104.18.5.41 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.18.50.120	attack	*** Phishing website that camouflaged Amazon.com. (redirect from) https://subscriber.jglboots.com/ domain: subscriber.jglboots.com IP v6 address: 2606:4700:3037::6812:3378 / 2606:4700:3033::6812:3278 IP v4 address: 104.18.50.120 / 104.18.51.120 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com (redirect to) https://counts-pontis-name-flare-and-safty.telemagico.com/ domain: counts-pontis-name-flare-and-safty.telemagico.com IP v6 address: 2606:4700:3030::6818:62f1 / 2606:4700:3033::6818:63f1 IP v4 address: 104.24.99.241 / 104.24.98.241 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com	2020-05-04 03:15:46
104.18.54.70	spam	Used undred times per day for SPAM, PHISHING, SCAM and SEXE on STOLLEN list we don't know where without our agreement, as usual with LIERS and ROBERS ! Especially by namecheap.com with creatensend.com ? https://www.mywot.com/scorecard/creatensend.com https://www.mywot.com/scorecard/namecheap.com Or uniregistry.com with casinovips.com ? https://www.mywot.com/scorecard/casinovips.com https://www.mywot.com/scorecard/uniregistry.com And the same few hours before... By GoDaddy.com, une autre SOUS MERDE adepte d'ESCROCS commebonusmasters.com... https://www.mywot.com/scorecard/bonusmasters.com https://www.mywot.com/scorecard/godaddy.com	2020-02-20 05:28:25
104.18.53.191	attack	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 20:34:01
104.18.52.191	attackspambots	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 18:36:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.5.41
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11238
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.5.41.			IN	A

