104.140.18.111

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: ServerHub

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user admin from 104.140.18.111 port 50061	2020-02-16 09:43:31
attackspambots	Invalid user admin from 104.140.18.111 port 50061	2020-02-16 05:59:09

Comments on same subnet:

IP	Type	Details	Datetime
104.140.188.22	attack	TCP (SYN) 104.140.188.22:51771 -> port 23, len 44	2020-10-06 04:32:23
104.140.188.22	attackbots	TCP port : 5900	2020-10-05 20:34:28
104.140.188.22	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-05 12:24:11
104.140.188.10	attackbotsspam	23/tcp 5432/tcp 5060/tcp... [2020-07-29/09-27]47pkt,8pt.(tcp),1pt.(udp)	2020-09-29 00:18:52
104.140.188.10	attackspam	23/tcp 5432/tcp 5060/tcp... [2020-07-29/09-27]47pkt,8pt.(tcp),1pt.(udp)	2020-09-28 16:21:09
104.140.188.6	attackbots	Tried our host z.	2020-09-28 05:03:38
104.140.188.6	attackbotsspam	1433/tcp 3306/tcp 3389/tcp... [2020-07-27/09-26]32pkt,8pt.(tcp),1pt.(udp)	2020-09-27 21:21:47
104.140.188.6	attack	1433/tcp 3306/tcp 3389/tcp... [2020-07-27/09-26]32pkt,8pt.(tcp),1pt.(udp)	2020-09-27 13:03:33
104.140.188.26	attackbots	Port scan denied	2020-09-24 20:16:38
104.140.188.26	attackbots	TCP (SYN) 104.140.188.26:58205 -> port 3389, len 44	2020-09-24 12:16:53
104.140.188.26	attackspambots	Automatic report - Banned IP Access	2020-09-24 03:45:53
104.140.188.2	attackspambots	Honeypot hit.	2020-09-24 01:45:39
104.140.188.2	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-09-23 17:51:36
104.140.188.58	attackbots	TCP (SYN) 104.140.188.58:50906 -> port 21, len 44	2020-09-23 02:43:03
104.140.188.58	attackspambots	TCP (SYN) 104.140.188.58:61154 -> port 1433, len 44	2020-09-22 18:48:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.140.18.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32264
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.140.18.111.			IN	A

;; AUTHORITY SECTION:
.			539	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021501 1800 900 604800 86400

;; Query time: 133 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 16 05:59:04 CST 2020
;; MSG SIZE  rcvd: 118

Host info

111.18.140.104.in-addr.arpa domain name pointer first.checkingmails.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
111.18.140.104.in-addr.arpa	name = first.checkingmails.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.237.50.34	attackbots	Invalid user tq from 212.237.50.34 port 54012	2019-10-24 06:39:08
51.79.129.236	attackspambots	SSH-BruteForce	2019-10-24 06:56:14
216.57.226.2	attackspam	Automatic report - XMLRPC Attack	2019-10-24 06:37:42
157.230.248.74	attackspambots	WordPress wp-login brute force :: 157.230.248.74 0.120 BYPASS [24/Oct/2019:09:34:05 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-24 06:57:34
110.77.187.96	attackspam	Oct 23 20:13:26 *** sshd[13259]: Invalid user admin from 110.77.187.96	2019-10-24 07:07:44
222.186.173.215	attackspam	Oct 23 19:47:26 firewall sshd[5531]: Failed password for root from 222.186.173.215 port 55248 ssh2 Oct 23 19:47:26 firewall sshd[5531]: error: maximum authentication attempts exceeded for root from 222.186.173.215 port 55248 ssh2 [preauth] Oct 23 19:47:26 firewall sshd[5531]: Disconnecting: Too many authentication failures [preauth] ...	2019-10-24 06:55:47
115.124.124.19	attackspambots	Invalid user applmgr from 115.124.124.19 port 48011	2019-10-24 06:39:38
82.80.179.148	attackbots	port scan and connect, tcp 23 (telnet)	2019-10-24 06:41:55
106.12.36.176	attackspam	Invalid user usuario from 106.12.36.176 port 39614	2019-10-24 06:31:15
37.32.125.58	attackbotsspam	37.32.125.58 has been banned for [spam] ...	2019-10-24 06:35:34
182.140.140.2	attackbots	Oct 23 23:53:06 microserver sshd[17132]: Invalid user ol from 182.140.140.2 port 51762 Oct 23 23:53:06 microserver sshd[17132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.140.140.2 Oct 23 23:53:08 microserver sshd[17132]: Failed password for invalid user ol from 182.140.140.2 port 51762 ssh2 Oct 23 23:58:20 microserver sshd[17803]: Invalid user admin from 182.140.140.2 port 59748 Oct 23 23:58:20 microserver sshd[17803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.140.140.2 Oct 24 00:08:42 microserver sshd[20246]: Invalid user storage from 182.140.140.2 port 47486 Oct 24 00:08:42 microserver sshd[20246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.140.140.2 Oct 24 00:08:44 microserver sshd[20246]: Failed password for invalid user storage from 182.140.140.2 port 47486 ssh2 Oct 24 00:13:49 microserver sshd[20956]: Invalid user un from 182.140.140.2 port 55464 Oct 24 00:	2019-10-24 06:56:34
191.232.196.4	attack	Oct 22 12:49:39 django sshd[120142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.232.196.4 user=r.r Oct 22 12:49:41 django sshd[120142]: Failed password for r.r from 191.232.196.4 port 50778 ssh2 Oct 22 12:49:41 django sshd[120143]: Received disconnect from 191.232.196.4: 11: Bye Bye Oct 22 13:15:20 django sshd[122255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.232.196.4 user=r.r Oct 22 13:15:22 django sshd[122255]: Failed password for r.r from 191.232.196.4 port 21839 ssh2 Oct 22 13:15:22 django sshd[122256]: Received disconnect from 191.232.196.4: 11: Bye Bye Oct 22 13:19:50 django sshd[122551]: Invalid user wuxian666 from 191.232.196.4 Oct 22 13:19:50 django sshd[122551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.232.196.4 Oct 22 13:19:51 django sshd[122551]: Failed password for invalid user wuxian666 from 191.232.196......... -------------------------------	2019-10-24 06:30:00
51.77.220.183	attackbotsspam	Oct 24 00:21:18 tuxlinux sshd[19148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.220.183 user=root Oct 24 00:21:20 tuxlinux sshd[19148]: Failed password for root from 51.77.220.183 port 34638 ssh2 Oct 24 00:21:18 tuxlinux sshd[19148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.220.183 user=root Oct 24 00:21:20 tuxlinux sshd[19148]: Failed password for root from 51.77.220.183 port 34638 ssh2 Oct 24 00:29:11 tuxlinux sshd[19255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.220.183 user=root ...	2019-10-24 06:54:56
122.192.68.239	attackspam	Invalid user modernerp from 122.192.68.239 port 59088	2019-10-24 06:37:15
139.162.72.191	attackspambots	Fail2Ban Ban Triggered	2019-10-24 07:08:28

Recently Reported IPs

116.39.190.166	72.82.9.188	2.75.34.101	60.202.166.23
78.178.113.85	27.201.150.178	129.13.73.255	49.146.47.37
212.51.162.114	115.121.175.148	183.100.55.242	177.193.144.147
176.20.23.151	93.224.77.173	105.40.2.40	118.37.171.81
206.167.3.90	97.183.105.237	126.38.12.84	173.85.114.95