City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 13.70.20.99 | attack | $f2bV_matches |
2020-09-25 09:45:14 |
| 13.70.2.105 | attack | Lines containing failures of 13.70.2.105 Sep 23 18:22:58 shared12 sshd[3668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.70.2.105 user=r.r Sep 23 18:22:58 shared12 sshd[3670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.70.2.105 user=r.r Sep 23 18:23:00 shared12 sshd[3668]: Failed password for r.r from 13.70.2.105 port 41099 ssh2 Sep 23 18:23:00 shared12 sshd[3668]: Received disconnect from 13.70.2.105 port 41099:11: Client disconnecting normally [preauth] Sep 23 18:23:00 shared12 sshd[3668]: Disconnected from authenticating user r.r 13.70.2.105 port 41099 [preauth] Sep 23 18:23:00 shared12 sshd[3670]: Failed password for r.r from 13.70.2.105 port 41188 ssh2 Sep 23 18:23:01 shared12 sshd[3670]: Received disconnect from 13.70.2.105 port 41188:11: Client disconnecting normally [preauth] Sep 23 18:23:01 shared12 sshd[3670]: Disconnected from authenticating user r.r 13.70.2.105 p........ ------------------------------ |
2020-09-24 20:33:58 |
| 13.70.2.105 | attackbots | Sep 23 20:20:45 prox sshd[22194]: Failed password for root from 13.70.2.105 port 10689 ssh2 |
2020-09-24 12:31:04 |
| 13.70.2.105 | attack | " " |
2020-09-24 04:01:02 |
| 13.70.20.99 | attack | Unauthorized connection attempt detected from IP address 13.70.20.99 to port 1433 [T] |
2020-07-22 04:06:49 |
| 13.70.20.99 | attackspam | Jul 16 00:17:58 *hidden* sshd[22619]: Failed password for *hidden* from 13.70.20.99 port 32569 ssh2 Jul 16 08:20:49 *hidden* sshd[686]: Failed password for *hidden* from 13.70.20.99 port 65422 ssh2 Jul 16 18:35:00 *hidden* sshd[29914]: Failed password for *hidden* from 13.70.20.99 port 32030 ssh2 |
2020-07-17 00:52:50 |
| 13.70.2.48 | attackspam | Jul 15 12:56:07 marvibiene sshd[37770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.70.2.48 Jul 15 12:56:07 marvibiene sshd[37770]: Invalid user der from 13.70.2.48 port 59187 Jul 15 12:56:09 marvibiene sshd[37770]: Failed password for invalid user der from 13.70.2.48 port 59187 ssh2 Jul 15 12:56:07 marvibiene sshd[37771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.70.2.48 Jul 15 12:56:07 marvibiene sshd[37771]: Invalid user herz from 13.70.2.48 port 59186 Jul 15 12:56:09 marvibiene sshd[37771]: Failed password for invalid user herz from 13.70.2.48 port 59186 ssh2 Jul 15 12:56:07 marvibiene sshd[37773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.70.2.48 Jul 15 12:56:07 marvibiene sshd[37773]: Invalid user herz-der-gamer.de from 13.70.2.48 port 59189 Jul 15 12:56:09 marvibiene sshd[37773]: Failed password for invalid user herz-der-gamer.de from 13.70.2.48 port 59189 ssh |
2020-07-16 01:27:34 |
| 13.70.20.99 | attack | Jul 15 14:44:07 buvik sshd[8517]: Invalid user kaptiva.no from 13.70.20.99 Jul 15 14:44:07 buvik sshd[8518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.70.20.99 Jul 15 14:44:09 buvik sshd[8518]: Failed password for invalid user kaptiva from 13.70.20.99 port 62070 ssh2 ... |
2020-07-15 20:44:37 |
| 13.70.20.99 | attackbots | " " |
2020-06-30 03:00:46 |
| 13.70.2.48 | attackbotsspam | 302. On Jun 26 2020 experienced a Brute Force SSH login attempt -> 1 unique times by 13.70.2.48. |
2020-06-27 06:20:58 |
| 13.70.2.48 | attackbots | Lines containing failures of 13.70.2.48 Jun 24 17:22:28 shared10 sshd[14030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.70.2.48 user=r.r Jun 24 17:22:29 shared10 sshd[14034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.70.2.48 user=r.r Jun 24 17:22:31 shared10 sshd[14030]: Failed password for r.r from 13.70.2.48 port 20487 ssh2 Jun 24 17:22:31 shared10 sshd[14034]: Failed password for r.r from 13.70.2.48 port 20586 ssh2 Jun 24 17:22:31 shared10 sshd[14030]: Received disconnect from 13.70.2.48 port 20487:11: Client disconnecting normally [preauth] Jun 24 17:22:31 shared10 sshd[14030]: Disconnected from authenticating user r.r 13.70.2.48 port 20487 [preauth] Jun 24 17:22:31 shared10 sshd[14034]: Received disconnect from 13.70.2.48 port 20586:11: Client disconnecting normally [preauth] Jun 24 17:22:31 shared10 sshd[14034]: Disconnected from authenticating user r.r 13.70.2.48 po........ ------------------------------ |
