13.70.7.22 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Jun 25 00:43:49 server2 sshd[24571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.70.7.22 user=r.r Jun 25 00:43:51 server2 sshd[24571]: Failed password for r.r from 13.70.7.22 port 28739 ssh2 Jun 25 00:43:51 server2 sshd[24571]: Received disconnect from 13.70.7.22: 11: Bye Bye [preauth] Jun 25 00:43:54 server2 sshd[24578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.70.7.22 user=r.r Jun 25 00:43:55 server2 sshd[24578]: Failed password for r.r from 13.70.7.22 port 40277 ssh2 Jun 25 00:43:55 server2 sshd[24578]: Received disconnect from 13.70.7.22: 11: Bye Bye [preauth] Jun 25 00:43:58 server2 sshd[24586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.70.7.22 user=r.r Jun 25 00:44:00 server2 sshd[24586]: Failed password for r.r from 13.70.7.22 port 48431 ssh2 Jun 25 00:44:00 server2 sshd[24586]: Received disconnect from 13.70.7.22: 1........ -------------------------------	2019-06-26 11:08:04

Type

Details

Datetime

attackspambots

Jun 25 00:43:49 server2 sshd[24571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.70.7.22  user=r.r
Jun 25 00:43:51 server2 sshd[24571]: Failed password for r.r from 13.70.7.22 port 28739 ssh2
Jun 25 00:43:51 server2 sshd[24571]: Received disconnect from 13.70.7.22: 11: Bye Bye [preauth]
Jun 25 00:43:54 server2 sshd[24578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.70.7.22  user=r.r
Jun 25 00:43:55 server2 sshd[24578]: Failed password for r.r from 13.70.7.22 port 40277 ssh2
Jun 25 00:43:55 server2 sshd[24578]: Received disconnect from 13.70.7.22: 11: Bye Bye [preauth]
Jun 25 00:43:58 server2 sshd[24586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.70.7.22  user=r.r
Jun 25 00:44:00 server2 sshd[24586]: Failed password for r.r from 13.70.7.22 port 48431 ssh2
Jun 25 00:44:00 server2 sshd[24586]: Received disconnect from 13.70.7.22: 1........
-------------------------------

2019-06-26 11:08:04

Comments on same subnet:

IP	Type	Details	Datetime
13.70.7.172	attackspam	Invalid user ubuntu from 13.70.7.172 port 46452	2019-12-11 01:51:01
13.70.7.172	attack	IP blocked	2019-12-07 14:01:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.70.7.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17233
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.70.7.22.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062502 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 26 11:07:58 CST 2019
;; MSG SIZE  rcvd: 114

