City: unknown
Region: unknown
Country: Argentina
Internet Service Provider: AMX Argentina S.A.
Hostname: unknown
Organization: unknown
Usage Type: unknown
| Type | Details | Datetime |
|---|---|---|
| attack | Jul 17 23:11:31 MK-Soft-VM7 sshd\[26538\]: Invalid user fps from 138.99.7.2 port 47272 Jul 17 23:11:31 MK-Soft-VM7 sshd\[26538\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.2 Jul 17 23:11:33 MK-Soft-VM7 sshd\[26538\]: Failed password for invalid user fps from 138.99.7.2 port 47272 ssh2 ... |
2019-07-18 08:17:06 |
| attack | Automatic report - Web App Attack |
2019-07-08 11:39:17 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 138.99.79.192 | attackspam | DATE:2020-09-30 22:38:59, IP:138.99.79.192, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq) |
2020-10-02 04:31:18 |
| 138.99.79.192 | attackspambots | DATE:2020-09-30 22:38:59, IP:138.99.79.192, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq) |
2020-10-01 20:47:39 |
| 138.99.79.192 | attackspambots | DATE:2020-09-30 22:38:59, IP:138.99.79.192, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq) |
2020-10-01 12:59:50 |
| 138.99.7.29 | attack | Sep 21 14:28:02 localhost sshd\[4429\]: Invalid user testmail1 from 138.99.7.29 Sep 21 14:28:02 localhost sshd\[4429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.29 Sep 21 14:28:04 localhost sshd\[4429\]: Failed password for invalid user testmail1 from 138.99.7.29 port 56880 ssh2 Sep 21 14:37:33 localhost sshd\[5102\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.29 user=root Sep 21 14:37:36 localhost sshd\[5102\]: Failed password for root from 138.99.7.29 port 39850 ssh2 ... |
2020-09-22 01:46:54 |
| 138.99.7.29 | attack | 2020-09-21 03:31:28,046 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 2020-09-21 04:13:22,125 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 2020-09-21 05:01:54,220 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 2020-09-21 05:42:45,401 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 2020-09-21 10:30:53,148 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 ... |
2020-09-21 17:30:54 |
| 138.99.7.29 | attack | Automatic report - Banned IP Access |
2020-08-24 04:40:45 |
| 138.99.7.29 | attack | 2020-08-11T15:59:35.098926ks3355764 sshd[23602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.29 user=root 2020-08-11T15:59:37.675376ks3355764 sshd[23602]: Failed password for root from 138.99.7.29 port 58834 ssh2 ... |
2020-08-11 23:21:48 |
| 138.99.7.29 | attackbots | *Port Scan* detected from 138.99.7.29 (AR/Argentina/Buenos Aires F.D./Buenos Aires/host29.138-99-7.telmex.net.ar). 4 hits in the last 255 seconds |
2020-08-07 06:27:04 |
| 138.99.7.29 | attack | Jul 23 06:01:23 h2427292 sshd\[14200\]: Invalid user administrador from 138.99.7.29 Jul 23 06:01:23 h2427292 sshd\[14200\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.29 Jul 23 06:01:25 h2427292 sshd\[14200\]: Failed password for invalid user administrador from 138.99.7.29 port 36738 ssh2 ... |
2020-07-23 12:05:03 |
| 138.99.76.14 | attackspambots | Automatic report - Port Scan Attack |
2020-05-08 20:55:22 |
| 138.99.7.54 | attackspambots | Apr 9 15:38:06 santamaria sshd\[12892\]: Invalid user data from 138.99.7.54 Apr 9 15:38:06 santamaria sshd\[12892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 Apr 9 15:38:08 santamaria sshd\[12892\]: Failed password for invalid user data from 138.99.7.54 port 55902 ssh2 ... |
2020-04-10 03:15:04 |
| 138.99.7.54 | attackspam | Apr 7 19:32:31 cloud sshd[1753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 Apr 7 19:32:32 cloud sshd[1753]: Failed password for invalid user ubuntu from 138.99.7.54 port 54398 ssh2 |
2020-04-08 04:43:54 |
| 138.99.7.54 | attackbots | Apr 2 07:05:32 server1 sshd\[27542\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 user=root Apr 2 07:05:34 server1 sshd\[27542\]: Failed password for root from 138.99.7.54 port 46016 ssh2 Apr 2 07:07:41 server1 sshd\[28230\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 user=root Apr 2 07:07:43 server1 sshd\[28230\]: Failed password for root from 138.99.7.54 port 45624 ssh2 Apr 2 07:09:53 server1 sshd\[28906\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 user=root ... |
2020-04-02 23:29:47 |
| 138.99.7.137 | attack | Feb 23 11:39:56 *** sshd[19994]: Invalid user debian-spamd from 138.99.7.137 |
2020-02-23 20:55:06 |
| 138.99.79.231 | attackspam | Automatic report - Port Scan Attack |
2020-02-18 03:17:45 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.99.7.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13151
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.99.7.2. IN A
;; AUTHORITY SECTION:
. 566 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019070701 1800 900 604800 86400
;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 08 11:39:08 CST 2019
;; MSG SIZE rcvd: 114
2.7.99.138.in-addr.arpa domain name pointer host2.138-99-7.telmex.net.ar.
Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
2.7.99.138.in-addr.arpa name = host2.138-99-7.telmex.net.ar.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 104.248.45.204 | attackspam | Mar 1 08:26:42 localhost sshd\[11339\]: Invalid user test from 104.248.45.204 port 42554 Mar 1 08:26:42 localhost sshd\[11339\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 Mar 1 08:26:44 localhost sshd\[11339\]: Failed password for invalid user test from 104.248.45.204 port 42554 ssh2 |
2020-03-01 15:31:24 |
| 106.12.186.74 | attackspambots | Invalid user ashish from 106.12.186.74 port 53278 |
2020-03-01 15:28:10 |
| 208.110.93.78 | attackbotsspam | 20 attempts against mh-misbehave-ban on pluto |
2020-03-01 15:29:02 |
| 182.48.105.210 | attackbotsspam | proto=tcp . spt=16677 . dpt=993 . src=182.48.105.210 . dst=xx.xx.4.1 . Listed on rbldns-ru also zen-spamhaus and abuseat-org (213) |
2020-03-01 15:24:52 |
| 5.39.29.252 | attackspambots | Feb 29 21:04:22 hanapaa sshd\[13493\]: Invalid user liaohaoran from 5.39.29.252 Feb 29 21:04:22 hanapaa sshd\[13493\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip252.ip-5-39-29.eu Feb 29 21:04:24 hanapaa sshd\[13493\]: Failed password for invalid user liaohaoran from 5.39.29.252 port 45018 ssh2 Feb 29 21:11:53 hanapaa sshd\[14160\]: Invalid user userftp from 5.39.29.252 Feb 29 21:11:53 hanapaa sshd\[14160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip252.ip-5-39-29.eu |
2020-03-01 15:13:58 |
| 199.122.113.50 | attackbotsspam | Automatic report - XMLRPC Attack |
2020-03-01 15:30:22 |
| 200.84.160.136 | attack | Honeypot attack, port: 445, PTR: PTR record not found |
2020-03-01 15:24:25 |
| 168.121.13.239 | attackspam | Automatic report - Port Scan Attack |
2020-03-01 15:40:14 |
| 103.23.207.134 | attackbotsspam | Honeypot attack, port: 445, PTR: 103.23.207-134.mayacyberworld.com. |
2020-03-01 15:06:08 |
| 69.162.109.106 | attackbotsspam | Mar 1 06:26:24 mail kernel: [1867241.580048] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=69.162.109.106 DST=77.73.69.240 LEN=40 TOS=0x08 PREC=0x20 TTL=235 ID=5935 DF PROTO=TCP SPT=7 DPT=15612 WINDOW=512 RES=0x00 SYN URGP=0 ... |
2020-03-01 15:37:38 |
| 42.117.168.140 | attack | Honeypot attack, port: 445, PTR: PTR record not found |
2020-03-01 15:42:48 |
| 65.91.52.175 | attackbots | Unauthorized connection attempt from IP address 65.91.52.175 on Port 445(SMB) |
2020-03-01 15:01:32 |
| 192.254.76.6 | attackspambots | Automatic report - XMLRPC Attack |
2020-03-01 15:05:11 |
| 129.211.24.104 | attackspambots | Mar 1 10:01:26 hosting sshd[8680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.24.104 user=admin Mar 1 10:01:28 hosting sshd[8680]: Failed password for admin from 129.211.24.104 port 48856 ssh2 ... |
2020-03-01 15:16:10 |
| 185.153.199.210 | attackspambots | Mar 1 14:00:13 itv-usvr-01 sshd[8454]: Invalid user 0 from 185.153.199.210 Mar 1 14:00:14 itv-usvr-01 sshd[8454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.153.199.210 Mar 1 14:00:13 itv-usvr-01 sshd[8454]: Invalid user 0 from 185.153.199.210 Mar 1 14:00:16 itv-usvr-01 sshd[8454]: Failed password for invalid user 0 from 185.153.199.210 port 7718 ssh2 Mar 1 14:00:24 itv-usvr-01 sshd[8456]: Invalid user 22 from 185.153.199.210 |
2020-03-01 15:03:11 |