2.138.62.79 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Spain

运营商(isp): Telefonica de Espana Sau

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2.138.62.79 (ES/Spain/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 9 16:48:54 server2 sshd[11285]: Failed password for root from 103.39.217.170 port 35488 ssh2 Oct 9 16:48:52 server2 sshd[11285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.217.170 user=root Oct 9 16:49:06 server2 sshd[11559]: Failed password for root from 2.138.62.79 port 57910 ssh2 Oct 9 16:49:45 server2 sshd[11726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.199.195 user=root Oct 9 16:48:23 server2 sshd[11151]: Failed password for root from 54.160.120.29 port 41034 ssh2 IP Addresses Blocked: 103.39.217.170 (CN/China/-)	2020-10-10 21:36:10
attackspam	Aug 20 18:46:29 plex-server sshd[455792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.138.62.79 Aug 20 18:46:29 plex-server sshd[455792]: Invalid user panther from 2.138.62.79 port 58626 Aug 20 18:46:31 plex-server sshd[455792]: Failed password for invalid user panther from 2.138.62.79 port 58626 ssh2 Aug 20 18:50:00 plex-server sshd[457254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.138.62.79 user=root Aug 20 18:50:02 plex-server sshd[457254]: Failed password for root from 2.138.62.79 port 40035 ssh2 ...	2020-08-21 02:53:04
attack	Jul 31 13:51:44 marvibiene sshd[13240]: Failed password for root from 2.138.62.79 port 50782 ssh2 Jul 31 13:57:03 marvibiene sshd[13453]: Failed password for root from 2.138.62.79 port 59279 ssh2	2020-08-01 02:43:21

类型

评论内容

时间

attack

2.138.62.79 (ES/Spain/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct  9 16:48:54 server2 sshd[11285]: Failed password for root from 103.39.217.170 port 35488 ssh2
Oct  9 16:48:52 server2 sshd[11285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.217.170  user=root
Oct  9 16:49:06 server2 sshd[11559]: Failed password for root from 2.138.62.79 port 57910 ssh2
Oct  9 16:49:45 server2 sshd[11726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.199.195  user=root
Oct  9 16:48:23 server2 sshd[11151]: Failed password for root from 54.160.120.29 port 41034 ssh2

IP Addresses Blocked:

103.39.217.170 (CN/China/-)

2020-10-10 21:36:10

attackspam

Aug 20 18:46:29 plex-server sshd[455792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.138.62.79 
Aug 20 18:46:29 plex-server sshd[455792]: Invalid user panther from 2.138.62.79 port 58626
Aug 20 18:46:31 plex-server sshd[455792]: Failed password for invalid user panther from 2.138.62.79 port 58626 ssh2
Aug 20 18:50:00 plex-server sshd[457254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.138.62.79  user=root
Aug 20 18:50:02 plex-server sshd[457254]: Failed password for root from 2.138.62.79 port 40035 ssh2
...

2020-08-21 02:53:04

attack

Jul 31 13:51:44 marvibiene sshd[13240]: Failed password for root from 2.138.62.79 port 50782 ssh2
Jul 31 13:57:03 marvibiene sshd[13453]: Failed password for root from 2.138.62.79 port 59279 ssh2

2020-08-01 02:43:21

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.138.62.79
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1904
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.138.62.79.			IN	A

;; AUTHORITY SECTION:
.			465	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020073100 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 01 02:43:16 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

