104.18.5.45 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.18.50.120	attack	*** Phishing website that camouflaged Amazon.com. (redirect from) https://subscriber.jglboots.com/ domain: subscriber.jglboots.com IP v6 address: 2606:4700:3037::6812:3378 / 2606:4700:3033::6812:3278 IP v4 address: 104.18.50.120 / 104.18.51.120 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com (redirect to) https://counts-pontis-name-flare-and-safty.telemagico.com/ domain: counts-pontis-name-flare-and-safty.telemagico.com IP v6 address: 2606:4700:3030::6818:62f1 / 2606:4700:3033::6818:63f1 IP v4 address: 104.24.99.241 / 104.24.98.241 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com	2020-05-04 03:15:46
104.18.54.70	spam	Used undred times per day for SPAM, PHISHING, SCAM and SEXE on STOLLEN list we don't know where without our agreement, as usual with LIERS and ROBERS ! Especially by namecheap.com with creatensend.com ? https://www.mywot.com/scorecard/creatensend.com https://www.mywot.com/scorecard/namecheap.com Or uniregistry.com with casinovips.com ? https://www.mywot.com/scorecard/casinovips.com https://www.mywot.com/scorecard/uniregistry.com And the same few hours before... By GoDaddy.com, une autre SOUS MERDE adepte d'ESCROCS commebonusmasters.com... https://www.mywot.com/scorecard/bonusmasters.com https://www.mywot.com/scorecard/godaddy.com	2020-02-20 05:28:25
104.18.53.191	attack	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 20:34:01
104.18.52.191	attackspambots	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 18:36:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.5.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6670
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.5.45.			IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 124 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 08:25:15 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 45.5.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 45.5.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
54.38.55.136	attackspam	May 25 05:51:07 web9 sshd\[24119\]: Invalid user config from 54.38.55.136 May 25 05:51:07 web9 sshd\[24119\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.55.136 May 25 05:51:09 web9 sshd\[24119\]: Failed password for invalid user config from 54.38.55.136 port 33058 ssh2 May 25 05:52:27 web9 sshd\[24312\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.55.136 user=root May 25 05:52:29 web9 sshd\[24312\]: Failed password for root from 54.38.55.136 port 52772 ssh2	2020-05-26 01:52:42
45.142.195.9	attack	2020-05-25T19:55:20.143583www postfix/smtpd[23964]: warning: unknown[45.142.195.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-05-25T19:55:53.288941www postfix/smtpd[24201]: warning: unknown[45.142.195.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-05-25T19:56:31.241852www postfix/smtpd[23964]: warning: unknown[45.142.195.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-26 01:57:14
36.233.120.95	attack	Automatic report - Port Scan Attack	2020-05-26 01:51:35
103.18.242.69	attack	May 25 13:21:45 mail.srvfarm.net postfix/smtpd[235337]: lost connection after CONNECT from unknown[103.18.242.69] May 25 13:27:24 mail.srvfarm.net postfix/smtps/smtpd[240148]: warning: unknown[103.18.242.69]: SASL PLAIN authentication failed: May 25 13:27:24 mail.srvfarm.net postfix/smtps/smtpd[240148]: lost connection after AUTH from unknown[103.18.242.69] May 25 13:29:32 mail.srvfarm.net postfix/smtps/smtpd[235736]: warning: unknown[103.18.242.69]: SASL PLAIN authentication failed: May 25 13:29:33 mail.srvfarm.net postfix/smtps/smtpd[235736]: lost connection after AUTH from unknown[103.18.242.69]	2020-05-26 02:06:39
