192.3.70.104 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: ColoCrossing

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
192.3.70.108	attack	191128 9:16:07 \[Warning\] Access denied for user 'mysqldump'@'192.3.70.108' \(using password: YES\) 191128 9:16:08 \[Warning\] Access denied for user 'mysqldump'@'192.3.70.108' \(using password: YES\) 191128 9:16:09 \[Warning\] Access denied for user 'mysqldump'@'192.3.70.108' \(using password: YES\) 191128 9:16:10 \[Warning\] Access denied for user 'mysqldump'@'192.3.70.108' \(using password: YES\) ...	2019-11-29 05:20:02
192.3.70.16	attack	RCE Exploits of Redis Based on Master-Slave Replication to install Xmrig Trojan Miner,	2019-11-16 05:09:32
192.3.70.16	attack	RCE Exploits of Redis Based on Master-Slave Replication to install Xmrig Trojan Miner,	2019-11-16 05:09:32
192.3.70.113	attackbotsspam	CloudCIX Reconnaissance Scan Detected, PTR: 192-3-70-113-host.colocrossing.com.	2019-11-06 18:35:19
192.3.70.122	attackspam	port scan/probe/communication attempt	2019-10-21 03:05:58
192.3.70.136	attackbots	CloudCIX Reconnaissance Scan Detected, PTR: 192-3-70-136-host.colocrossing.com.	2019-10-19 16:54:50
192.3.70.127	attack	Received: from mail0.1200forever.shop (unknown [192.3.70.127])	2019-10-04 20:19:24
192.3.70.16	attackspam	port scan/probe/communication attempt	2019-09-09 08:37:05
192.3.70.143	attackspam	port scan/probe/communication attempt	2019-09-09 08:23:45
192.3.70.16	attack	firewall-block, port(s): 10000/tcp	2019-08-28 04:49:47
192.3.70.147	attack	Caught in portsentry honeypot	2019-08-07 07:24:19

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.3.70.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9769
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.3.70.104.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 25 08:39:20 CST 2019
;; MSG SIZE  rcvd: 116

