104.18.1.221 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.18.12.94	spambotsattackproxynormal	Ip	2022-05-11 11:40:42
104.18.116.17	attack	14red.com casino spam - casino with very bad reputation Received: from HE1EUR01HT170.eop-EUR01.prod.protection.outlook.com (2603:10a6:802:1::35) by VI1PR0501MB2301.eurprd05.prod.outlook.com with HTTPS via VI1PR0902CA0046.EURPRD09.PROD.OUTLOOK.COM; Wed, 31 Jul 2019 16:52:30 +0000 Received: from HE1EUR01FT007.eop-EUR01.prod.protection.outlook.com (10.152.0.51) by HE1EUR01HT170.eop-EUR01.prod.protection.outlook.com (10.152.1.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2136.14; Wed, 31 Jul 2019 16:52:30 +0000 Authentication-Results: spf=none (sender IP is 169.159.171.139) smtp.mailfrom=luxido.cz; hotmail.co.uk; dkim=none (message not signed) header.d=none;hotmail.co.uk; dmarc=none action=none header.from=luxido.cz; Received-SPF: None (protection.outlook.com: luxido.cz does not designate permitted sender hosts) Received: from static-public-169.159.171.igen.co.za (169.159.171.139)	2019-08-01 05:33:34

Type

Details

Datetime

104.18.12.94

spambotsattackproxynormal

Ip

2022-05-11 11:40:42

104.18.116.17

attack

14red.com casino spam - casino with very bad reputation
Received: from HE1EUR01HT170.eop-EUR01.prod.protection.outlook.com (2603:10a6:802:1::35) by VI1PR0501MB2301.eurprd05.prod.outlook.com with HTTPS via VI1PR0902CA0046.EURPRD09.PROD.OUTLOOK.COM; Wed, 31 Jul 2019 16:52:30 +0000 Received: from HE1EUR01FT007.eop-EUR01.prod.protection.outlook.com (10.152.0.51) by HE1EUR01HT170.eop-EUR01.prod.protection.outlook.com (10.152.1.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2136.14; Wed, 31 Jul 2019 16:52:30 +0000 Authentication-Results: spf=none (sender IP is 169.159.171.139) smtp.mailfrom=luxido.cz; hotmail.co.uk; dkim=none (message not signed) header.d=none;hotmail.co.uk; dmarc=none action=none header.from=luxido.cz; Received-SPF: None (protection.outlook.com: luxido.cz does not designate permitted sender hosts) Received: from static-public-169.159.171.igen.co.za (169.159.171.139)

2019-08-01 05:33:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.1.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25484
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.1.221.			IN	A

