81.70.21.113 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	(sshd) Failed SSH login from 81.70.21.113 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 22:27:23 server sshd[24400]: Invalid user rob from 81.70.21.113 Oct 8 22:27:23 server sshd[24400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.21.113 Oct 8 22:27:25 server sshd[24400]: Failed password for invalid user rob from 81.70.21.113 port 41866 ssh2 Oct 8 22:39:59 server sshd[26469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.21.113 user=root Oct 8 22:40:01 server sshd[26469]: Failed password for root from 81.70.21.113 port 39022 ssh2	2020-10-09 05:52:12
attack	Oct 8 11:44:44 db sshd[20064]: User root from 81.70.21.113 not allowed because none of user's groups are listed in AllowGroups ...	2020-10-08 22:09:00
attackspam	Oct 8 04:09:35 marvibiene sshd[21743]: Failed password for root from 81.70.21.113 port 51680 ssh2 Oct 8 04:15:17 marvibiene sshd[22096]: Failed password for root from 81.70.21.113 port 57520 ssh2	2020-10-08 14:03:16
attackspambots	Aug 28 14:23:08 home sshd[2040220]: Invalid user ubuntu from 81.70.21.113 port 57788 Aug 28 14:23:08 home sshd[2040220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.21.113 Aug 28 14:23:08 home sshd[2040220]: Invalid user ubuntu from 81.70.21.113 port 57788 Aug 28 14:23:10 home sshd[2040220]: Failed password for invalid user ubuntu from 81.70.21.113 port 57788 ssh2 Aug 28 14:25:21 home sshd[2040972]: Invalid user chn from 81.70.21.113 port 53578 ...	2020-08-28 20:29:39
attackspambots	$f2bV_matches	2020-08-23 15:08:55
attack	Aug 21 03:56:31 *** sshd[3470]: User root from 81.70.21.113 not allowed because not listed in AllowUsers	2020-08-21 14:59:11
attackbotsspam	Aug 10 11:11:40 host sshd[7567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.21.113 user=r.r Aug 10 11:11:42 host sshd[7567]: Failed password for r.r from 81.70.21.113 port 40580 ssh2 Aug 10 11:11:43 host sshd[7567]: Received disconnect from 81.70.21.113: 11: Bye Bye [preauth] Aug 10 11:35:20 host sshd[21255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.21.113 user=r.r Aug 10 11:35:22 host sshd[21255]: Failed password for r.r from 81.70.21.113 port 39350 ssh2 Aug 10 11:35:23 host sshd[21255]: Received disconnect from 81.70.21.113: 11: Bye Bye [preauth] Aug 10 11:38:19 host sshd[30781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.21.113 user=r.r Aug 10 11:38:21 host sshd[30781]: Failed password for r.r from 81.70.21.113 port 52302 ssh2 Aug 10 11:38:22 host sshd[30781]: Received disconnect from 81.70.21.113: 11: Bye Bye [........ -------------------------------	2020-08-15 21:00:16
attackbotsspam	Aug 5 22:44:51 pl3server sshd[23951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.21.113 user=r.r Aug 5 22:44:53 pl3server sshd[23951]: Failed password for r.r from 81.70.21.113 port 42222 ssh2 Aug 5 22:44:53 pl3server sshd[23951]: Received disconnect from 81.70.21.113 port 42222:11: Bye Bye [preauth] Aug 5 22:44:53 pl3server sshd[23951]: Disconnected from 81.70.21.113 port 42222 [preauth] Aug 5 22:57:51 pl3server sshd[1619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.21.113 user=r.r Aug 5 22:57:52 pl3server sshd[1619]: Failed password for r.r from 81.70.21.113 port 34890 ssh2 Aug 5 22:57:52 pl3server sshd[1619]: Received disconnect from 81.70.21.113 port 34890:11: Bye Bye [preauth] Aug 5 22:57:52 pl3server sshd[1619]: Disconnected from 81.70.21.113 port 34890 [preauth] Aug 5 23:04:13 pl3server sshd[6328]: pam_unix(sshd:auth): authentication failure; logname= ........ -------------------------------	2020-08-08 01:21:11

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.70.21.113
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25591
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.70.21.113.			IN	A

