104.18.38.52 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.38.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41101
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.38.52.			IN	A

;; AUTHORITY SECTION:
.			399	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022040801 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 09 04:08:52 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 52.38.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.38.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
172.73.83.8	attack	Sep 3 18:48:57 mellenthin postfix/smtpd[20980]: NOQUEUE: reject: RCPT from cpe-172-73-83-8.carolina.res.rr.com[172.73.83.8]: 554 5.7.1 Service unavailable; Client host [172.73.83.8] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/172.73.83.8; from= to= proto=ESMTP helo=	2020-09-04 14:01:03
103.67.158.30	attackbots	Sep 3 18:49:08 mellenthin postfix/smtpd[21032]: NOQUEUE: reject: RCPT from unknown[103.67.158.30]: 554 5.7.1 Service unavailable; Client host [103.67.158.30] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/103.67.158.30; from= to= proto=ESMTP helo=<[103.67.158.30]>	2020-09-04 13:50:29
196.189.185.243	attackbotsspam	Sep 2 10:12:29 mxgate1 postfix/postscreen[16901]: CONNECT from [196.189.185.243]:57360 to [176.31.12.44]:25 Sep 2 10:12:29 mxgate1 postfix/dnsblog[17127]: addr 196.189.185.243 listed by domain zen.spamhaus.org as 127.0.0.4 Sep 2 10:12:29 mxgate1 postfix/dnsblog[17127]: addr 196.189.185.243 listed by domain zen.spamhaus.org as 127.0.0.11 Sep 2 10:12:29 mxgate1 postfix/dnsblog[17128]: addr 196.189.185.243 listed by domain cbl.abuseat.org as 127.0.0.2 Sep 2 10:12:29 mxgate1 postfix/dnsblog[17129]: addr 196.189.185.243 listed by domain b.barracudacentral.org as 127.0.0.2 Sep 2 10:12:29 mxgate1 postfix/dnsblog[17131]: addr 196.189.185.243 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Sep 2 10:12:35 mxgate1 postfix/postscreen[16901]: DNSBL rank 5 for [196.189.185.243]:57360 Sep x@x Sep 2 10:12:36 mxgate1 postfix/postscreen[16901]: HANGUP after 1.3 from [196.189.185.243]:57360 in tests after SMTP handshake Sep 2 10:12:36 mxgate1 postfix/postscreen[16901]: DISCONNE........ -------------------------------	2020-09-04 14:14:09
107.189.10.101	attack	SSH bruteforce	2020-09-04 13:43:29
69.251.82.109	attackbotsspam	Sep 4 06:17:07 hidden sshd[11106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.251.82.109 Sep 4 06:17:09 hidden sshd[11106]: Failed password for invalid user sandbox from 69.251.82.109 port 46458 ssh2 Sep 4 06:24:15 hidden sshd[12238]: Invalid user cacti from 69.251.82.109 port 32944	2020-09-04 14:02:40
198.98.49.181	attackspam	Sep 4 05:56:21 ip-172-31-7-133 sshd\[4459\]: Invalid user centos from 198.98.49.181 Sep 4 05:56:21 ip-172-31-7-133 sshd\[4456\]: Invalid user vagrant from 198.98.49.181 Sep 4 05:56:21 ip-172-31-7-133 sshd\[4454\]: Invalid user test from 198.98.49.181 ...	2020-09-04 14:00:17
109.66.126.241	attackbots	Lines containing failures of 109.66.126.241 Sep 2 10:11:23 omfg postfix/smtpd[17776]: connect from bzq-109-66-126-241.red.bezeqint.net[109.66.126.241] Sep x@x Sep 2 10:11:24 omfg postfix/smtpd[17776]: lost connection after DATA from bzq-109-66-126-241.red.bezeqint.net[109.66.126.241] Sep 2 10:11:24 omfg postfix/smtpd[17776]: disconnect from bzq-109-66-126-241.red.bezeqint.net[109.66.126.241] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=109.66.126.241	2020-09-04 14:04:12
