34.68.180.13 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Google LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	"Unauthorized connection attempt on SSHD detected"	2020-06-18 05:21:03
attackspambots	2020-06-17T09:48:15.973641vps773228.ovh.net sshd[22611]: Invalid user net from 34.68.180.13 port 56338 2020-06-17T09:48:15.992881vps773228.ovh.net sshd[22611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.180.68.34.bc.googleusercontent.com 2020-06-17T09:48:15.973641vps773228.ovh.net sshd[22611]: Invalid user net from 34.68.180.13 port 56338 2020-06-17T09:48:17.829661vps773228.ovh.net sshd[22611]: Failed password for invalid user net from 34.68.180.13 port 56338 ssh2 2020-06-17T09:51:33.280824vps773228.ovh.net sshd[22669]: Invalid user kafka from 34.68.180.13 port 58304 ...	2020-06-17 15:53:07
attackbots	Failed password for invalid user sara from 34.68.180.13 port 36248 ssh2	2020-06-16 20:13:14

Type

Details

Datetime

attackbots

"Unauthorized connection attempt on SSHD detected"

2020-06-18 05:21:03

attackspambots

2020-06-17T09:48:15.973641vps773228.ovh.net sshd[22611]: Invalid user net from 34.68.180.13 port 56338
2020-06-17T09:48:15.992881vps773228.ovh.net sshd[22611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.180.68.34.bc.googleusercontent.com
2020-06-17T09:48:15.973641vps773228.ovh.net sshd[22611]: Invalid user net from 34.68.180.13 port 56338
2020-06-17T09:48:17.829661vps773228.ovh.net sshd[22611]: Failed password for invalid user net from 34.68.180.13 port 56338 ssh2
2020-06-17T09:51:33.280824vps773228.ovh.net sshd[22669]: Invalid user kafka from 34.68.180.13 port 58304
...

2020-06-17 15:53:07

attackbots

Failed password for invalid user sara from 34.68.180.13 port 36248 ssh2

2020-06-16 20:13:14

Comments on same subnet:

IP	Type	Details	Datetime
34.68.180.110	attackbotsspam	34.68.180.110 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 9 14:31:13 server2 sshd[29899]: Failed password for root from 34.68.180.110 port 60640 ssh2 Oct 9 14:33:18 server2 sshd[32751]: Failed password for root from 202.175.46.170 port 55888 ssh2 Oct 9 14:32:10 server2 sshd[31268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.133.232.251 user=root Oct 9 14:33:58 server2 sshd[435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.1.162 user=root Oct 9 14:32:13 server2 sshd[31268]: Failed password for root from 61.133.232.251 port 21113 ssh2 IP Addresses Blocked:	2020-10-10 06:26:51
34.68.180.110	attack	Oct 9 14:48:50 mout sshd[13022]: Invalid user lisa from 34.68.180.110 port 55848 Oct 9 14:48:53 mout sshd[13022]: Failed password for invalid user lisa from 34.68.180.110 port 55848 ssh2	2020-10-09 22:37:37
34.68.180.110	attackbotsspam	SSH login attempts.	2020-10-09 14:28:44
34.68.180.110	attack	Sep 29 20:39:38 localhost sshd\[4104\]: Invalid user tomcat1 from 34.68.180.110 Sep 29 20:39:38 localhost sshd\[4104\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.68.180.110 Sep 29 20:39:40 localhost sshd\[4104\]: Failed password for invalid user tomcat1 from 34.68.180.110 port 36278 ssh2 Sep 29 20:41:01 localhost sshd\[4276\]: Invalid user service from 34.68.180.110 Sep 29 20:41:01 localhost sshd\[4276\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.68.180.110 ...	2020-09-30 03:32:29
34.68.180.110	attackbotsspam	[ssh] SSH attack	2020-09-29 19:38:01
34.68.180.110	attack	$f2bV_matches	2020-08-26 03:01:36
34.68.180.110	attackspam	detected by Fail2Ban	2020-08-25 18:26:02
34.68.180.110	attackspam	prod8 ...	2020-08-23 02:03:11
34.68.180.110	attackspambots	sshd jail - ssh hack attempt	2020-08-22 05:35:39
34.68.180.110	attack	Aug 19 17:08:20 ns392434 sshd[27937]: Invalid user cyber from 34.68.180.110 port 54272 Aug 19 17:08:20 ns392434 sshd[27937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.68.180.110 Aug 19 17:08:20 ns392434 sshd[27937]: Invalid user cyber from 34.68.180.110 port 54272 Aug 19 17:08:22 ns392434 sshd[27937]: Failed password for invalid user cyber from 34.68.180.110 port 54272 ssh2 Aug 19 17:17:40 ns392434 sshd[28180]: Invalid user ts3 from 34.68.180.110 port 60026 Aug 19 17:17:40 ns392434 sshd[28180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.68.180.110 Aug 19 17:17:40 ns392434 sshd[28180]: Invalid user ts3 from 34.68.180.110 port 60026 Aug 19 17:17:42 ns392434 sshd[28180]: Failed password for invalid user ts3 from 34.68.180.110 port 60026 ssh2 Aug 19 17:20:10 ns392434 sshd[28239]: Invalid user ubuntu from 34.68.180.110 port 44288	2020-08-20 00:21:33
34.68.180.110	attack	Aug 17 00:56:09 NPSTNNYC01T sshd[7882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.68.180.110 Aug 17 00:56:11 NPSTNNYC01T sshd[7882]: Failed password for invalid user test from 34.68.180.110 port 55936 ssh2 Aug 17 01:00:03 NPSTNNYC01T sshd[8156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.68.180.110 ...	2020-08-17 18:42:48
34.68.180.110	attack	Aug 11 07:42:40 piServer sshd[12413]: Failed password for root from 34.68.180.110 port 35972 ssh2 Aug 11 07:45:19 piServer sshd[12684]: Failed password for root from 34.68.180.110 port 53574 ssh2 ...	2020-08-11 13:56:07
34.68.180.110	attack	" "	2020-08-02 00:24:32
34.68.180.110	attackspam	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-07-25 08:23:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 34.68.180.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48148
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;34.68.180.13.			IN	A

;; AUTHORITY SECTION:
.			498	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061600 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 16 20:13:06 CST 2020
;; MSG SIZE  rcvd: 116