;; AUTHORITY SECTION:
.			480	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021700 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 17 13:49:29 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 221.1.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 221.1.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.91.3.146	attackbotsspam	Jun 13 22:51:41 mail.srvfarm.net postfix/smtps/smtpd[1294951]: warning: unknown[189.91.3.146]: SASL PLAIN authentication failed: Jun 13 22:51:41 mail.srvfarm.net postfix/smtps/smtpd[1294951]: lost connection after AUTH from unknown[189.91.3.146] Jun 13 22:56:37 mail.srvfarm.net postfix/smtpd[1295677]: warning: unknown[189.91.3.146]: SASL PLAIN authentication failed: Jun 13 22:56:37 mail.srvfarm.net postfix/smtpd[1295677]: lost connection after AUTH from unknown[189.91.3.146] Jun 13 22:58:52 mail.srvfarm.net postfix/smtpd[1296188]: warning: unknown[189.91.3.146]: SASL PLAIN authentication failed:	2020-06-14 08:33:57
185.140.243.49	attackspambots	Jun 13 22:36:46 mail.srvfarm.net postfix/smtpd[1287058]: warning: unknown[185.140.243.49]: SASL PLAIN authentication failed: Jun 13 22:36:46 mail.srvfarm.net postfix/smtpd[1287058]: lost connection after AUTH from unknown[185.140.243.49] Jun 13 22:38:52 mail.srvfarm.net postfix/smtpd[1286878]: warning: unknown[185.140.243.49]: SASL PLAIN authentication failed: Jun 13 22:38:52 mail.srvfarm.net postfix/smtpd[1286878]: lost connection after AUTH from unknown[185.140.243.49] Jun 13 22:46:10 mail.srvfarm.net postfix/smtps/smtpd[1288539]: warning: unknown[185.140.243.49]: SASL PLAIN authentication failed:	2020-06-14 08:34:26
222.186.173.215	attack	Jun 14 02:40:39 eventyay sshd[23502]: Failed password for root from 222.186.173.215 port 63698 ssh2 Jun 14 02:40:51 eventyay sshd[23502]: error: maximum authentication attempts exceeded for root from 222.186.173.215 port 63698 ssh2 [preauth] Jun 14 02:41:04 eventyay sshd[23505]: Failed password for root from 222.186.173.215 port 58626 ssh2 ...	2020-06-14 08:45:22
178.128.88.244	attackspam	srv02 Mass scanning activity detected Target: 3737 ..	2020-06-14 08:20:52
179.26.153.219	attackspam	1592082353 - 06/13/2020 23:05:53 Host: 179.26.153.219/179.26.153.219 Port: 445 TCP Blocked	2020-06-14 08:24:02
45.141.84.40	attackspambots	IP: 45.141.84.40 Ports affected Simple Mail Transfer (25) HTTP protocol over TLS/SSL (443) Message Submission (587) IMAP over TLS protocol (993) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS206728 Media Land LLC Russia (RU) CIDR 45.141.84.0/24 Log Date: 13/06/2020 8:35:51 PM UTC	2020-06-14 08:49:01
164.132.70.22	attackbotsspam	SSH Invalid Login	2020-06-14 08:24:20
222.186.30.167	attack	Jun 14 02:50:09 v22018053744266470 sshd[9104]: Failed password for root from 222.186.30.167 port 51751 ssh2 Jun 14 02:50:18 v22018053744266470 sshd[9115]: Failed password for root from 222.186.30.167 port 35093 ssh2 ...	2020-06-14 08:52:14
154.85.37.20	attack	Jun 13 23:05:40 django-0 sshd\[8480\]: Invalid user ovo from 154.85.37.20Jun 13 23:05:42 django-0 sshd\[8480\]: Failed password for invalid user ovo from 154.85.37.20 port 33814 ssh2Jun 13 23:12:18 django-0 sshd\[8703\]: Invalid user uj from 154.85.37.20 ...	2020-06-14 08:52:55
193.27.228.131	attackspam	Port scan on 21 port(s): 54052 54087 54134 54137 54139 54203 54236 54237 54280 54356 54366 54386 54413 54456 54508 54513 54609 54616 54719 54732 54921	2020-06-14 08:23:34
45.89.174.46	attack	[2020-06-13 20:30:24] NOTICE[1273] chan_sip.c: Registration from '' failed for '45.89.174.46:64406' - Wrong password [2020-06-13 20:30:24] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-13T20:30:24.072-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="6459",SessionID="0x7f31c0311868",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.89.174.46/64406",Challenge="6e6b311c",ReceivedChallenge="6e6b311c",ReceivedHash="ff25d3255165897261df1e2c02d9b3fc" [2020-06-13 20:31:13] NOTICE[1273] chan_sip.c: Registration from '' failed for '45.89.174.46:59690' - Wrong password [2020-06-13 20:31:13] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-13T20:31:13.384-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3295",SessionID="0x7f31c018ea98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.89.174.46/596 ...	2020-06-14 08:51:29
223.197.125.10	attackbotsspam	SSH brute-force: detected 18 distinct username(s) / 27 distinct password(s) within a 24-hour window.	2020-06-14 08:22:44
91.247.233.91	attackspam	Automatic report - Banned IP Access	2020-06-14 08:18:15
167.86.108.141	attackbotsspam	Jun 13 15:09:22 nxxxxxxx0 sshd[26436]: Did not receive identification string from 167.86.108.141 Jun 13 15:10:19 nxxxxxxx0 sshd[26537]: Invalid user soundcode from 167.86.108.141 Jun 13 15:10:20 nxxxxxxx0 sshd[26539]: Invalid user aerospike from 167.86.108.141 Jun 13 15:10:21 nxxxxxxx0 sshd[26537]: Failed password for invalid user soundcode from 167.86.108.141 port 52762 ssh2 Jun 13 15:10:21 nxxxxxxx0 sshd[26537]: Received disconnect from 167.86.108.141: 11: Normal Shutdown, Thank you for playing [preauth] Jun 13 15:10:21 nxxxxxxx0 sshd[26541]: Invalid user oracle from 167.86.108.141 Jun 13 15:10:23 nxxxxxxx0 sshd[26551]: Invalid user lbhome_crawl from 167.86.108.141 Jun 13 15:10:23 nxxxxxxx0 sshd[26539]: Failed password for invalid user aerospike from 167.86.108.141 port 55908 ssh2 Jun 13 15:10:23 nxxxxxxx0 sshd[26539]: Received disconnect from 167.86.108.141: 11: Normal Shutdown, Thank you for playing [preauth] Jun 13 15:10:23 nxxxxxxx0 sshd[26553]: Invalid user noder........ -------------------------------	2020-06-14 08:13:59
217.197.39.215	attackbots	Jun 13 22:46:27 mail.srvfarm.net postfix/smtps/smtpd[1293482]: warning: unknown[217.197.39.215]: SASL PLAIN authentication failed: Jun 13 22:46:27 mail.srvfarm.net postfix/smtps/smtpd[1293482]: lost connection after AUTH from unknown[217.197.39.215] Jun 13 22:47:06 mail.srvfarm.net postfix/smtpd[1294827]: warning: unknown[217.197.39.215]: SASL PLAIN authentication failed: Jun 13 22:47:06 mail.srvfarm.net postfix/smtpd[1294827]: lost connection after AUTH from unknown[217.197.39.215] Jun 13 22:55:50 mail.srvfarm.net postfix/smtpd[1295647]: lost connection after CONNECT from unknown[217.197.39.215]	2020-06-14 08:29:33

Recently Reported IPs

104.18.1.209	104.18.1.224	104.18.1.238	104.18.1.240
104.18.1.241	104.18.1.25	104.18.1.26	104.18.1.48
104.18.1.56	104.18.1.70	104.18.1.73	104.18.1.74
104.18.1.88	104.18.1.9	104.18.1.97	104.18.10.116
104.18.10.120	104.18.10.126	104.18.10.128	104.18.10.139