192.3.70.104 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: ColoCrossing

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
192.3.70.108	attack	191128 9:16:07 \[Warning\] Access denied for user 'mysqldump'@'192.3.70.108' \(using password: YES\) 191128 9:16:08 \[Warning\] Access denied for user 'mysqldump'@'192.3.70.108' \(using password: YES\) 191128 9:16:09 \[Warning\] Access denied for user 'mysqldump'@'192.3.70.108' \(using password: YES\) 191128 9:16:10 \[Warning\] Access denied for user 'mysqldump'@'192.3.70.108' \(using password: YES\) ...	2019-11-29 05:20:02
192.3.70.16	attack	RCE Exploits of Redis Based on Master-Slave Replication to install Xmrig Trojan Miner,	2019-11-16 05:09:32
192.3.70.16	attack	RCE Exploits of Redis Based on Master-Slave Replication to install Xmrig Trojan Miner,	2019-11-16 05:09:32
192.3.70.113	attackbotsspam	CloudCIX Reconnaissance Scan Detected, PTR: 192-3-70-113-host.colocrossing.com.	2019-11-06 18:35:19
192.3.70.122	attackspam	port scan/probe/communication attempt	2019-10-21 03:05:58
192.3.70.136	attackbots	CloudCIX Reconnaissance Scan Detected, PTR: 192-3-70-136-host.colocrossing.com.	2019-10-19 16:54:50
192.3.70.127	attack	Received: from mail0.1200forever.shop (unknown [192.3.70.127])	2019-10-04 20:19:24
192.3.70.16	attackspam	port scan/probe/communication attempt	2019-09-09 08:37:05
192.3.70.143	attackspam	port scan/probe/communication attempt	2019-09-09 08:23:45
192.3.70.16	attack	firewall-block, port(s): 10000/tcp	2019-08-28 04:49:47
192.3.70.147	attack	Caught in portsentry honeypot	2019-08-07 07:24:19

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.3.70.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9769
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.3.70.104.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 25 08:39:20 CST 2019
;; MSG SIZE  rcvd: 116

Host info

104.70.3.192.in-addr.arpa domain name pointer 192-3-70-104-host.colocrossing.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
104.70.3.192.in-addr.arpa	name = 192-3-70-104-host.colocrossing.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
213.195.222.126	attackbotsspam	(CZ/Czechia/-) SMTP Bruteforcing attempts	2020-06-05 16:48:02
87.246.7.116	attack	Jun 5 17:06:51 web1 postfix/smtpd[22627]: warning: unknown[87.246.7.116]: SASL LOGIN authentication failed: authentication failure Jun 5 17:07:00 web1 postfix/smtpd[22627]: warning: unknown[87.246.7.116]: SASL LOGIN authentication failed: authentication failure Jun 5 17:07:08 web1 postfix/smtpd[22627]: warning: unknown[87.246.7.116]: SASL LOGIN authentication failed: authentication failure Jun 5 17:07:16 web1 postfix/smtpd[22627]: warning: unknown[87.246.7.116]: SASL LOGIN authentication failed: authentication failure Jun 5 17:07:23 web1 postfix/smtpd[22627]: warning: unknown[87.246.7.116]: SASL LOGIN authentication failed: authentication failure ...	2020-06-05 16:51:09
101.78.229.4	attackspambots	Automatic report BANNED IP	2020-06-05 17:08:56
186.146.1.122	attackspambots	SSH Honeypot -> SSH Bruteforce / Login	2020-06-05 17:21:27
93.174.95.106	attackbots	1591345508 - 06/05/2020 10:25:08 Host: 93.174.95.106/93.174.95.106 Port: 69 UDP Blocked ...	2020-06-05 17:04:17
114.34.46.16	attackbotsspam	port scan and connect, tcp 23 (telnet)	2020-06-05 16:54:41
45.55.72.69	attackspam	Brute-force attempt banned	2020-06-05 17:20:57
198.108.67.29	attackspam	Jun 5 09:59:51 debian-2gb-nbg1-2 kernel: \[13602745.708848\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=198.108.67.29 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=34 ID=17445 PROTO=TCP SPT=28506 DPT=1521 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-05 17:10:24
222.186.173.226	attackspam	Jun 5 08:42:33 localhost sshd[79423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root Jun 5 08:42:34 localhost sshd[79423]: Failed password for root from 222.186.173.226 port 25576 ssh2 Jun 5 08:42:39 localhost sshd[79423]: Failed password for root from 222.186.173.226 port 25576 ssh2 Jun 5 08:42:33 localhost sshd[79423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root Jun 5 08:42:34 localhost sshd[79423]: Failed password for root from 222.186.173.226 port 25576 ssh2 Jun 5 08:42:39 localhost sshd[79423]: Failed password for root from 222.186.173.226 port 25576 ssh2 Jun 5 08:42:33 localhost sshd[79423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root Jun 5 08:42:34 localhost sshd[79423]: Failed password for root from 222.186.173.226 port 25576 ssh2 Jun 5 08:42:39 localhost sshd[79 ...	2020-06-05 16:47:31
212.244.23.8	attackbotsspam	Brute force attempt	2020-06-05 16:53:15
59.120.227.134	attack	Brute-force attempt banned	2020-06-05 16:46:26
129.211.75.184	attackspambots	DATE:2020-06-05 07:28:09, IP:129.211.75.184, PORT:ssh SSH brute force auth (docker-dc)	2020-06-05 17:17:00
188.166.147.211	attackbotsspam	Jun 5 08:05:10 mail sshd[27032]: Failed password for root from 188.166.147.211 port 44342 ssh2 ...	2020-06-05 17:05:17
203.195.167.74	attack	Jun 5 06:52:50 debian kernel: [231732.691179] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=203.195.167.74 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=236 ID=41984 PROTO=TCP SPT=49050 DPT=2375 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-05 16:55:48
203.89.25.42	attackbots	(ID/Indonesia/-) SMTP Bruteforcing attempts	2020-06-05 17:11:01

Recently Reported IPs

123.27.3.25	179.33.189.150	115.75.177.169	58.186.100.77
202.163.107.253	31.58.200.124	176.204.54.3	248.87.255.12
210.99.198.13	79.101.199.182	229.189.91.125	189.84.194.94
125.160.113.172	206.132.109.91	166.153.73.27	79.142.115.198
37.133.220.87	42.242.208.204	186.61.195.95	186.179.106.36