79.62.138.2.in-addr.arpa domain name pointer 79.red-2-138-62.dynamicip.rima-tde.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
79.62.138.2.in-addr.arpa	name = 79.red-2-138-62.dynamicip.rima-tde.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
84.54.215.181	attack	Automatic report - Port Scan Attack	2019-12-27 21:32:32
92.46.121.26	attack	firewall-block, port(s): 1433/tcp	2019-12-27 22:02:28
63.81.87.94	attackspam	Dec 27 07:20:06 grey postfix/smtpd\[24134\]: NOQUEUE: reject: RCPT from warehouse.vidyad.com\[63.81.87.94\]: 554 5.7.1 Service unavailable\; Client host \[63.81.87.94\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[63.81.87.94\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-27 22:05:09
101.200.138.79	attackspam	Port 1433 Scan	2019-12-27 21:57:24
183.89.214.233	attack	Dec 27 07:20:51 vpn01 sshd[9846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.89.214.233 Dec 27 07:20:54 vpn01 sshd[9846]: Failed password for invalid user super from 183.89.214.233 port 59902 ssh2 ...	2019-12-27 21:32:09
14.231.250.58	attack	Dec 27 07:20:31 vpn01 sshd[9807]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.231.250.58 Dec 27 07:20:33 vpn01 sshd[9807]: Failed password for invalid user admin from 14.231.250.58 port 34784 ssh2 ...	2019-12-27 21:44:21
14.248.215.66	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 27-12-2019 06:20:09.	2019-12-27 21:58:28
171.96.102.244	attackspam	firewall-block, port(s): 8080/tcp	2019-12-27 21:54:59
35.185.239.108	attack	Invalid user gdm from 35.185.239.108 port 52344	2019-12-27 21:46:12
222.186.175.183	attackspambots	Dec 27 14:48:47 localhost sshd\[6848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.183 user=root Dec 27 14:48:49 localhost sshd\[6848\]: Failed password for root from 222.186.175.183 port 33256 ssh2 Dec 27 14:48:53 localhost sshd\[6848\]: Failed password for root from 222.186.175.183 port 33256 ssh2	2019-12-27 21:52:23
106.12.92.65	attack	2019-12-27T13:32:59.440333abusebot-7.cloudsearch.cf sshd[21012]: Invalid user host from 106.12.92.65 port 57050 2019-12-27T13:32:59.444307abusebot-7.cloudsearch.cf sshd[21012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.65 2019-12-27T13:32:59.440333abusebot-7.cloudsearch.cf sshd[21012]: Invalid user host from 106.12.92.65 port 57050 2019-12-27T13:33:01.519270abusebot-7.cloudsearch.cf sshd[21012]: Failed password for invalid user host from 106.12.92.65 port 57050 ssh2 2019-12-27T13:41:47.580350abusebot-7.cloudsearch.cf sshd[21058]: Invalid user cbaintelkam from 106.12.92.65 port 38364 2019-12-27T13:41:47.585571abusebot-7.cloudsearch.cf sshd[21058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.65 2019-12-27T13:41:47.580350abusebot-7.cloudsearch.cf sshd[21058]: Invalid user cbaintelkam from 106.12.92.65 port 38364 2019-12-27T13:41:49.479683abusebot-7.cloudsearch.cf sshd[21058]: Fail ...	2019-12-27 21:47:16
104.131.189.116	attack	Dec 27 11:42:39 sigma sshd\[12172\]: Invalid user cgn from 104.131.189.116Dec 27 11:42:41 sigma sshd\[12172\]: Failed password for invalid user cgn from 104.131.189.116 port 33606 ssh2 ...	2019-12-27 21:35:42
124.156.55.143	attack	Unauthorized connection attempt detected from IP address 124.156.55.143 to port 1098	2019-12-27 21:41:48
45.95.35.3	attackspambots	Dec 27 07:20:27 exim[16116]: [1\51] 1ikiz4-0004Bw-Dr H=(found.qcside.com) [45.95.35.3] F= rejected after DATA: This message scored 101.1 spam points.	2019-12-27 21:25:35
36.22.177.210	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 27-12-2019 06:20:10.	2019-12-27 21:57:40

最近上报的IP列表

103.223.13.81	2.236.136.193	1.174.172.39	171.224.39.132
42.194.158.215	195.54.160.65	92.154.38.134	240.98.20.50
181.10.160.158	197.45.252.222	71.82.212.93	41.202.219.69
200.93.38.208	47.29.205.122	85.105.151.34	58.187.107.122
114.26.187.130	89.113.140.183	87.117.59.169	39.244.29.97