104.18.5.4 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.18.50.120	attack	*** Phishing website that camouflaged Amazon.com. (redirect from) https://subscriber.jglboots.com/ domain: subscriber.jglboots.com IP v6 address: 2606:4700:3037::6812:3378 / 2606:4700:3033::6812:3278 IP v4 address: 104.18.50.120 / 104.18.51.120 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com (redirect to) https://counts-pontis-name-flare-and-safty.telemagico.com/ domain: counts-pontis-name-flare-and-safty.telemagico.com IP v6 address: 2606:4700:3030::6818:62f1 / 2606:4700:3033::6818:63f1 IP v4 address: 104.24.99.241 / 104.24.98.241 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com	2020-05-04 03:15:46
104.18.54.70	spam	Used undred times per day for SPAM, PHISHING, SCAM and SEXE on STOLLEN list we don't know where without our agreement, as usual with LIERS and ROBERS ! Especially by namecheap.com with creatensend.com ? https://www.mywot.com/scorecard/creatensend.com https://www.mywot.com/scorecard/namecheap.com Or uniregistry.com with casinovips.com ? https://www.mywot.com/scorecard/casinovips.com https://www.mywot.com/scorecard/uniregistry.com And the same few hours before... By GoDaddy.com, une autre SOUS MERDE adepte d'ESCROCS commebonusmasters.com... https://www.mywot.com/scorecard/bonusmasters.com https://www.mywot.com/scorecard/godaddy.com	2020-02-20 05:28:25
104.18.53.191	attack	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 20:34:01
104.18.52.191	attackspambots	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 18:36:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.5.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26390
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.5.4.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021700 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 17 15:21:57 CST 2022
;; MSG SIZE  rcvd: 103

Host info

Host 4.5.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 4.5.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.39.67.154	attack	Dec 12 09:55:34 heissa sshd\[3774\]: Invalid user mosca from 5.39.67.154 port 38341 Dec 12 09:55:34 heissa sshd\[3774\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns356848.ip-5-39-67.eu Dec 12 09:55:36 heissa sshd\[3774\]: Failed password for invalid user mosca from 5.39.67.154 port 38341 ssh2 Dec 12 10:00:51 heissa sshd\[9471\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns356848.ip-5-39-67.eu user=root Dec 12 10:00:53 heissa sshd\[9471\]: Failed password for root from 5.39.67.154 port 42698 ssh2	2019-12-12 20:18:36
182.61.31.79	attackspam	$f2bV_matches	2019-12-12 20:25:11
139.0.12.19	attackspambots	Unauthorized connection attempt detected from IP address 139.0.12.19 to port 445	2019-12-12 20:11:21
222.184.233.222	attackspambots	Automatic report: SSH brute force attempt	2019-12-12 20:24:24
200.82.182.162	attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-12 20:48:51
187.178.228.154	attackbots	Port Scan detected from 187.178.228.154 (MX/Mexico/187-178-228-154.dynamic.axtel.net). 4 hits in the last 100 seconds	2019-12-12 20:16:57
162.243.50.8	attackspam	Dec 12 12:40:22 nextcloud sshd\[18972\]: Invalid user host from 162.243.50.8 Dec 12 12:40:22 nextcloud sshd\[18972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.50.8 Dec 12 12:40:23 nextcloud sshd\[18972\]: Failed password for invalid user host from 162.243.50.8 port 49205 ssh2 ...	2019-12-12 20:46:02
114.67.74.49	attackbotsspam	Automatic report: SSH brute force attempt	2019-12-12 20:38:11
113.20.108.171	attack	Unauthorized connection attempt detected from IP address 113.20.108.171 to port 445	2019-12-12 20:38:31
59.25.197.138	attack	Dec 12 01:24:32 Tower sshd[33625]: Connection from 59.25.197.138 port 34924 on 192.168.10.220 port 22 Dec 12 01:24:44 Tower sshd[33625]: Invalid user robert from 59.25.197.138 port 34924 Dec 12 01:24:44 Tower sshd[33625]: error: Could not get shadow information for NOUSER Dec 12 01:24:44 Tower sshd[33625]: Failed password for invalid user robert from 59.25.197.138 port 34924 ssh2 Dec 12 01:24:44 Tower sshd[33625]: Received disconnect from 59.25.197.138 port 34924:11: Bye Bye [preauth] Dec 12 01:24:44 Tower sshd[33625]: Disconnected from invalid user robert 59.25.197.138 port 34924 [preauth]	2019-12-12 20:17:24
34.70.249.37	attackspam	Wordpress attack	2019-12-12 20:30:56
137.74.173.182	attackbots	Dec 12 07:11:13 sshgateway sshd\[478\]: Invalid user guest from 137.74.173.182 Dec 12 07:11:13 sshgateway sshd\[478\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=aula.madridemprende.es Dec 12 07:11:14 sshgateway sshd\[478\]: Failed password for invalid user guest from 137.74.173.182 port 53836 ssh2	2019-12-12 20:36:14
51.75.160.215	attack	Dec 11 23:07:46 sachi sshd\[31720\]: Invalid user ayscue from 51.75.160.215 Dec 11 23:07:46 sachi sshd\[31720\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=215.ip-51-75-160.eu Dec 11 23:07:47 sachi sshd\[31720\]: Failed password for invalid user ayscue from 51.75.160.215 port 60588 ssh2 Dec 11 23:12:56 sachi sshd\[32382\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=215.ip-51-75-160.eu user=root Dec 11 23:12:59 sachi sshd\[32382\]: Failed password for root from 51.75.160.215 port 40290 ssh2	2019-12-12 20:47:48
103.231.32.79	attackbotsspam	1576135076 - 12/12/2019 08:17:56 Host: 103.231.32.79/103.231.32.79 Port: 445 TCP Blocked	2019-12-12 20:29:33
106.13.82.49	attackbotsspam	Dec 12 08:36:06 localhost sshd\[19850\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.49 user=root Dec 12 08:36:08 localhost sshd\[19850\]: Failed password for root from 106.13.82.49 port 37692 ssh2 Dec 12 08:42:03 localhost sshd\[20487\]: Invalid user mtl from 106.13.82.49 port 35606 Dec 12 08:42:03 localhost sshd\[20487\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.49	2019-12-12 20:25:54

Recently Reported IPs

104.18.5.39	104.18.5.54	104.18.5.55	28.172.146.15
104.18.5.67	104.18.5.72	104.18.5.89	56.245.237.141
104.18.5.96	104.18.5.99	104.18.6.103	104.18.6.105
104.18.6.108	104.18.6.110	104.18.6.118	104.18.6.129
104.18.6.143	104.18.6.144	104.18.6.146	104.18.6.160