104.18.5.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.18.50.120	attack	*** Phishing website that camouflaged Amazon.com. (redirect from) https://subscriber.jglboots.com/ domain: subscriber.jglboots.com IP v6 address: 2606:4700:3037::6812:3378 / 2606:4700:3033::6812:3278 IP v4 address: 104.18.50.120 / 104.18.51.120 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com (redirect to) https://counts-pontis-name-flare-and-safty.telemagico.com/ domain: counts-pontis-name-flare-and-safty.telemagico.com IP v6 address: 2606:4700:3030::6818:62f1 / 2606:4700:3033::6818:63f1 IP v4 address: 104.24.99.241 / 104.24.98.241 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com	2020-05-04 03:15:46
104.18.54.70	spam	Used undred times per day for SPAM, PHISHING, SCAM and SEXE on STOLLEN list we don't know where without our agreement, as usual with LIERS and ROBERS ! Especially by namecheap.com with creatensend.com ? https://www.mywot.com/scorecard/creatensend.com https://www.mywot.com/scorecard/namecheap.com Or uniregistry.com with casinovips.com ? https://www.mywot.com/scorecard/casinovips.com https://www.mywot.com/scorecard/uniregistry.com And the same few hours before... By GoDaddy.com, une autre SOUS MERDE adepte d'ESCROCS commebonusmasters.com... https://www.mywot.com/scorecard/bonusmasters.com https://www.mywot.com/scorecard/godaddy.com	2020-02-20 05:28:25
104.18.53.191	attack	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 20:34:01
104.18.52.191	attackspambots	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 18:36:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.5.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47669
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.5.142.			IN	A