2020-06-25 23:52:45 |
| 13.70.2.48 | attackbots | $f2bV_matches | Triggered by Fail2Ban at Vostok web server |
2020-06-25 20:25:09 |
| 13.70.20.99 | attack | Jun 25 08:11:25 vpn01 sshd[11301]: Failed password for root from 13.70.20.99 port 4031 ssh2 ... |
2020-06-25 15:39:13 |
| 13.70.200.89 | attackspambots | Mar 27 22:16:29 debian-2gb-nbg1-2 kernel: \[7602859.068628\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=13.70.200.89 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=61111 PROTO=TCP SPT=43758 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-28 07:29:39 |
| 13.70.25.246 | attackspambots | Multiple failed RDP login attempts |
2019-10-30 20:19:40 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.70.2.236
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21434
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;13.70.2.236. IN A
;; AUTHORITY SECTION:
. 550 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022601 1800 900 604800 86400
;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 12:10:52 CST 2022
;; MSG SIZE rcvd: 104
Host 236.2.70.13.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 236.2.70.13.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 82.117.163.210 | attackspam | 2020-04-29T15:02:56.990515sd-86998 sshd[6923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns2.nts.su user=root 2020-04-29T15:02:58.561467sd-86998 sshd[6923]: Failed password for root from 82.117.163.210 port 44601 ssh2 2020-04-29T15:07:50.567176sd-86998 sshd[7294]: Invalid user gerald from 82.117.163.210 port 50679 2020-04-29T15:07:50.569570sd-86998 sshd[7294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns2.nts.su 2020-04-29T15:07:50.567176sd-86998 sshd[7294]: Invalid user gerald from 82.117.163.210 port 50679 2020-04-29T15:07:53.168950sd-86998 sshd[7294]: Failed password for invalid user gerald from 82.117.163.210 port 50679 ssh2 ... |
2020-04-29 21:51:28 |
| 217.182.68.93 | attackbotsspam | Apr 29 14:03:05 nextcloud sshd\[25176\]: Invalid user madan from 217.182.68.93 Apr 29 14:03:05 nextcloud sshd\[25176\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.68.93 Apr 29 14:03:07 nextcloud sshd\[25176\]: Failed password for invalid user madan from 217.182.68.93 port 55678 ssh2 |
2020-04-29 21:35:06 |
| 148.70.125.42 | attackspam | Failed password for root from 148.70.125.42 port 58820 ssh2 |
2020-04-29 22:08:56 |
| 134.122.73.4 | attackspambots | Lines containing failures of 134.122.73.4 Apr 29 07:40:38 box sshd[12990]: Did not receive identification string from 134.122.73.4 port 44256 Apr 29 07:41:56 box sshd[12991]: Did not receive identification string from 134.122.73.4 port 46478 Apr 29 07:42:42 box sshd[12994]: Invalid user ftpuser from 134.122.73.4 port 33056 Apr 29 07:42:42 box sshd[12994]: Received disconnect from 134.122.73.4 port 33056:11: Normal Shutdown, Thank you for playing [preauth] Apr 29 07:42:42 box sshd[12994]: Disconnected from invalid user ftpuser 134.122.73.4 port 33056 [preauth] Apr 29 07:43:25 box sshd[13007]: Invalid user ghostname from 134.122.73.4 port 47626 Apr 29 07:43:25 box sshd[13007]: Received disconnect from 134.122.73.4 port 47626:11: Normal Shutdown, Thank you for playing [preauth] Apr 29 07:43:25 box sshd[13007]: Disconnected from invalid user ghostname 134.122.73.4 port 47626 [preauth] Apr 29 07:44:09 box sshd[13010]: Invalid user oracle from 134.122.73.4 port 33966 Apr 29 07........ ------------------------------ |
2020-04-29 22:00:38 |
| 94.177.163.134 | attackbotsspam | [Aegis] @ 2019-07-26 00:56:53 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack |
2020-04-29 21:57:15 |
| 115.112.64.250 | attackbotsspam | Unauthorized connection attempt from IP address 115.112.64.250 on Port 445(SMB) |
2020-04-29 22:05:31 |
