104.18.1.149 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.18.12.94	spambotsattackproxynormal	Ip	2022-05-11 11:40:42
104.18.116.17	attack	14red.com casino spam - casino with very bad reputation Received: from HE1EUR01HT170.eop-EUR01.prod.protection.outlook.com (2603:10a6:802:1::35) by VI1PR0501MB2301.eurprd05.prod.outlook.com with HTTPS via VI1PR0902CA0046.EURPRD09.PROD.OUTLOOK.COM; Wed, 31 Jul 2019 16:52:30 +0000 Received: from HE1EUR01FT007.eop-EUR01.prod.protection.outlook.com (10.152.0.51) by HE1EUR01HT170.eop-EUR01.prod.protection.outlook.com (10.152.1.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2136.14; Wed, 31 Jul 2019 16:52:30 +0000 Authentication-Results: spf=none (sender IP is 169.159.171.139) smtp.mailfrom=luxido.cz; hotmail.co.uk; dkim=none (message not signed) header.d=none;hotmail.co.uk; dmarc=none action=none header.from=luxido.cz; Received-SPF: None (protection.outlook.com: luxido.cz does not designate permitted sender hosts) Received: from static-public-169.159.171.igen.co.za (169.159.171.139)	2019-08-01 05:33:34

Type

Details

Datetime

104.18.12.94

spambotsattackproxynormal

Ip

2022-05-11 11:40:42

104.18.116.17

attack

14red.com casino spam - casino with very bad reputation
Received: from HE1EUR01HT170.eop-EUR01.prod.protection.outlook.com (2603:10a6:802:1::35) by VI1PR0501MB2301.eurprd05.prod.outlook.com with HTTPS via VI1PR0902CA0046.EURPRD09.PROD.OUTLOOK.COM; Wed, 31 Jul 2019 16:52:30 +0000 Received: from HE1EUR01FT007.eop-EUR01.prod.protection.outlook.com (10.152.0.51) by HE1EUR01HT170.eop-EUR01.prod.protection.outlook.com (10.152.1.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2136.14; Wed, 31 Jul 2019 16:52:30 +0000 Authentication-Results: spf=none (sender IP is 169.159.171.139) smtp.mailfrom=luxido.cz; hotmail.co.uk; dkim=none (message not signed) header.d=none;hotmail.co.uk; dmarc=none action=none header.from=luxido.cz; Received-SPF: None (protection.outlook.com: luxido.cz does not designate permitted sender hosts) Received: from static-public-169.159.171.igen.co.za (169.159.171.139)

2019-08-01 05:33:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.1.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58219
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.1.149.			IN	A