Host info

13.180.68.34.in-addr.arpa domain name pointer 13.180.68.34.bc.googleusercontent.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
13.180.68.34.in-addr.arpa	name = 13.180.68.34.bc.googleusercontent.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.231.93.35	attackbots	Jun 29 20:19:29 sso sshd[18707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.93.35 Jun 29 20:19:31 sso sshd[18707]: Failed password for invalid user soporte from 111.231.93.35 port 55356 ssh2 ...	2020-06-30 03:28:04
185.143.162.223	attackspam	xmlrpc attack	2020-06-30 03:42:05
24.220.27.158	attackbots	Jun 29 21:59:23 www1 sshd\[40731\]: Invalid user admin from 24.220.27.158Jun 29 21:59:25 www1 sshd\[40731\]: Failed password for invalid user admin from 24.220.27.158 port 50449 ssh2Jun 29 21:59:29 www1 sshd\[40736\]: Failed password for root from 24.220.27.158 port 50592 ssh2Jun 29 21:59:31 www1 sshd\[40738\]: Invalid user admin from 24.220.27.158Jun 29 21:59:33 www1 sshd\[40738\]: Failed password for invalid user admin from 24.220.27.158 port 50700 ssh2Jun 29 21:59:34 www1 sshd\[40740\]: Invalid user admin from 24.220.27.158 ...	2020-06-30 03:50:06
89.248.162.233	attack	Jun 29 21:12:15 debian-2gb-nbg1-2 kernel: \[15716577.102942\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=89.248.162.233 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=52557 PROTO=TCP SPT=51889 DPT=13304 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-30 03:13:42
51.178.182.35	attackspambots	Jun 29 12:20:07 NPSTNNYC01T sshd[4422]: Failed password for root from 51.178.182.35 port 48514 ssh2 Jun 29 12:23:15 NPSTNNYC01T sshd[4582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.182.35 Jun 29 12:23:17 NPSTNNYC01T sshd[4582]: Failed password for invalid user adsl from 51.178.182.35 port 47192 ssh2 ...	2020-06-30 03:25:39
88.232.73.200	attackbots	xmlrpc attack	2020-06-30 03:16:51
83.29.168.73	attackspam	Unauthorized connection attempt detected from IP address 83.29.168.73 to port 23	2020-06-30 03:46:54
167.250.217.46	attackspambots	Jun 29 12:56:12 mail.srvfarm.net postfix/smtps/smtpd[780437]: warning: unknown[167.250.217.46]: SASL PLAIN authentication failed: Jun 29 12:56:12 mail.srvfarm.net postfix/smtps/smtpd[780437]: lost connection after AUTH from unknown[167.250.217.46] Jun 29 13:02:28 mail.srvfarm.net postfix/smtps/smtpd[779863]: warning: unknown[167.250.217.46]: SASL PLAIN authentication failed: Jun 29 13:02:28 mail.srvfarm.net postfix/smtps/smtpd[779863]: lost connection after AUTH from unknown[167.250.217.46] Jun 29 13:05:48 mail.srvfarm.net postfix/smtpd[782531]: warning: unknown[167.250.217.46]: SASL PLAIN authentication failed:	2020-06-30 03:30:11
203.98.76.172	attackspambots	2020-06-29T18:32:16.814845hostname sshd[8508]: Failed password for invalid user zz from 203.98.76.172 port 46644 ssh2 ...	2020-06-30 03:50:19
36.80.48.9	attackbotsspam	Jun 29 18:58:52 ns392434 sshd[14066]: Invalid user gs from 36.80.48.9 port 64577 Jun 29 18:58:52 ns392434 sshd[14066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.80.48.9 Jun 29 18:58:52 ns392434 sshd[14066]: Invalid user gs from 36.80.48.9 port 64577 Jun 29 18:58:54 ns392434 sshd[14066]: Failed password for invalid user gs from 36.80.48.9 port 64577 ssh2 Jun 29 19:02:02 ns392434 sshd[14137]: Invalid user ftptest from 36.80.48.9 port 11745 Jun 29 19:02:02 ns392434 sshd[14137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.80.48.9 Jun 29 19:02:02 ns392434 sshd[14137]: Invalid user ftptest from 36.80.48.9 port 11745 Jun 29 19:02:04 ns392434 sshd[14137]: Failed password for invalid user ftptest from 36.80.48.9 port 11745 ssh2 Jun 29 19:05:17 ns392434 sshd[14182]: Invalid user daniel from 36.80.48.9 port 22049	2020-06-30 03:40:54
193.194.96.141	attackspam	Telnetd brute force attack detected by fail2ban	2020-06-30 03:33:51
139.59.129.45	attackbotsspam	Jun 29 15:30:39 rush sshd[19089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.129.45 Jun 29 15:30:41 rush sshd[19089]: Failed password for invalid user yingqiu from 139.59.129.45 port 38496 ssh2 Jun 29 15:33:28 rush sshd[19140]: Failed password for root from 139.59.129.45 port 47834 ssh2 ...	2020-06-30 03:50:48
92.118.203.145	attack	xmlrpc attack	2020-06-30 03:24:59
187.189.105.10	attackbots	1593428766 - 06/29/2020 13:06:06 Host: 187.189.105.10/187.189.105.10 Port: 445 TCP Blocked	2020-06-30 03:49:18
203.123.107.19	attackbotsspam	Invalid user admin from 203.123.107.19 port 54197	2020-06-30 03:36:19

Recently Reported IPs

228.143.40.104	162.244.118.86	177.5.43.196	10.0.23.144
112.220.29.100	52.148.209.177	59.127.19.206	45.167.152.86
67.207.91.254	36.102.3.34	211.251.246.185	167.71.71.220
26.16.196.9	1.220.90.53	115.214.234.246	168.228.198.50
110.137.177.79	167.71.7.191	122.176.113.243	152.44.111.19