Host info

Host 22.7.70.13.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 22.7.70.13.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
200.61.190.81	attackspambots	May 4 00:39:09 lukav-desktop sshd\[29567\]: Invalid user jaimin from 200.61.190.81 May 4 00:39:09 lukav-desktop sshd\[29567\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.61.190.81 May 4 00:39:10 lukav-desktop sshd\[29567\]: Failed password for invalid user jaimin from 200.61.190.81 port 45420 ssh2 May 4 00:41:46 lukav-desktop sshd\[32729\]: Invalid user giovanna from 200.61.190.81 May 4 00:41:46 lukav-desktop sshd\[32729\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.61.190.81	2020-05-04 06:39:23
106.12.33.119	attackspam	5x Failed Password	2020-05-04 06:36:25
118.25.6.53	attackbotsspam	SSH Invalid Login	2020-05-04 06:36:09
49.232.86.155	attackspam	May 4 00:24:46 markkoudstaal sshd[4858]: Failed password for root from 49.232.86.155 port 35594 ssh2 May 4 00:29:09 markkoudstaal sshd[5752]: Failed password for root from 49.232.86.155 port 60028 ssh2 May 4 00:33:44 markkoudstaal sshd[6592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.86.155	2020-05-04 06:44:20
212.129.41.188	attack	[2020-05-03 18:27:04] NOTICE[1170] chan_sip.c: Registration from '' failed for '212.129.41.188:59408' - Wrong password [2020-05-03 18:27:04] SECURITY[1184] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-03T18:27:04.578-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="695",SessionID="0x7f6c090de118",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/212.129.41.188/59408",Challenge="73fffe49",ReceivedChallenge="73fffe49",ReceivedHash="b12fd7969f90d9c4572f557b46d692f0" [2020-05-03 18:27:39] NOTICE[1170] chan_sip.c: Registration from '' failed for '212.129.41.188:53936' - Wrong password [2020-05-03 18:27:39] SECURITY[1184] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-03T18:27:39.715-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="719",SessionID="0x7f6c090de118",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/212.129.41.188 ...	2020-05-04 06:48:14
200.54.170.198	attack	May 3 22:37:44 vpn01 sshd[14843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.170.198 May 3 22:37:46 vpn01 sshd[14843]: Failed password for invalid user elvis from 200.54.170.198 port 42644 ssh2 ...	2020-05-04 07:05:06
183.88.243.82	attackbotsspam	2020-05-0322:36:191jVLLW-0007Ni-H0\<=info@whatsup2013.chH=\(localhost\)[220.164.2.67]:54914P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3141id=2abd0b585378525ac6c375d93ecae0fc77137f@whatsup2013.chT="Youknow\,Isacrificedhappiness"formarcus.a.moses@gmail.commsakoto07@gmail.com2020-05-0322:33:191jVLIc-0007B1-Ih\<=info@whatsup2013.chH=\(localhost\)[123.21.109.83]:38577P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3089id=2ad86e3d361d373fa3a610bc5baf8599eca092@whatsup2013.chT="You'rehandsome"forchhetriraju967@gmail.commtchll_mckenzie@icloud.com2020-05-0322:37:531jVLN1-0007T0-Ke\<=info@whatsup2013.chH=\(localhost\)[183.88.243.82]:32796P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2979id=a03e88dbd0fbd1d94540f65abd49637f991a31@whatsup2013.chT="Neednewfriend\?"forshimmyboy29@yahoo.comdamlogan69@gmail.com2020-05-0322:38:031jVLND-0007UW-5U\<=info@whatsup2013.chH=\(localhost\)[41.2	2020-05-04 06:50:08
122.152.195.84	attackspambots	May 3 20:49:28 124388 sshd[8452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.152.195.84 May 3 20:49:28 124388 sshd[8452]: Invalid user ramiro from 122.152.195.84 port 59772 May 3 20:49:30 124388 sshd[8452]: Failed password for invalid user ramiro from 122.152.195.84 port 59772 ssh2 May 3 20:51:54 124388 sshd[8467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.152.195.84 user=root May 3 20:51:57 124388 sshd[8467]: Failed password for root from 122.152.195.84 port 43466 ssh2	2020-05-04 06:40:09
111.229.46.2	attack	May 4 00:51:03 sso sshd[12121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.46.2 May 4 00:51:05 sso sshd[12121]: Failed password for invalid user webftp from 111.229.46.2 port 51424 ssh2 ...	2020-05-04 06:54:09
218.4.87.82	attackbots	Brute forcing RDP port 3389	2020-05-04 06:41:02
121.41.50.32	attackspambots	May 3 22:29:15 ns392434 sshd[15638]: Invalid user eleve from 121.41.50.32 port 7626 May 3 22:29:15 ns392434 sshd[15638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.41.50.32 May 3 22:29:15 ns392434 sshd[15638]: Invalid user eleve from 121.41.50.32 port 7626 May 3 22:29:17 ns392434 sshd[15638]: Failed password for invalid user eleve from 121.41.50.32 port 7626 ssh2 May 3 22:37:36 ns392434 sshd[15810]: Invalid user mqm from 121.41.50.32 port 57809 May 3 22:37:36 ns392434 sshd[15810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.41.50.32 May 3 22:37:36 ns392434 sshd[15810]: Invalid user mqm from 121.41.50.32 port 57809 May 3 22:37:39 ns392434 sshd[15810]: Failed password for invalid user mqm from 121.41.50.32 port 57809 ssh2 May 3 22:38:17 ns392434 sshd[15834]: Invalid user upload1 from 121.41.50.32 port 63595	2020-05-04 06:40:41
122.51.130.21	attack	(sshd) Failed SSH login from 122.51.130.21 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 3 23:28:49 s1 sshd[16961]: Invalid user ubuntu from 122.51.130.21 port 53016 May 3 23:28:51 s1 sshd[16961]: Failed password for invalid user ubuntu from 122.51.130.21 port 53016 ssh2 May 3 23:34:03 s1 sshd[17195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.130.21 user=root May 3 23:34:05 s1 sshd[17195]: Failed password for root from 122.51.130.21 port 60114 ssh2 May 3 23:37:46 s1 sshd[17350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.130.21 user=root	2020-05-04 07:03:16
122.51.77.128	attackspambots	May 3 22:33:24 mail sshd[11827]: Invalid user test from 122.51.77.128 May 3 22:33:24 mail sshd[11827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.77.128 May 3 22:33:24 mail sshd[11827]: Invalid user test from 122.51.77.128 May 3 22:33:26 mail sshd[11827]: Failed password for invalid user test from 122.51.77.128 port 56050 ssh2 May 3 22:42:52 mail sshd[13141]: Invalid user sofia from 122.51.77.128 ...	2020-05-04 06:54:55
49.88.112.112	attackbotsspam	May 3 18:42:49 plusreed sshd[19158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.112 user=root May 3 18:42:52 plusreed sshd[19158]: Failed password for root from 49.88.112.112 port 35633 ssh2 ...	2020-05-04 06:43:04
82.154.141.56	attackbots	Repeated attempts to deliver spam	2020-05-04 07:14:44

Recently Reported IPs

103.208.96.146	14.190.197.68	35.154.19.93	2600:1f14:b62:9e02:98cd:90b0:3077:68fa
172.24.94.101	42.117.176.164	201.145.221.138	201.141.84.138
128.199.111.176	162.158.155.96	187.17.166.155	202.28.78.25
116.104.92.142	178.184.119.86	35.231.123.62	177.154.72.67
148.251.237.147	91.189.82.74	5.62.39.239	191.53.252.243