138.99.7.29 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Argentina

Internet Service Provider: AMX Argentina S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Sep 21 14:28:02 localhost sshd\[4429\]: Invalid user testmail1 from 138.99.7.29 Sep 21 14:28:02 localhost sshd\[4429\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.29 Sep 21 14:28:04 localhost sshd\[4429\]: Failed password for invalid user testmail1 from 138.99.7.29 port 56880 ssh2 Sep 21 14:37:33 localhost sshd\[5102\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.29 user=root Sep 21 14:37:36 localhost sshd\[5102\]: Failed password for root from 138.99.7.29 port 39850 ssh2 ...	2020-09-22 01:46:54
attack	2020-09-21 03:31:28,046 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 2020-09-21 04:13:22,125 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 2020-09-21 05:01:54,220 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 2020-09-21 05:42:45,401 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 2020-09-21 10:30:53,148 fail2ban.actions [937]: NOTICE [sshd] Ban 138.99.7.29 ...	2020-09-21 17:30:54
attack	Automatic report - Banned IP Access	2020-08-24 04:40:45
attack	2020-08-11T15:59:35.098926ks3355764 sshd[23602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.29 user=root 2020-08-11T15:59:37.675376ks3355764 sshd[23602]: Failed password for root from 138.99.7.29 port 58834 ssh2 ...	2020-08-11 23:21:48
attackbots	Port Scan detected from 138.99.7.29 (AR/Argentina/Buenos Aires F.D./Buenos Aires/host29.138-99-7.telmex.net.ar). 4 hits in the last 255 seconds	2020-08-07 06:27:04
attack	Jul 23 06:01:23 h2427292 sshd\[14200\]: Invalid user administrador from 138.99.7.29 Jul 23 06:01:23 h2427292 sshd\[14200\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.29 Jul 23 06:01:25 h2427292 sshd\[14200\]: Failed password for invalid user administrador from 138.99.7.29 port 36738 ssh2 ...	2020-07-23 12:05:03

Comments on same subnet:

IP	Type	Details	Datetime
138.99.79.192	attackspam	DATE:2020-09-30 22:38:59, IP:138.99.79.192, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-10-02 04:31:18
138.99.79.192	attackspambots	DATE:2020-09-30 22:38:59, IP:138.99.79.192, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-10-01 20:47:39
138.99.79.192	attackspambots	DATE:2020-09-30 22:38:59, IP:138.99.79.192, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-10-01 12:59:50
138.99.76.14	attackspambots	Automatic report - Port Scan Attack	2020-05-08 20:55:22
138.99.7.54	attackspambots	Apr 9 15:38:06 santamaria sshd\[12892\]: Invalid user data from 138.99.7.54 Apr 9 15:38:06 santamaria sshd\[12892\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 Apr 9 15:38:08 santamaria sshd\[12892\]: Failed password for invalid user data from 138.99.7.54 port 55902 ssh2 ...	2020-04-10 03:15:04
138.99.7.54	attackspam	Apr 7 19:32:31 cloud sshd[1753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 Apr 7 19:32:32 cloud sshd[1753]: Failed password for invalid user ubuntu from 138.99.7.54 port 54398 ssh2	2020-04-08 04:43:54
138.99.7.54	attackbots	Apr 2 07:05:32 server1 sshd\[27542\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 user=root Apr 2 07:05:34 server1 sshd\[27542\]: Failed password for root from 138.99.7.54 port 46016 ssh2 Apr 2 07:07:41 server1 sshd\[28230\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 user=root Apr 2 07:07:43 server1 sshd\[28230\]: Failed password for root from 138.99.7.54 port 45624 ssh2 Apr 2 07:09:53 server1 sshd\[28906\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.54 user=root ...	2020-04-02 23:29:47
138.99.7.137	attack	Feb 23 11:39:56 *** sshd[19994]: Invalid user debian-spamd from 138.99.7.137	2020-02-23 20:55:06
138.99.79.231	attackspam	Automatic report - Port Scan Attack	2020-02-18 03:17:45
138.99.7.137	attackspam	Unauthorized connection attempt detected from IP address 138.99.7.137 to port 2220 [J]	2020-01-30 13:25:15
138.99.79.206	attackspambots	Automatic report - Port Scan Attack	2019-12-30 00:52:54
138.99.7.120	attackbots	Aug 2 22:46:07 yabzik sshd[16068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.120 Aug 2 22:46:09 yabzik sshd[16068]: Failed password for invalid user ossama from 138.99.7.120 port 43532 ssh2 Aug 2 22:53:19 yabzik sshd[18227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.120	2019-08-03 04:13:03
138.99.7.2	attack	Jul 17 23:11:31 MK-Soft-VM7 sshd\[26538\]: Invalid user fps from 138.99.7.2 port 47272 Jul 17 23:11:31 MK-Soft-VM7 sshd\[26538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.7.2 Jul 17 23:11:33 MK-Soft-VM7 sshd\[26538\]: Failed password for invalid user fps from 138.99.7.2 port 47272 ssh2 ...	2019-07-18 08:17:06
138.99.7.2	attack	Automatic report - Web App Attack	2019-07-08 11:39:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.99.7.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4149
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.99.7.29.			IN	A

