-30T09:52:18.841673centos sshd[19990]: Failed password for root from 222.186.15.62 port 59696 ssh2 ...	2020-04-30 15:55:40
183.89.215.67	attack	Dovecot Invalid User Login Attempt.	2020-04-30 16:10:28
188.6.161.77	attackspam	Apr 30 09:39:56 OPSO sshd\[25641\]: Invalid user centos from 188.6.161.77 port 39823 Apr 30 09:39:56 OPSO sshd\[25641\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.6.161.77 Apr 30 09:39:58 OPSO sshd\[25641\]: Failed password for invalid user centos from 188.6.161.77 port 39823 ssh2 Apr 30 09:41:17 OPSO sshd\[26029\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.6.161.77 user=root Apr 30 09:41:19 OPSO sshd\[26029\]: Failed password for root from 188.6.161.77 port 49479 ssh2	2020-04-30 15:56:12
51.15.118.15	attack	Invalid user test from 51.15.118.15 port 56232	2020-04-30 16:23:26
144.138.73.101	attackspambots	Invalid user test from 144.138.73.101 port 53922	2020-04-30 15:56:29
182.149.104.154	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-30 15:56:50
222.186.30.167	attackbotsspam	Apr 30 10:10:26 vps sshd[82056]: Failed password for root from 222.186.30.167 port 13231 ssh2 Apr 30 10:10:29 vps sshd[82056]: Failed password for root from 222.186.30.167 port 13231 ssh2 Apr 30 10:10:30 vps sshd[82565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root Apr 30 10:10:33 vps sshd[82565]: Failed password for root from 222.186.30.167 port 32616 ssh2 Apr 30 10:10:35 vps sshd[82565]: Failed password for root from 222.186.30.167 port 32616 ssh2 ...	2020-04-30 16:13:53
129.211.184.31	attackspambots	Invalid user l4d2 from 129.211.184.31 port 39440	2020-04-30 15:48:46
157.230.151.241	attackbots	SSH/22 MH Probe, BF, Hack -	2020-04-30 15:44:41
89.218.78.226	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-30 15:52:43
64.227.54.28	attack	Invalid user wp from 64.227.54.28 port 37784	2020-04-30 16:09:17
104.131.55.236	attackspambots	Apr 30 03:08:02 lanister sshd[4833]: Invalid user ckc from 104.131.55.236 Apr 30 03:08:02 lanister sshd[4833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.55.236 Apr 30 03:08:02 lanister sshd[4833]: Invalid user ckc from 104.131.55.236 Apr 30 03:08:04 lanister sshd[4833]: Failed password for invalid user ckc from 104.131.55.236 port 47360 ssh2	2020-04-30 15:52:19
49.82.182.203	attack	Brute force blocker - service: proftpd1, proftpd2 - aantal: 44 - Fri Jun 15 07:30:18 2018	2020-04-30 16:07:14
182.119.163.151	attack	Brute force blocker - service: proftpd1, proftpd2 - aantal: 52 - Fri Jun 15 03:50:18 2018	2020-04-30 16:15:21

Recently Reported IPs

89.80.252.168	249.147.194.92	45.59.69.138	46.165.175.36
241.236.185.170	213.86.166.23	41.230.4.69	212.46.162.109
191.75.19.88	82.102.21.213	247.206.47.145	238.63.78.211
49.231.232.27	198.92.215.129	188.190.221.33	57.66.33.20
92.57.186.157	103.91.204.172	67.175.113.97	104.168.149.238