104.18.11.166 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.18.116.17	attack	14red.com casino spam - casino with very bad reputation Received: from HE1EUR01HT170.eop-EUR01.prod.protection.outlook.com (2603:10a6:802:1::35) by VI1PR0501MB2301.eurprd05.prod.outlook.com with HTTPS via VI1PR0902CA0046.EURPRD09.PROD.OUTLOOK.COM; Wed, 31 Jul 2019 16:52:30 +0000 Received: from HE1EUR01FT007.eop-EUR01.prod.protection.outlook.com (10.152.0.51) by HE1EUR01HT170.eop-EUR01.prod.protection.outlook.com (10.152.1.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2136.14; Wed, 31 Jul 2019 16:52:30 +0000 Authentication-Results: spf=none (sender IP is 169.159.171.139) smtp.mailfrom=luxido.cz; hotmail.co.uk; dkim=none (message not signed) header.d=none;hotmail.co.uk; dmarc=none action=none header.from=luxido.cz; Received-SPF: None (protection.outlook.com: luxido.cz does not designate permitted sender hosts) Received: from static-public-169.159.171.igen.co.za (169.159.171.139)	2019-08-01 05:33:34

Type

Details

Datetime

104.18.116.17

attack

14red.com casino spam - casino with very bad reputation
Received: from HE1EUR01HT170.eop-EUR01.prod.protection.outlook.com (2603:10a6:802:1::35) by VI1PR0501MB2301.eurprd05.prod.outlook.com with HTTPS via VI1PR0902CA0046.EURPRD09.PROD.OUTLOOK.COM; Wed, 31 Jul 2019 16:52:30 +0000 Received: from HE1EUR01FT007.eop-EUR01.prod.protection.outlook.com (10.152.0.51) by HE1EUR01HT170.eop-EUR01.prod.protection.outlook.com (10.152.1.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2136.14; Wed, 31 Jul 2019 16:52:30 +0000 Authentication-Results: spf=none (sender IP is 169.159.171.139) smtp.mailfrom=luxido.cz; hotmail.co.uk; dkim=none (message not signed) header.d=none;hotmail.co.uk; dmarc=none action=none header.from=luxido.cz; Received-SPF: None (protection.outlook.com: luxido.cz does not designate permitted sender hosts) Received: from static-public-169.159.171.igen.co.za (169.159.171.139)

