104.18.2.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.18.25.243	attackspam	Tried to connect to TCP port on PC	2020-08-10 19:45:30
104.18.254.23	attack	Hi there! You Need Leads, Sales, Conversions, Traffic for bellezanutritiva.com ? Will Findet... => https://www.fiverr.com/share/2zBbq Regards, Mauldon	2019-08-27 19:15:56
104.18.254.23	attack	Contact us => https://www.fiverr.com/share/2zBbq Hi there! You Need Leads, Sales, Conversions, Traffic for base-all.ru ? Will Findet... I WILL SEND 5 MILLION MESSAGES VIA WEBSITE CONTACT FORM Don't believe me?	2019-08-15 04:29:07
104.18.254.23	attack	Hi there! You Need Leads, Sales, Conversions, Traffic for base-all.ru ? Will Findet.. https://www.fiverr.com/share/2zBbq	2019-08-12 20:50:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.2.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8118
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.2.42.			IN	A

;; AUTHORITY SECTION:
.			538	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030501 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 06 10:19:08 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 42.2.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.2.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
217.165.23.53	attack	2020-09-09T08:58:18.667566paragon sshd[250773]: Failed password for root from 217.165.23.53 port 39184 ssh2 2020-09-09T09:02:42.695413paragon sshd[251111]: Invalid user torpedo from 217.165.23.53 port 45172 2020-09-09T09:02:42.699233paragon sshd[251111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.165.23.53 2020-09-09T09:02:42.695413paragon sshd[251111]: Invalid user torpedo from 217.165.23.53 port 45172 2020-09-09T09:02:44.567149paragon sshd[251111]: Failed password for invalid user torpedo from 217.165.23.53 port 45172 ssh2 ...	2020-09-09 19:13:31
20.37.99.237	attack	MAIL: User Login Brute Force Attempt	2020-09-09 19:10:00
125.212.233.50	attack	Failed password for invalid user erpnext from 125.212.233.50 port 34332 ssh2	2020-09-09 18:40:53
60.249.138.198	attack	DATE:2020-09-08 18:56:05, IP:60.249.138.198, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-09 18:56:02
120.27.192.18	attackbots	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-09 18:50:19
145.239.95.241	attackbots	$f2bV_matches	2020-09-09 18:36:44
45.142.120.137	attackspam	Sep 9 01:21:02 marvibiene postfix/smtpd[3655]: warning: unknown[45.142.120.137]: SASL LOGIN authentication failed: VXNlcm5hbWU6 Sep 9 01:50:28 marvibiene postfix/smtpd[5169]: warning: unknown[45.142.120.137]: SASL LOGIN authentication failed: VXNlcm5hbWU6	2020-09-09 18:49:41
27.184.55.165	attackspam	Sep 9 05:28:57 baraca dovecot: auth-worker(8388): passwd(info,27.184.55.165): unknown user Sep 9 05:29:19 baraca dovecot: auth-worker(8388): passwd(info,27.184.55.165): unknown user Sep 9 05:29:38 baraca dovecot: auth-worker(8388): passwd(info,27.184.55.165): unknown user Sep 9 05:29:57 baraca dovecot: auth-worker(8388): passwd(info,27.184.55.165): unknown user Sep 9 05:30:15 baraca dovecot: auth-worker(8388): passwd(info,27.184.55.165): unknown user Sep 9 06:47:48 baraca dovecot: auth-worker(14844): passwd(info,27.184.55.165): unknown user ...	2020-09-09 18:54:42
167.71.145.201	attack	TCP ports : 2828 / 3359 / 5954 / 12127 / 26804 / 31789	2020-09-09 19:04:18
165.22.65.5	attackspam	From CCTV User Interface Log ...::ffff:165.22.65.5 - - [08/Sep/2020:12:57:28 +0000] "GET /systemInfo HTTP/1.1" 404 203 ...	2020-09-09 18:46:50
84.17.60.215	attackspambots	fell into ViewStateTrap:vaduz	2020-09-09 18:55:13
107.170.249.243	attackbots	Sep 8 20:09:40 abendstille sshd\[9262\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.249.243 user=root Sep 8 20:09:43 abendstille sshd\[9262\]: Failed password for root from 107.170.249.243 port 39014 ssh2 Sep 8 20:13:37 abendstille sshd\[13855\]: Invalid user oracle from 107.170.249.243 Sep 8 20:13:37 abendstille sshd\[13855\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.249.243 Sep 8 20:13:39 abendstille sshd\[13855\]: Failed password for invalid user oracle from 107.170.249.243 port 38450 ssh2 ...	2020-09-09 18:48:53
191.102.72.178	attackspambots	Lines containing failures of 191.102.72.178 (max 1000) Sep 7 21:11:48 UTC__SANYALnet-Labs__cac12 sshd[20018]: Connection from 191.102.72.178 port 37064 on 64.137.176.96 port 22 Sep 7 21:11:49 UTC__SANYALnet-Labs__cac12 sshd[20018]: Address 191.102.72.178 maps to fenix.empaquesdelcauca.com.co, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 7 21:11:49 UTC__SANYALnet-Labs__cac12 sshd[20018]: Invalid user db2inst1 from 191.102.72.178 port 37064 Sep 7 21:11:49 UTC__SANYALnet-Labs__cac12 sshd[20018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.102.72.178 Sep 7 21:11:52 UTC__SANYALnet-Labs__cac12 sshd[20018]: Failed password for invalid user db2inst1 from 191.102.72.178 port 37064 ssh2 Sep 7 21:11:52 UTC__SANYALnet-Labs__cac12 sshd[20018]: Received disconnect from 191.102.72.178 port 37064:11: Bye Bye [preauth] Sep 7 21:11:52 UTC__SANYALnet-Labs__cac12 sshd[20018]: Disconnected from 191.102.72.17........ ------------------------------	2020-09-09 18:44:30
185.43.8.43	attack	2020-09-09T02:12:07+02:00 exim[13050]: [1\32] 1kFniZ-0003OU-65 H=(lorgat.it) [185.43.8.43] F= rejected after DATA: This message scored 103.5 spam points.	2020-09-09 18:59:36
168.197.209.90	attackspam	Telnetd brute force attack detected by fail2ban	2020-09-09 18:57:48

Recently Reported IPs

104.18.2.245	104.18.20.195	112.84.51.202	104.18.21.96
112.84.51.204	104.18.22.10	104.18.218.148	104.18.212.218
104.18.22.106	104.18.217.231	104.18.210.67	104.18.218.231
104.18.28.124	112.84.51.213	104.18.28.79	104.18.27.172
104.18.28.163	104.18.28.223	104.18.27.194	104.18.213.218