;; AUTHORITY SECTION:
.			533	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022051801 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 19 05:38:35 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 142.5.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.5.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
14.41.77.225	attackbots	Oct 10 02:39:39 plusreed sshd[14750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.41.77.225 user=root Oct 10 02:39:41 plusreed sshd[14750]: Failed password for root from 14.41.77.225 port 59306 ssh2 ...	2019-10-10 14:45:27
51.158.184.28	attackbots	Oct 10 08:06:56 rotator sshd\[28935\]: Failed password for root from 51.158.184.28 port 46946 ssh2Oct 10 08:06:59 rotator sshd\[28935\]: Failed password for root from 51.158.184.28 port 46946 ssh2Oct 10 08:07:02 rotator sshd\[28935\]: Failed password for root from 51.158.184.28 port 46946 ssh2Oct 10 08:07:04 rotator sshd\[28935\]: Failed password for root from 51.158.184.28 port 46946 ssh2Oct 10 08:07:07 rotator sshd\[28935\]: Failed password for root from 51.158.184.28 port 46946 ssh2Oct 10 08:07:10 rotator sshd\[28935\]: Failed password for root from 51.158.184.28 port 46946 ssh2 ...	2019-10-10 14:50:42
222.186.15.101	attack	$f2bV_matches	2019-10-10 15:06:18
106.13.56.72	attack	Oct 10 08:20:56 microserver sshd[34998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.72 user=root Oct 10 08:20:58 microserver sshd[34998]: Failed password for root from 106.13.56.72 port 41476 ssh2 Oct 10 08:25:32 microserver sshd[35612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.72 user=root Oct 10 08:25:34 microserver sshd[35612]: Failed password for root from 106.13.56.72 port 49580 ssh2 Oct 10 08:30:19 microserver sshd[36236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.72 user=root Oct 10 08:44:24 microserver sshd[37744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.72 user=root Oct 10 08:44:27 microserver sshd[37744]: Failed password for root from 106.13.56.72 port 53738 ssh2 Oct 10 08:49:12 microserver sshd[38364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=	2019-10-10 14:55:26
5.71.159.19	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.71.159.19/ GB - 1H : (77) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : GB NAME ASN : ASN5607 IP : 5.71.159.19 CIDR : 5.64.0.0/13 PREFIX COUNT : 35 UNIQUE IP COUNT : 5376768 WYKRYTE ATAKI Z ASN5607 : 1H - 2 3H - 2 6H - 3 12H - 7 24H - 13 DateTime : 2019-10-10 05:51:01 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-10 15:08:53
92.118.38.37	attackbots	Oct 10 08:45:44 mail postfix/smtpd\[15371\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 08:46:16 mail postfix/smtpd\[15422\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 08:46:49 mail postfix/smtpd\[15422\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 09:16:55 mail postfix/smtpd\[15782\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-10-10 15:19:51
180.76.130.70	attack	Lines containing failures of 180.76.130.70 Oct 7 02:11:21 shared06 sshd[8499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.130.70 user=r.r Oct 7 02:11:22 shared06 sshd[8499]: Failed password for r.r from 180.76.130.70 port 37196 ssh2 Oct 7 02:11:23 shared06 sshd[8499]: Received disconnect from 180.76.130.70 port 37196:11: Bye Bye [preauth] Oct 7 02:11:23 shared06 sshd[8499]: Disconnected from authenticating user r.r 180.76.130.70 port 37196 [preauth] Oct 7 02:24:33 shared06 sshd[12516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.130.70 user=r.r Oct 7 02:24:35 shared06 sshd[12516]: Failed password for r.r from 180.76.130.70 port 44618 ssh2 Oct 7 02:24:35 shared06 sshd[12516]: Received disconnect from 180.76.130.70 port 44618:11: Bye Bye [preauth] Oct 7 02:24:35 shared06 sshd[12516]: Disconnected from authenticating user r.r 180.76.130.70 port 44618 [preauth] Oc........ ------------------------------	2019-10-10 15:15:35
138.117.149.13	attack	Automatic report - XMLRPC Attack	2019-10-10 15:00:00
139.59.78.236	attackspam	Oct 10 04:11:15 *** sshd[16137]: User root from 139.59.78.236 not allowed because not listed in AllowUsers	2019-10-10 14:45:55
222.186.31.145	attack	$f2bV_matches	2019-10-10 15:01:52
192.227.252.26	attackspambots	Oct 10 07:10:18 venus sshd\[14470\]: Invalid user Contrasena12 from 192.227.252.26 port 35640 Oct 10 07:10:18 venus sshd\[14470\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.227.252.26 Oct 10 07:10:20 venus sshd\[14470\]: Failed password for invalid user Contrasena12 from 192.227.252.26 port 35640 ssh2 ...	2019-10-10 15:17:35
106.13.165.94	attackspambots	Oct 6 19:35:34 carla sshd[31963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.165.94 user=r.r Oct 6 19:35:36 carla sshd[31963]: Failed password for r.r from 106.13.165.94 port 58850 ssh2 Oct 6 19:35:36 carla sshd[31964]: Received disconnect from 106.13.165.94: 11: Bye Bye Oct 6 19:55:23 carla sshd[32152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.165.94 user=r.r Oct 6 19:55:26 carla sshd[32152]: Failed password for r.r from 106.13.165.94 port 52336 ssh2 Oct 6 19:55:26 carla sshd[32153]: Received disconnect from 106.13.165.94: 11: Bye Bye Oct 6 19:59:34 carla sshd[32160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.165.94 user=r.r Oct 6 19:59:36 carla sshd[32160]: Failed password for r.r from 106.13.165.94 port 32830 ssh2 Oct 6 19:59:36 carla sshd[32161]: Received disconnect from 106.13.165.94: 11: Bye Bye ........ -------------------------------	2019-10-10 15:02:43
111.92.240.170	attack	Oct 9 20:53:55 eddieflores sshd\[16504\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.92.240.170 user=root Oct 9 20:53:57 eddieflores sshd\[16504\]: Failed password for root from 111.92.240.170 port 49612 ssh2 Oct 9 20:58:20 eddieflores sshd\[16846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.92.240.170 user=root Oct 9 20:58:21 eddieflores sshd\[16846\]: Failed password for root from 111.92.240.170 port 32984 ssh2 Oct 9 21:02:41 eddieflores sshd\[17208\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.92.240.170 user=root	2019-10-10 15:17:04
2.152.192.52	attackspam	Oct 10 08:10:11 nginx sshd[22924]: Invalid user test from 2.152.192.52 Oct 10 08:10:12 nginx sshd[22924]: Connection closed by 2.152.192.52 port 59938 [preauth]	2019-10-10 14:55:46
51.38.125.51	attackspambots	Oct 10 05:42:24 rotator sshd\[3337\]: Invalid user !QAZ@WSX3edc from 51.38.125.51Oct 10 05:42:26 rotator sshd\[3337\]: Failed password for invalid user !QAZ@WSX3edc from 51.38.125.51 port 46344 ssh2Oct 10 05:46:35 rotator sshd\[4191\]: Invalid user Pa$$word@2019 from 51.38.125.51Oct 10 05:46:37 rotator sshd\[4191\]: Failed password for invalid user Pa$$word@2019 from 51.38.125.51 port 58590 ssh2Oct 10 05:50:36 rotator sshd\[5112\]: Invalid user ZXCVBNM!@\#$%\^\& from 51.38.125.51Oct 10 05:50:39 rotator sshd\[5112\]: Failed password for invalid user ZXCVBNM!@\#$%\^\& from 51.38.125.51 port 42596 ssh2 ...	2019-10-10 15:20:12

Recently Reported IPs

104.18.5.131	104.18.5.151	104.18.55.37	104.18.6.121
104.18.6.151	104.18.6.231	104.18.7.121	104.18.7.151
104.18.7.231	104.192.4.135	104.192.4.99	237.117.117.3
104.192.7.79	104.192.86.21	104.192.86.41	104.192.96.7
104.193.108.198	104.193.109.50	104.193.110.177	104.193.110.215