AbuseIPDB » 5.2.70.140

5.2.70.140 was found in our database!

This IP was reported 7,137 times. Confidence of Abuse is 0%: ?

0%

ISP	The Infrastructure Group B.V.
Usage Type	Data Center/Web Hosting/Transit
Domain Name	theinfrastructure.group
Country	Netherlands
City	Alkmaar, Noord-Holland

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 5.2.70.140

Whois 5.2.70.140

IP Abuse Reports for 5.2.70.140:

This IP address has been reported a total of 7,137 times from 831 distinct sources. 5.2.70.140 was first reported on April 19th 2021, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp	Comment	Categories
ThreatBook.io	2023-08-20 22:05:29 (3 months ago)	ThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/5.2.70.140 20 ... show moreThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/5.2.70.140 2023-08-20 14:50:36 / 2023-08-20 14:50:44 / 2023-08-20 14:50:37 / show less	Web App Attack
el-brujo	2023-08-16 02:48:52 (3 months ago)	08/16/2023-04:48:52.632346 5.2.70.140 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 111	Hacking
oncord	2023-08-12 22:41:03 (3 months ago)	Form spam	Web Spam
QUADEMU Abuse Dpt	2023-08-11 21:33:08 (3 months ago)	Noxious/Nuisible/вредоносный Host.	Hacking Web App Attack
Ba-Yu	2023-08-11 09:03:21 (3 months ago)	WP-xmlrpc exploit	Web Spam Blog Spam Hacking Exploited Host Web App Attack
nationaleventpros.com	2023-08-10 14:48:13 (4 months ago)	web form spam (Nilsimsa: gQAKEARCIAZgAQEACAgFADAAAAACYAAAEAgAAIFMmAA)	Open Proxy Web Spam
oncord	2023-08-08 11:39:50 (4 months ago)	Form spam	Web Spam
ISPLtd	2023-08-07 16:52:22 (4 months ago)	Aug 7 13:52:21 SRC=5.2.70.140 PROTO=TCP SPT=54257 DPT=22 SYN Aug 7 13:52:22 SRC=5.2.70.140 P ... show moreAug 7 13:52:21 SRC=5.2.70.140 PROTO=TCP SPT=54257 DPT=22 SYN Aug 7 13:52:22 SRC=5.2.70.140 PROTO=TCP SPT=54257 DPT=22 SYN ... show less	Port Scan SSH
oncord	2023-08-06 13:29:05 (4 months ago)	Form spam	Web Spam
niceshops.com	2023-08-06 00:00:59 (4 months ago)	Web Attack (Aug 23 02:00:28 ScriptKiddie: request for /wp-login.php )	SQL Injection Brute-Force Bad Web Bot Web App Attack
maxxsense	2023-08-04 01:13:41 (4 months ago)	(wordpress) Failed wordpress login from 5.2.70.140 (NL/Netherlands/-)	Brute-Force
fstap	2023-07-25 22:37:26 (4 months ago)	"GET /.DS_Store HTTP/1.1"	Bad Web Bot Web App Attack
ozisp.com.au	2023-07-25 06:48:42 (4 months ago)	NL_mnt-nl-theinfrastructuregroup-1_<33>1690267720 [1:2522174:5229] ET TOR Known Tor Relay/Router (No ... show moreNL_mnt-nl-theinfrastructuregroup-1_<33>1690267720 [1:2522174:5229] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 175 [Classification: Misc Attack] [Priority: 2] {TCP} 5.2.70.140:24219 show less	Open Proxy
1000grad.com	2023-07-22 15:52:44 (4 months ago)	Jul 22 17:52:34 monitoring sshd[813820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 ... show moreJul 22 17:52:34 monitoring sshd[813820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.2.70.140 user=root Jul 22 17:52:36 monitoring sshd[813820]: Failed password for invalid user root from 5.2.70.140 port 36685 ssh2 Jul 22 17:52:39 monitoring sshd[813820]: Failed password for invalid user root from 5.2.70.140 port 36685 ssh2 Jul 22 17:52:43 monitoring sshd[813820]: Failed password for invalid user root from 5.2.70.140 port 36685 ssh2 Jul 22 17:52:44 monitoring sshd[813820]: error: maximum authentication attempts exceeded for invalid user root from 5.2.70.140 port 36685 ssh2 [preauth] ... show less	Brute-Force SSH
oncord	2023-07-21 22:38:28 (4 months ago)	Form spam	Web Spam

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