;; AUTHORITY SECTION:
.			575	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072201 1800 900 604800 86400

;; Query time: 37 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 23 12:04:57 CST 2020
;; MSG SIZE  rcvd: 115

Host info

29.7.99.138.in-addr.arpa domain name pointer host29.138-99-7.telmex.net.ar.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
29.7.99.138.in-addr.arpa	name = host29.138-99-7.telmex.net.ar.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.67.193.92	attack	$f2bV_matches	2020-05-07 19:26:45
167.172.153.137	attack	May 7 13:30:37 pkdns2 sshd\[55896\]: Invalid user cp1 from 167.172.153.137May 7 13:30:39 pkdns2 sshd\[55896\]: Failed password for invalid user cp1 from 167.172.153.137 port 34476 ssh2May 7 13:33:42 pkdns2 sshd\[56002\]: Invalid user peter from 167.172.153.137May 7 13:33:44 pkdns2 sshd\[56002\]: Failed password for invalid user peter from 167.172.153.137 port 36226 ssh2May 7 13:36:11 pkdns2 sshd\[56146\]: Failed password for root from 167.172.153.137 port 37960 ssh2May 7 13:38:37 pkdns2 sshd\[56211\]: Invalid user test3 from 167.172.153.137May 7 13:38:38 pkdns2 sshd\[56211\]: Failed password for invalid user test3 from 167.172.153.137 port 39708 ssh2 ...	2020-05-07 19:23:52
187.188.103.16	attack	Icarus honeypot on github	2020-05-07 19:26:14
198.206.243.23	attackbotsspam	May 7 11:10:39 vmd26974 sshd[7143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.206.243.23 May 7 11:10:41 vmd26974 sshd[7143]: Failed password for invalid user ese from 198.206.243.23 port 45192 ssh2 ...	2020-05-07 19:39:46
152.136.22.63	attackbots	May 7 07:59:19 vps46666688 sshd[1717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.22.63 May 7 07:59:21 vps46666688 sshd[1717]: Failed password for invalid user veronica from 152.136.22.63 port 59582 ssh2 ...	2020-05-07 19:08:54
59.63.163.49	attackbotsspam	SSH brute-forcing	2020-05-07 19:18:43
111.231.109.151	attackbots	Fail2Ban Ban Triggered	2020-05-07 19:14:39
104.194.11.42	attackspambots	May 7 13:18:53 debian-2gb-nbg1-2 kernel: \[11109219.070970\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=64586 PROTO=TCP SPT=57105 DPT=55120 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-07 19:28:35
190.189.150.60	attackbots	port 23	2020-05-07 19:22:27
70.37.65.27	attackbotsspam	Time: Thu May 7 06:17:06 2020 -0300 IP: 70.37.65.27 (US/United States/-) Failures: 20 (WordPressBruteForcePOST) Interval: 3600 seconds Blocked: Permanent Block	2020-05-07 19:34:02
194.31.244.30	attackbotsspam	May 7 10:51:32 debian-2gb-nbg1-2 kernel: \[11100378.108672\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.31.244.30 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=23970 PROTO=TCP SPT=44774 DPT=8192 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-07 19:41:42
161.8.102.115	attackbotsspam	May 7 12:15:44 mout sshd[22577]: Invalid user deploy from 161.8.102.115 port 40630	2020-05-07 19:10:57
189.15.50.44	attackspam	port 23	2020-05-07 19:31:22
177.133.98.115	attackbotsspam	port 23	2020-05-07 19:44:28
192.34.57.113	attackspam	2020-05-07T04:52:36.0055271495-001 sshd[19348]: Failed password for invalid user admin from 192.34.57.113 port 52446 ssh2 2020-05-07T04:56:03.7090951495-001 sshd[19510]: Invalid user bogus from 192.34.57.113 port 33616 2020-05-07T04:56:03.7122731495-001 sshd[19510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=doctorsfundinggroup.com 2020-05-07T04:56:03.7090951495-001 sshd[19510]: Invalid user bogus from 192.34.57.113 port 33616 2020-05-07T04:56:05.1050061495-001 sshd[19510]: Failed password for invalid user bogus from 192.34.57.113 port 33616 ssh2 2020-05-07T04:59:30.6959371495-001 sshd[19666]: Invalid user harshad from 192.34.57.113 port 43032 ...	2020-05-07 19:44:51

Recently Reported IPs

145.241.121.86	2.57.122.187	201.249.207.210	77.246.3.85
139.209.233.233	156.15.156.208	84.135.33.221	76.10.112.63
171.106.138.119	49.102.111.107	94.199.88.64	112.33.158.138
150.60.251.96	223.213.192.166	177.11.250.195	177.44.150.248
222.125.108.110	187.144.232.234	126.110.125.115	186.174.178.81