;; AUTHORITY SECTION:
.			246	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080700 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 08 01:21:06 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 113.21.70.81.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 113.21.70.81.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
73.222.121.141	attackbotsspam	SSH brute force	2020-01-19 13:02:13
43.225.117.222	attack	Jan 19 05:55:59 vps691689 sshd[25264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.225.117.222 Jan 19 05:56:01 vps691689 sshd[25264]: Failed password for invalid user amano from 43.225.117.222 port 45524 ssh2 ...	2020-01-19 13:08:28
182.61.182.50	attackspam	Unauthorized connection attempt detected from IP address 182.61.182.50 to port 2220 [J]	2020-01-19 09:05:47
212.36.40.221	attackspam	20/1/18@23:58:36: FAIL: Alarm-Network address from=212.36.40.221 ...	2020-01-19 13:14:55
122.228.19.80	attack	unauthorized connection attempt	2020-01-19 13:08:04
81.133.248.217	attackspam	RDP Bruteforce	2020-01-19 13:03:42
185.176.27.250	attackspam	01/19/2020-00:16:35.832573 185.176.27.250 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-01-19 13:23:05
185.234.219.105	attackbotsspam	Jan 19 04:58:52 l02a postfix/smtpd[30094]: lost connection after AUTH from unknown[185.234.219.105] Jan 19 04:58:52 l02a postfix/smtpd[30094]: lost connection after AUTH from unknown[185.234.219.105] Jan 19 04:58:52 l02a postfix/smtpd[30094]: lost connection after AUTH from unknown[185.234.219.105] Jan 19 04:58:52 l02a postfix/smtpd[30094]: lost connection after AUTH from unknown[185.234.219.105] Jan 19 04:58:52 l02a postfix/smtpd[30094]: lost connection after AUTH from unknown[185.234.219.105] Jan 19 04:58:53 l02a postfix/smtpd[30094]: lost connection after AUTH from unknown[185.234.219.105] Jan 19 04:58:53 l02a postfix/smtpd[30094]: lost connection after AUTH from unknown[185.234.219.105] Jan 19 04:58:53 l02a postfix/smtpd[30094]: lost connection after AUTH from unknown[185.234.219.105] Jan 19 04:58:53 l02a postfix/smtpd[30094]: lost connection after AUTH from unknown[185.234.219.105] Jan 19 04:58:53 l02a postfix/smtpd[30094]: lost connection after AUTH from unknown[185.234.219.105]	2020-01-19 13:06:07
197.185.137.28	attackspam	Automatic report - Port Scan Attack	2020-01-19 13:26:57
41.138.220.67	attackbots	Unauthorized connection attempt detected from IP address 41.138.220.67 to port 2220 [J]	2020-01-19 13:20:16
158.101.0.176	attackbots	ssh intrusion attempt	2020-01-19 13:18:51
78.134.99.105	attackbotsspam	Jan 18 23:50:13 ny01 sshd[16160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.134.99.105 Jan 18 23:50:15 ny01 sshd[16160]: Failed password for invalid user test from 78.134.99.105 port 51084 ssh2 Jan 18 23:58:35 ny01 sshd[17569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.134.99.105	2020-01-19 13:15:24
106.54.121.117	attackbots	Jan 19 01:51:15 firewall sshd[18867]: Invalid user teamspeak3 from 106.54.121.117 Jan 19 01:51:17 firewall sshd[18867]: Failed password for invalid user teamspeak3 from 106.54.121.117 port 44066 ssh2 Jan 19 01:58:28 firewall sshd[19060]: Invalid user ed from 106.54.121.117 ...	2020-01-19 13:17:17
54.68.97.15	attack	01/19/2020-05:58:47.187524 54.68.97.15 Protocol: 6 SURICATA TLS invalid record/traffic	2020-01-19 13:11:14
189.142.72.81	attackspambots	Unauthorized connection attempt detected from IP address 189.142.72.81 to port 23 [J]	2020-01-19 09:04:42

Recently Reported IPs

188.159.101.248	207.188.84.69	103.61.255.39	177.184.219.114
163.239.77.25	36.90.154.11	212.156.72.34	14.207.146.233
121.81.237.34	114.5.192.201	171.224.26.137	2.89.120.62
36.112.116.56	134.209.158.21	166.64.213.190	51.103.141.17
113.235.122.185	157.131.251.241	49.205.252.200	37.229.255.192