2019-08-01 05:33:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.11.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64018
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.11.166.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021700 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 17 13:55:26 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 166.11.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 166.11.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
82.131.207.234	attackspam	Apr 10 05:56:27 debian-2gb-nbg1-2 kernel: \[8749996.345499\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=82.131.207.234 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=51 ID=22597 PROTO=TCP SPT=38968 DPT=8089 WINDOW=26563 RES=0x00 SYN URGP=0	2020-04-10 14:34:03
185.220.101.18	attack	Apr 10 05:56:37 pve sshd[32506]: Failed password for root from 185.220.101.18 port 10128 ssh2 Apr 10 05:56:39 pve sshd[32506]: Failed password for root from 185.220.101.18 port 10128 ssh2 Apr 10 05:56:42 pve sshd[32506]: Failed password for root from 185.220.101.18 port 10128 ssh2 Apr 10 05:56:46 pve sshd[32506]: Failed password for root from 185.220.101.18 port 10128 ssh2	2020-04-10 14:18:27
117.48.208.43	attackspambots	Apr 10 05:56:47 haigwepa sshd[11141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.48.208.43 Apr 10 05:56:49 haigwepa sshd[11141]: Failed password for invalid user oracle from 117.48.208.43 port 52268 ssh2 ...	2020-04-10 14:14:48
185.175.93.23	attackspambots	Apr 10 08:22:50 debian-2gb-nbg1-2 kernel: \[8758779.258275\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.175.93.23 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=21094 PROTO=TCP SPT=54647 DPT=5927 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-10 14:32:27
138.197.173.210	attackbotsspam	Unauthorized connection attempt detected from IP address 138.197.173.210 to port 22	2020-04-10 14:20:46
178.254.39.150	attack	Apr 10 06:49:25 pi sshd[12153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.254.39.150 Apr 10 06:49:27 pi sshd[12153]: Failed password for invalid user postgres from 178.254.39.150 port 38078 ssh2	2020-04-10 14:45:33
171.227.164.106	attackbots	Apr 10 07:19:12 mailserver sshd\[22641\]: Address 171.227.164.106 maps to dynamic-ip-adsl.viettel.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Apr 10 07:19:12 mailserver sshd\[22641\]: Invalid user user from 171.227.164.106 ...	2020-04-10 14:49:22
36.67.63.9	attack	Apr 10 07:26:24 ourumov-web sshd\[28606\]: Invalid user informix from 36.67.63.9 port 35520 Apr 10 07:26:24 ourumov-web sshd\[28606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.67.63.9 Apr 10 07:26:26 ourumov-web sshd\[28606\]: Failed password for invalid user informix from 36.67.63.9 port 35520 ssh2 ...	2020-04-10 14:19:40
45.133.99.7	attackbots	Apr 10 08:02:01 srv01 postfix/smtpd\[19731\]: warning: unknown\[45.133.99.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 10 08:02:20 srv01 postfix/smtpd\[30456\]: warning: unknown\[45.133.99.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 10 08:17:56 srv01 postfix/smtpd\[30458\]: warning: unknown\[45.133.99.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 10 08:18:13 srv01 postfix/smtpd\[30458\]: warning: unknown\[45.133.99.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 10 08:19:48 srv01 postfix/smtpd\[8445\]: warning: unknown\[45.133.99.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-04-10 14:23:16
138.197.36.189	attackbotsspam	2020-04-10T03:52:42.412807abusebot-6.cloudsearch.cf sshd[10848]: Invalid user postgres from 138.197.36.189 port 54166 2020-04-10T03:52:42.419624abusebot-6.cloudsearch.cf sshd[10848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.36.189 2020-04-10T03:52:42.412807abusebot-6.cloudsearch.cf sshd[10848]: Invalid user postgres from 138.197.36.189 port 54166 2020-04-10T03:52:44.988188abusebot-6.cloudsearch.cf sshd[10848]: Failed password for invalid user postgres from 138.197.36.189 port 54166 ssh2 2020-04-10T03:56:04.547502abusebot-6.cloudsearch.cf sshd[11057]: Invalid user deploy from 138.197.36.189 port 34606 2020-04-10T03:56:04.555983abusebot-6.cloudsearch.cf sshd[11057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.36.189 2020-04-10T03:56:04.547502abusebot-6.cloudsearch.cf sshd[11057]: Invalid user deploy from 138.197.36.189 port 34606 2020-04-10T03:56:06.522231abusebot-6.cloudsearch.cf s ...	2020-04-10 14:53:21
51.83.68.213	attack	Apr 10 07:34:45 roki sshd[2672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.68.213 user=ubuntu Apr 10 07:34:47 roki sshd[2672]: Failed password for ubuntu from 51.83.68.213 port 33672 ssh2 Apr 10 07:47:21 roki sshd[3778]: Invalid user aman from 51.83.68.213 Apr 10 07:47:21 roki sshd[3778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.68.213 Apr 10 07:47:23 roki sshd[3778]: Failed password for invalid user aman from 51.83.68.213 port 57344 ssh2 ...	2020-04-10 14:32:12
210.245.92.228	attackspam	Apr 10 06:55:31 cvbnet sshd[19648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.245.92.228 Apr 10 06:55:33 cvbnet sshd[19648]: Failed password for invalid user admin from 210.245.92.228 port 58431 ssh2 ...	2020-04-10 14:46:02
119.28.178.226	attackbots	Apr 10 08:09:44 server sshd\[4140\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.178.226 user=root Apr 10 08:09:45 server sshd\[4140\]: Failed password for root from 119.28.178.226 port 34706 ssh2 Apr 10 08:15:11 server sshd\[5954\]: Invalid user ubuntu from 119.28.178.226 Apr 10 08:15:11 server sshd\[5954\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.178.226 Apr 10 08:15:13 server sshd\[5954\]: Failed password for invalid user ubuntu from 119.28.178.226 port 17404 ssh2 ...	2020-04-10 14:24:25
106.12.131.36	attack	(sshd) Failed SSH login from 106.12.131.36 (CN/China/-): 5 in the last 3600 secs	2020-04-10 14:16:26
54.152.255.136	attack	2020-04-10T07:03:20.794034vps773228.ovh.net sshd[16714]: Invalid user test from 54.152.255.136 port 37230 2020-04-10T07:03:22.189691vps773228.ovh.net sshd[16714]: Failed password for invalid user test from 54.152.255.136 port 37230 ssh2 2020-04-10T07:16:38.757059vps773228.ovh.net sshd[21609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-54-152-255-136.compute-1.amazonaws.com user=root 2020-04-10T07:16:41.023890vps773228.ovh.net sshd[21609]: Failed password for root from 54.152.255.136 port 48438 ssh2 2020-04-10T07:29:55.709308vps773228.ovh.net sshd[26410]: Invalid user query from 54.152.255.136 port 59678 ...	2020-04-10 14:12:45

Recently Reported IPs

104.18.11.147	104.18.11.167	104.18.11.170	104.18.11.171
104.18.11.182	104.18.11.194	104.18.11.198	104.18.11.20
104.18.11.200	104.18.11.210	104.18.11.211	104.18.11.215
104.18.11.216	104.18.11.221	104.18.11.231	104.18.11.235
104.18.11.237	104.18.11.240	104.18.11.242	104.18.11.248