Host info

104.70.3.192.in-addr.arpa domain name pointer 192-3-70-104-host.colocrossing.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
104.70.3.192.in-addr.arpa	name = 192-3-70-104-host.colocrossing.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.69.53.155	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 13:08:06
188.128.43.28	attackbots	Feb 18 05:58:03 tuxlinux sshd[24136]: Invalid user prueba from 188.128.43.28 port 42030 Feb 18 05:58:03 tuxlinux sshd[24136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.128.43.28 Feb 18 05:58:03 tuxlinux sshd[24136]: Invalid user prueba from 188.128.43.28 port 42030 Feb 18 05:58:03 tuxlinux sshd[24136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.128.43.28 Feb 18 05:58:03 tuxlinux sshd[24136]: Invalid user prueba from 188.128.43.28 port 42030 Feb 18 05:58:03 tuxlinux sshd[24136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.128.43.28 Feb 18 05:58:05 tuxlinux sshd[24136]: Failed password for invalid user prueba from 188.128.43.28 port 42030 ssh2 ...	2020-02-18 13:29:50
184.105.247.243	attack	" "	2020-02-18 13:14:03
221.160.100.14	attack	Feb 18 04:57:58 l02a sshd[16641]: Invalid user oracle from 221.160.100.14 Feb 18 04:57:58 l02a sshd[16641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14 Feb 18 04:57:58 l02a sshd[16641]: Invalid user oracle from 221.160.100.14 Feb 18 04:57:59 l02a sshd[16641]: Failed password for invalid user oracle from 221.160.100.14 port 55662 ssh2	2020-02-18 13:35:56
129.226.161.114	attackbots	Feb 18 06:04:50 MK-Soft-VM8 sshd[1410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.161.114 Feb 18 06:04:51 MK-Soft-VM8 sshd[1410]: Failed password for invalid user test1 from 129.226.161.114 port 57578 ssh2 ...	2020-02-18 13:23:54
165.225.106.202	attackbots	1582001888 - 02/18/2020 05:58:08 Host: 165.225.106.202/165.225.106.202 Port: 445 TCP Blocked	2020-02-18 13:28:11
49.69.40.158	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 13:27:36
222.186.30.57	attackbots	2020-02-18T06:24:51.109510scmdmz1 sshd[24364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.57 user=root 2020-02-18T06:24:53.189198scmdmz1 sshd[24364]: Failed password for root from 222.186.30.57 port 18184 ssh2 2020-02-18T06:24:56.336433scmdmz1 sshd[24364]: Failed password for root from 222.186.30.57 port 18184 ssh2 2020-02-18T06:24:51.109510scmdmz1 sshd[24364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.57 user=root 2020-02-18T06:24:53.189198scmdmz1 sshd[24364]: Failed password for root from 222.186.30.57 port 18184 ssh2 2020-02-18T06:24:56.336433scmdmz1 sshd[24364]: Failed password for root from 222.186.30.57 port 18184 ssh2 2020-02-18T06:24:51.109510scmdmz1 sshd[24364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.57 user=root 2020-02-18T06:24:53.189198scmdmz1 sshd[24364]: Failed password for root from 222.186.30.57 port 18184 ssh2 2020-02-1	2020-02-18 13:34:39
180.126.237.135	attackspambots	Unauthorised access (Feb 18) SRC=180.126.237.135 LEN=40 TTL=53 ID=60121 TCP DPT=8080 WINDOW=36713 SYN Unauthorised access (Feb 18) SRC=180.126.237.135 LEN=40 TTL=53 ID=25990 TCP DPT=8080 WINDOW=36713 SYN Unauthorised access (Feb 17) SRC=180.126.237.135 LEN=40 TTL=53 ID=25654 TCP DPT=8080 WINDOW=36713 SYN Unauthorised access (Feb 17) SRC=180.126.237.135 LEN=40 TTL=53 ID=45323 TCP DPT=8080 WINDOW=36713 SYN Unauthorised access (Feb 16) SRC=180.126.237.135 LEN=40 TTL=53 ID=22603 TCP DPT=8080 WINDOW=36713 SYN	2020-02-18 13:21:08
187.19.12.3	attackbots	Automatic report - Port Scan Attack	2020-02-18 13:27:51
118.166.114.175	attackspambots	1582001909 - 02/18/2020 05:58:29 Host: 118.166.114.175/118.166.114.175 Port: 445 TCP Blocked	2020-02-18 13:11:28
222.186.42.136	attackbotsspam	Feb 18 10:42:24 areeb-Workstation sshd[2061]: Failed password for root from 222.186.42.136 port 45462 ssh2 Feb 18 10:42:29 areeb-Workstation sshd[2061]: Failed password for root from 222.186.42.136 port 45462 ssh2 ...	2020-02-18 13:21:46
222.186.180.142	attackspam	Feb 18 06:16:29 MK-Soft-VM6 sshd[31732]: Failed password for root from 222.186.180.142 port 48842 ssh2 Feb 18 06:16:33 MK-Soft-VM6 sshd[31732]: Failed password for root from 222.186.180.142 port 48842 ssh2 ...	2020-02-18 13:17:12
37.203.0.66	attackspam	fell into ViewStateTrap:madrid	2020-02-18 13:38:12
107.189.11.193	attackspambots	Automatically reported by fail2ban report script (powermetal_old)	2020-02-18 13:26:51

Recently Reported IPs

123.27.3.25	179.33.189.150	115.75.177.169	58.186.100.77
202.163.107.253	31.58.200.124	176.204.54.3	248.87.255.12
210.99.198.13	79.101.199.182	229.189.91.125	189.84.194.94
125.160.113.172	206.132.109.91	166.153.73.27	79.142.115.198
37.133.220.87	42.242.208.204	186.61.195.95	186.179.106.36