;; AUTHORITY SECTION:
.			235	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031602 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 17 05:01:19 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 41.5.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 41.5.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.42.175.200	attack	Mar 6 23:55:26 srv-ubuntu-dev3 sshd[17778]: Invalid user user from 119.42.175.200 Mar 6 23:55:26 srv-ubuntu-dev3 sshd[17778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.42.175.200 Mar 6 23:55:26 srv-ubuntu-dev3 sshd[17778]: Invalid user user from 119.42.175.200 Mar 6 23:55:28 srv-ubuntu-dev3 sshd[17778]: Failed password for invalid user user from 119.42.175.200 port 59710 ssh2 Mar 6 23:59:24 srv-ubuntu-dev3 sshd[18382]: Invalid user bing from 119.42.175.200 Mar 6 23:59:24 srv-ubuntu-dev3 sshd[18382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.42.175.200 Mar 6 23:59:24 srv-ubuntu-dev3 sshd[18382]: Invalid user bing from 119.42.175.200 Mar 6 23:59:26 srv-ubuntu-dev3 sshd[18382]: Failed password for invalid user bing from 119.42.175.200 port 57352 ssh2 Mar 7 00:03:13 srv-ubuntu-dev3 sshd[19196]: Invalid user oracle from 119.42.175.200 ...	2020-03-07 07:16:59
54.37.157.88	attackbotsspam	Mar 7 00:27:33 sshd\[9204\]: Invalid user gordon from 54.37.157.88Mar 7 00:27:35 sshd\[9204\]: Failed password for invalid user gordon from 54.37.157.88 port 37160 ssh2 ...	2020-03-07 07:32:31
63.82.48.11	attackbots	Mar 6 21:45:56 web01 postfix/smtpd[23532]: connect from know.ehfizi.com[63.82.48.11] Mar 6 21:45:56 web01 policyd-spf[23536]: None; identhostnamey=helo; client-ip=63.82.48.11; helo=know.tgptest.com; envelope-from=x@x Mar 6 21:45:56 web01 policyd-spf[23536]: Pass; identhostnamey=mailfrom; client-ip=63.82.48.11; helo=know.tgptest.com; envelope-from=x@x Mar x@x Mar 6 21:45:57 web01 postfix/smtpd[23532]: disconnect from know.ehfizi.com[63.82.48.11] Mar 6 21:46:22 web01 postfix/smtpd[23532]: connect from know.ehfizi.com[63.82.48.11] Mar 6 21:46:22 web01 policyd-spf[23536]: None; identhostnamey=helo; client-ip=63.82.48.11; helo=know.tgptest.com; envelope-from=x@x Mar 6 21:46:22 web01 policyd-spf[23536]: Pass; identhostnamey=mailfrom; client-ip=63.82.48.11; helo=know.tgptest.com; envelope-from=x@x Mar x@x Mar 6 21:46:22 web01 postfix/smtpd[23532]: disconnect from know.ehfizi.com[63.82.48.11] Mar 6 21:46:49 web01 postfix/smtpd[23532]: connect from know.ehfizi.com[63.82........ -------------------------------	2020-03-07 06:59:49
178.171.41.14	attackbots	Chat Spam	2020-03-07 07:26:01
68.183.19.26	attackspambots	Mar 6 13:17:40 hanapaa sshd\[3297\]: Invalid user couch from 68.183.19.26 Mar 6 13:17:40 hanapaa sshd\[3297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.19.26 Mar 6 13:17:42 hanapaa sshd\[3297\]: Failed password for invalid user couch from 68.183.19.26 port 35600 ssh2 Mar 6 13:22:23 hanapaa sshd\[3710\]: Invalid user msagent from 68.183.19.26 Mar 6 13:22:23 hanapaa sshd\[3710\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.19.26	2020-03-07 07:34:05
188.166.42.50	attackbotsspam	Mar 6 23:24:00 relay postfix/smtpd\[8024\]: warning: unknown\[188.166.42.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 6 23:24:40 relay postfix/smtpd\[4662\]: warning: unknown\[188.166.42.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 6 23:33:45 relay postfix/smtpd\[4662\]: warning: unknown\[188.166.42.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 6 23:33:45 relay postfix/smtpd\[11013\]: warning: unknown\[188.166.42.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 6 23:34:41 relay postfix/smtpd\[11013\]: warning: unknown\[188.166.42.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-03-07 06:57:54
94.102.56.181	attackbots	Mar 7 00:00:46 debian-2gb-nbg1-2 kernel: \[5794809.356187\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.56.181 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=29904 PROTO=TCP SPT=52758 DPT=33892 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-07 07:06:18
115.85.213.217	attack	Mar 6 22:54:15 web01.agentur-b-2.de postfix/smtpd[745277]: warning: unknown[115.85.213.217]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 6 22:54:22 web01.agentur-b-2.de postfix/smtpd[745794]: warning: unknown[115.85.213.217]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 6 22:54:34 web01.agentur-b-2.de postfix/smtpd[745277]: warning: unknown[115.85.213.217]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-03-07 06:59:07
134.175.89.186	attackspambots	fail2ban	2020-03-07 06:54:39
51.255.101.8	attackbotsspam	WordPress wp-login brute force :: 51.255.101.8 0.092 - [06/Mar/2020:22:05:30 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-03-07 06:55:01
221.176.134.36	attack	Brute force attempt	2020-03-07 07:24:10
49.236.203.163	attackbots	Mar 6 12:45:10 web1 sshd\[32047\]: Invalid user ttest from 49.236.203.163 Mar 6 12:45:10 web1 sshd\[32047\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.236.203.163 Mar 6 12:45:12 web1 sshd\[32047\]: Failed password for invalid user ttest from 49.236.203.163 port 38204 ssh2 Mar 6 12:51:06 web1 sshd\[32600\]: Invalid user guest from 49.236.203.163 Mar 6 12:51:06 web1 sshd\[32600\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.236.203.163	2020-03-07 07:15:33
117.7.64.221	attack	1583532298 - 03/06/2020 23:04:58 Host: 117.7.64.221/117.7.64.221 Port: 445 TCP Blocked	2020-03-07 07:28:04
221.163.8.108	attack	Mar 6 17:49:46 NPSTNNYC01T sshd[30162]: Failed password for root from 221.163.8.108 port 54378 ssh2 Mar 6 17:56:05 NPSTNNYC01T sshd[31732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.163.8.108 Mar 6 17:56:07 NPSTNNYC01T sshd[31732]: Failed password for invalid user test from 221.163.8.108 port 48278 ssh2 ...	2020-03-07 07:08:58
84.204.94.22	attackspam	Mar 6 23:40:09 mout sshd[1625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.204.94.22 user=root Mar 6 23:40:11 mout sshd[1625]: Failed password for root from 84.204.94.22 port 48106 ssh2	2020-03-07 07:29:26

Recently Reported IPs

28.119.25.213	104.18.5.82	104.18.6.181	104.18.6.202
104.18.6.7	104.18.6.80	104.18.65.34	104.18.7.181
104.18.7.202	104.18.7.7	104.18.7.80	104.18.84.26
104.18.85.26	104.18.88.19	104.18.89.19	104.18.91.74
104.18.96.49	104.18.98.57	104.18.99.57	104.183.80.187