;; AUTHORITY SECTION:
.			493	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022001 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 21 12:41:48 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 149.1.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.1.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.83.81.65	attack	103.83.81.65 - - [19/Sep/2019:06:57:39 -0400] "GET /cart/checkout.cfm?page=contact999999.1%20union%20select%20unhex(hex(version()))%20--%20and%201%3D1 HTTP/1.1" 200 58168 "-" "-" ...	2019-09-19 19:44:55
117.139.166.203	attackspam	Sep 19 17:11:50 areeb-Workstation sshd[3123]: Failed password for root from 117.139.166.203 port 27526 ssh2 Sep 19 17:18:15 areeb-Workstation sshd[6358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 ...	2019-09-19 19:56:38
14.186.208.88	attack	2019-09-19T11:56:26.834238+01:00 suse sshd[19882]: User root from 14.186.208.88 not allowed because not listed in AllowUsers 2019-09-19T11:56:30.448878+01:00 suse sshd[19882]: error: PAM: Authentication failure for illegal user root from 14.186.208.88 2019-09-19T11:56:26.834238+01:00 suse sshd[19882]: User root from 14.186.208.88 not allowed because not listed in AllowUsers 2019-09-19T11:56:30.448878+01:00 suse sshd[19882]: error: PAM: Authentication failure for illegal user root from 14.186.208.88 2019-09-19T11:56:26.834238+01:00 suse sshd[19882]: User root from 14.186.208.88 not allowed because not listed in AllowUsers 2019-09-19T11:56:30.448878+01:00 suse sshd[19882]: error: PAM: Authentication failure for illegal user root from 14.186.208.88 2019-09-19T11:56:30.450299+01:00 suse sshd[19882]: Failed keyboard-interactive/pam for invalid user root from 14.186.208.88 port 46276 ssh2 ...	2019-09-19 20:11:09
37.59.6.106	attack	Sep 19 10:50:25 ip-172-31-62-245 sshd\[2974\]: Invalid user eugen from 37.59.6.106\ Sep 19 10:50:27 ip-172-31-62-245 sshd\[2974\]: Failed password for invalid user eugen from 37.59.6.106 port 48450 ssh2\ Sep 19 10:54:26 ip-172-31-62-245 sshd\[2992\]: Invalid user tomcat from 37.59.6.106\ Sep 19 10:54:28 ip-172-31-62-245 sshd\[2992\]: Failed password for invalid user tomcat from 37.59.6.106 port 37392 ssh2\ Sep 19 10:58:27 ip-172-31-62-245 sshd\[3013\]: Invalid user bb from 37.59.6.106\	2019-09-19 19:28:30
103.121.117.181	attackspambots	Sep 19 01:45:18 hanapaa sshd\[15967\]: Invalid user student from 103.121.117.181 Sep 19 01:45:18 hanapaa sshd\[15967\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.121.117.181 Sep 19 01:45:19 hanapaa sshd\[15967\]: Failed password for invalid user student from 103.121.117.181 port 51593 ssh2 Sep 19 01:50:56 hanapaa sshd\[16434\]: Invalid user ubuntu from 103.121.117.181 Sep 19 01:50:56 hanapaa sshd\[16434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.121.117.181	2019-09-19 19:58:34
104.236.52.94	attack	Sep 19 01:19:38 kapalua sshd\[31065\]: Invalid user ubuntu from 104.236.52.94 Sep 19 01:19:38 kapalua sshd\[31065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.52.94 Sep 19 01:19:40 kapalua sshd\[31065\]: Failed password for invalid user ubuntu from 104.236.52.94 port 53746 ssh2 Sep 19 01:24:58 kapalua sshd\[31565\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.52.94 user=proxy Sep 19 01:25:00 kapalua sshd\[31565\]: Failed password for proxy from 104.236.52.94 port 42240 ssh2	2019-09-19 19:39:43
192.3.209.173	attack	Sep 19 01:09:08 web9 sshd\[22788\]: Invalid user antonio from 192.3.209.173 Sep 19 01:09:08 web9 sshd\[22788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.3.209.173 Sep 19 01:09:11 web9 sshd\[22788\]: Failed password for invalid user antonio from 192.3.209.173 port 48158 ssh2 Sep 19 01:13:01 web9 sshd\[23452\]: Invalid user beng from 192.3.209.173 Sep 19 01:13:01 web9 sshd\[23452\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.3.209.173	2019-09-19 19:33:35
5.137.50.226	attackbotsspam	Unauthorized connection attempt from IP address 5.137.50.226 on Port 445(SMB)	2019-09-19 19:35:49
196.20.229.180	attack	Invalid user adminagora from 196.20.229.180 port 35508	2019-09-19 20:04:02
186.159.1.58	attack	2019-09-19 05:57:15 H=(adsl-186-159-1-58.edatel.net.co) [186.159.1.58]:42462 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.11, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-09-19 05:57:16 H=(adsl-186-159-1-58.edatel.net.co) [186.159.1.58]:42462 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.11, 127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-09-19 05:57:16 H=(adsl-186-159-1-58.edatel.net.co) [186.159.1.58]:42462 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.11, 127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2019-09-19 20:07:01
98.4.160.39	attackbots	Sep 19 14:53:38 microserver sshd[14817]: Invalid user lucas from 98.4.160.39 port 44974 Sep 19 14:53:38 microserver sshd[14817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.4.160.39 Sep 19 14:53:40 microserver sshd[14817]: Failed password for invalid user lucas from 98.4.160.39 port 44974 ssh2 Sep 19 14:57:18 microserver sshd[15400]: Invalid user debian from 98.4.160.39 port 57422 Sep 19 14:57:18 microserver sshd[15400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.4.160.39 Sep 19 15:08:19 microserver sshd[16812]: Invalid user admin from 98.4.160.39 port 38360 Sep 19 15:08:19 microserver sshd[16812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.4.160.39 Sep 19 15:08:21 microserver sshd[16812]: Failed password for invalid user admin from 98.4.160.39 port 38360 ssh2 Sep 19 15:12:14 microserver sshd[17421]: Invalid user NetLinx from 98.4.160.39 port 50812 Sep 19 15:12:14 micr	2019-09-19 20:02:44
106.12.202.181	attack	Sep 19 13:49:16 root sshd[24453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.181 Sep 19 13:49:18 root sshd[24453]: Failed password for invalid user hs from 106.12.202.181 port 47958 ssh2 Sep 19 14:09:16 root sshd[24753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.181 ...	2019-09-19 20:10:34
211.159.152.252	attack	Invalid user ky from 211.159.152.252 port 64236	2019-09-19 20:15:01
91.121.164.165	attackbotsspam	[portscan] Port scan	2019-09-19 19:58:57
138.68.27.177	attackbotsspam	Sep 19 07:51:02 vps200512 sshd\[23065\]: Invalid user mwang2 from 138.68.27.177 Sep 19 07:51:02 vps200512 sshd\[23065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.27.177 Sep 19 07:51:04 vps200512 sshd\[23065\]: Failed password for invalid user mwang2 from 138.68.27.177 port 49538 ssh2 Sep 19 07:55:20 vps200512 sshd\[23154\]: Invalid user gerrit from 138.68.27.177 Sep 19 07:55:20 vps200512 sshd\[23154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.27.177	2019-09-19 19:56:03

Recently Reported IPs

104.18.1.154	104.18.1.193	104.18.1.232	104.18.0.55
104.18.1.199	104.18.1.52	104.18.1.236	104.18.1.59
104.18.1.28	104.18.1.7	104.18.1.68	104.18.101.45
104.18.103.45	104.18.104.45	104.18.1.55	104.18.105.45
104.18.102.45	104.18.117.240	104.18.15.25	104.18.15.242