| 190.128.171.250 | attack | Apr 29 20:40:21 webhost01 sshd[16290]: Failed password for root from 190.128.171.250 port 58830 ssh2 Apr 29 20:44:54 webhost01 sshd[16350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.128.171.250 ... |
2020-04-29 22:14:04 |
| 67.205.171.223 | attackbots | 2020-04-29T08:39:34.737923sorsha.thespaminator.com sshd[28465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.171.223 user=root 2020-04-29T08:39:36.840124sorsha.thespaminator.com sshd[28465]: Failed password for root from 67.205.171.223 port 54762 ssh2 ... |
2020-04-29 21:45:33 |
| 106.12.55.131 | attackspambots | $f2bV_matches |
2020-04-29 21:40:48 |
| 47.97.96.252 | attack | Apr 29 13:18:37 www6-3 sshd[16106]: Invalid user md from 47.97.96.252 port 44488 Apr 29 13:18:37 www6-3 sshd[16106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.97.96.252 Apr 29 13:18:38 www6-3 sshd[16106]: Failed password for invalid user md from 47.97.96.252 port 44488 ssh2 Apr 29 13:18:38 www6-3 sshd[16106]: Received disconnect from 47.97.96.252 port 44488:11: Bye Bye [preauth] Apr 29 13:18:38 www6-3 sshd[16106]: Disconnected from 47.97.96.252 port 44488 [preauth] Apr 29 13:47:22 www6-3 sshd[18533]: Connection closed by 47.97.96.252 port 51898 [preauth] Apr 29 13:48:49 www6-3 sshd[18597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.97.96.252 user=r.r Apr 29 13:48:50 www6-3 sshd[18597]: Failed password for r.r from 47.97.96.252 port 38944 ssh2 Apr 29 13:48:51 www6-3 sshd[18597]: Received disconnect from 47.97.96.252 port 38944:11: Bye Bye [preauth] Apr 29 13:48:51 www6-3 ssh........ ------------------------------- |
2020-04-29 22:16:11 |
| 115.159.51.239 | attackspambots | Apr 29 15:26:43 OPSO sshd\[21646\]: Invalid user miguel from 115.159.51.239 port 40928 Apr 29 15:26:43 OPSO sshd\[21646\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.51.239 Apr 29 15:26:46 OPSO sshd\[21646\]: Failed password for invalid user miguel from 115.159.51.239 port 40928 ssh2 Apr 29 15:32:22 OPSO sshd\[22654\]: Invalid user ruby from 115.159.51.239 port 41182 Apr 29 15:32:22 OPSO sshd\[22654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.51.239 |
2020-04-29 22:11:58 |
| 14.177.239.168 | attackspam | 2020-04-29T14:21:25.288235v220200467592115444 sshd[29416]: Invalid user fernando from 14.177.239.168 port 51843 2020-04-29T14:21:25.295295v220200467592115444 sshd[29416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.177.239.168 2020-04-29T14:21:25.288235v220200467592115444 sshd[29416]: Invalid user fernando from 14.177.239.168 port 51843 2020-04-29T14:21:27.561510v220200467592115444 sshd[29416]: Failed password for invalid user fernando from 14.177.239.168 port 51843 ssh2 2020-04-29T14:26:22.760161v220200467592115444 sshd[29597]: Invalid user norberto from 14.177.239.168 port 37049 ... |
2020-04-29 22:02:27 |
| 220.231.180.131 | attackspam | 2020-04-29T08:44:10.0497681495-001 sshd[21004]: Invalid user externe from 220.231.180.131 port 46736 2020-04-29T08:44:12.0465581495-001 sshd[21004]: Failed password for invalid user externe from 220.231.180.131 port 46736 ssh2 2020-04-29T08:47:37.1315341495-001 sshd[21203]: Invalid user ftpuser from 220.231.180.131 port 58276 2020-04-29T08:47:37.1353261495-001 sshd[21203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.231.180.131 2020-04-29T08:47:37.1315341495-001 sshd[21203]: Invalid user ftpuser from 220.231.180.131 port 58276 2020-04-29T08:47:38.5450531495-001 sshd[21203]: Failed password for invalid user ftpuser from 220.231.180.131 port 58276 ssh2 ... |
2020-04-29 21:34:51 |
| 222.186.175.148 | attackspambots | Apr 29 15:21:50 pve1 sshd[376]: Failed password for root from 222.186.175.148 port 56560 ssh2 Apr 29 15:21:54 pve1 sshd[376]: Failed password for root from 222.186.175.148 port 56560 ssh2 ... |
2020-04-29 21:34:31 |
| 91.121.91.82 | attackspam | Apr 29 15:45:54 server sshd[21520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.91.82 Apr 29 15:45:56 server sshd[21520]: Failed password for invalid user qweasdzxc from 91.121.91.82 port 59098 ssh2 Apr 29 15:48:39 server sshd[21756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.91.82 ... |
2020-04-29 22:01:34 |