51.83.42.108	attack	Sep 3 21:12:33 mail sshd\[44367\]: Invalid user postgres from 51.83.42.108 Sep 3 21:12:33 mail sshd\[44367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.42.108 ...	2020-09-04 13:40:31
168.90.229.209	attackspam	DATE:2020-09-03 18:48:11, IP:168.90.229.209, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-04 13:50:08
198.38.86.161	attackspambots	Sep 4 00:45:39 ns382633 sshd\[16438\]: Invalid user test5 from 198.38.86.161 port 47534 Sep 4 00:45:39 ns382633 sshd\[16438\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.38.86.161 Sep 4 00:45:41 ns382633 sshd\[16438\]: Failed password for invalid user test5 from 198.38.86.161 port 47534 ssh2 Sep 4 00:52:42 ns382633 sshd\[17544\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.38.86.161 user=root Sep 4 00:52:43 ns382633 sshd\[17544\]: Failed password for root from 198.38.86.161 port 55508 ssh2	2020-09-04 14:00:31
106.13.164.136	attackbotsspam	Time: Thu Sep 3 19:50:56 2020 +0000 IP: 106.13.164.136 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 3 19:36:41 vps3 sshd[15114]: Invalid user ventas from 106.13.164.136 port 48914 Sep 3 19:36:43 vps3 sshd[15114]: Failed password for invalid user ventas from 106.13.164.136 port 48914 ssh2 Sep 3 19:47:37 vps3 sshd[17650]: Invalid user oracle from 106.13.164.136 port 49332 Sep 3 19:47:39 vps3 sshd[17650]: Failed password for invalid user oracle from 106.13.164.136 port 49332 ssh2 Sep 3 19:50:55 vps3 sshd[18407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.164.136 user=root	2020-09-04 13:43:51
104.236.134.112	attack	Time: Fri Sep 4 04:33:56 2020 +0000 IP: 104.236.134.112 (US/United States/mon.do.safelinkinternet.com) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 4 04:12:48 hosting sshd[1960]: Invalid user ftp-user from 104.236.134.112 port 40197 Sep 4 04:12:50 hosting sshd[1960]: Failed password for invalid user ftp-user from 104.236.134.112 port 40197 ssh2 Sep 4 04:28:09 hosting sshd[3022]: Invalid user sofia from 104.236.134.112 port 47001 Sep 4 04:28:11 hosting sshd[3022]: Failed password for invalid user sofia from 104.236.134.112 port 47001 ssh2 Sep 4 04:33:52 hosting sshd[3433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.134.112 user=root	2020-09-04 13:45:56
165.227.181.118	attackbotsspam	$f2bV_matches	2020-09-04 13:45:12
177.124.23.197	attackbotsspam	Sep 3 18:49:01 host postfix/smtps/smtpd\[20586\]: warning: 177-124-23-197.altinformatica.com.br\[177.124.23.197\]: SASL PLAIN authentication failed:	2020-09-04 13:57:35
106.51.113.15	attackbotsspam	Sep 4 07:51:50 home sshd[630440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.113.15 Sep 4 07:51:50 home sshd[630440]: Invalid user lijing from 106.51.113.15 port 58917 Sep 4 07:51:51 home sshd[630440]: Failed password for invalid user lijing from 106.51.113.15 port 58917 ssh2 Sep 4 07:53:59 home sshd[630675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.113.15 user=root Sep 4 07:54:01 home sshd[630675]: Failed password for root from 106.51.113.15 port 45764 ssh2 ...	2020-09-04 14:01:49

Recently Reported IPs

104.18.38.226	104.18.38.61	104.18.39.5	104.18.39.54
104.18.39.65	104.18.39.82	104.18.40.145	104.18.40.173
104.18.40.193	104.18.40.243	104.18.40.35	104.18.41.101
104.18.41.168	104.18.41.241	104.20.99.46	104.200.16.65
104.200.19.11	104.200.19.212	104.200.20.68	104.200.24.154