45.5.238.183	attack	May 25 13:42:00 mail.srvfarm.net postfix/smtpd[235746]: warning: 45-5-238-183.jerenet.com.br[45.5.238.183]: SASL PLAIN authentication failed: May 25 13:42:01 mail.srvfarm.net postfix/smtpd[235746]: lost connection after AUTH from 45-5-238-183.jerenet.com.br[45.5.238.183] May 25 13:44:46 mail.srvfarm.net postfix/smtps/smtpd[240130]: warning: 45-5-238-183.jerenet.com.br[45.5.238.183]: SASL PLAIN authentication failed: May 25 13:44:47 mail.srvfarm.net postfix/smtps/smtpd[240130]: lost connection after AUTH from 45-5-238-183.jerenet.com.br[45.5.238.183] May 25 13:44:55 mail.srvfarm.net postfix/smtps/smtpd[244218]: warning: 45-5-238-183.jerenet.com.br[45.5.238.183]: SASL PLAIN authentication failed:	2020-05-26 02:13:34
167.71.199.192	attackspam	Failed password for invalid user web from 167.71.199.192 port 39078 ssh2	2020-05-26 02:17:22
177.161.75.110	attackbotsspam	May 25 11:13:14 XXX sshd[19608]: Invalid user ubnt from 177.161.75.110 port 28163	2020-05-26 01:38:12
168.227.56.136	attackbotsspam	May 25 13:17:04 mail.srvfarm.net postfix/smtps/smtpd[221523]: warning: unknown[168.227.56.136]: SASL PLAIN authentication failed: May 25 13:17:04 mail.srvfarm.net postfix/smtps/smtpd[221523]: lost connection after AUTH from unknown[168.227.56.136] May 25 13:23:58 mail.srvfarm.net postfix/smtpd[235709]: warning: unknown[168.227.56.136]: SASL PLAIN authentication failed: May 25 13:23:59 mail.srvfarm.net postfix/smtpd[235709]: lost connection after AUTH from unknown[168.227.56.136] May 25 13:26:28 mail.srvfarm.net postfix/smtps/smtpd[221525]: warning: unknown[168.227.56.136]: SASL PLAIN authentication failed:	2020-05-26 02:04:47
80.90.162.133	attack	May 25 19:43:30 web01.agentur-b-2.de postfix/smtpd[290919]: NOQUEUE: reject: RCPT from mail.tantash.com[80.90.162.133]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= May 25 19:44:37 web01.agentur-b-2.de postfix/smtpd[290919]: lost connection after CONNECT from mail.tantash.com[80.90.162.133] May 25 19:45:50 web01.agentur-b-2.de postfix/smtpd[308784]: lost connection after EHLO from mail.tantash.com[80.90.162.133] May 25 19:47:14 web01.agentur-b-2.de postfix/smtpd[307541]: NOQUEUE: reject: RCPT from mail.tantash.com[80.90.162.133]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= May 25 19:47:14 web01.agentur-b-2.de postfix/smtpd[307541]: lost connection after RCPT from mail.tantash.com[80.90.162.133]	2020-05-26 02:09:06
107.170.249.243	attack	May 25 16:00:43 vps sshd[350103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.249.243 user=root May 25 16:00:45 vps sshd[350103]: Failed password for root from 107.170.249.243 port 47604 ssh2 May 25 16:04:32 vps sshd[366021]: Invalid user ginger from 107.170.249.243 port 53186 May 25 16:04:32 vps sshd[366021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.249.243 May 25 16:04:34 vps sshd[366021]: Failed password for invalid user ginger from 107.170.249.243 port 53186 ssh2 ...	2020-05-26 01:49:16
49.235.151.50	attack	May 25 20:00:52 dhoomketu sshd[185650]: Failed password for invalid user subzero from 49.235.151.50 port 49526 ssh2 May 25 20:05:50 dhoomketu sshd[185739]: Invalid user manager from 49.235.151.50 port 41286 May 25 20:05:50 dhoomketu sshd[185739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.151.50 May 25 20:05:50 dhoomketu sshd[185739]: Invalid user manager from 49.235.151.50 port 41286 May 25 20:05:52 dhoomketu sshd[185739]: Failed password for invalid user manager from 49.235.151.50 port 41286 ssh2 ...	2020-05-26 01:48:50
37.139.20.6	attackbots	May 25 17:28:34 ArkNodeAT sshd\[25799\]: Invalid user victoria from 37.139.20.6 May 25 17:28:34 ArkNodeAT sshd\[25799\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.20.6 May 25 17:28:35 ArkNodeAT sshd\[25799\]: Failed password for invalid user victoria from 37.139.20.6 port 49848 ssh2	2020-05-26 01:47:41
94.102.52.44	attackbotsspam	May 25 19:44:30 ns3042688 courier-pop3d: LOGIN FAILED, user=office@sikla-systems.es, ip=\[::ffff:94.102.52.44\] ...	2020-05-26 02:06:54
200.148.25.132	attackbots	May 25 13:16:27 web01.agentur-b-2.de postfix/smtpd[205774]: NOQUEUE: reject: RCPT from 200-148-25-132.dsl.telesp.net.br[200.148.25.132]: 450 4.7.1 <2rentacar.com>: Helo command rejected: Host not found; from= to= proto=ESMTP helo=<2rentacar.com> May 25 13:16:28 web01.agentur-b-2.de postfix/smtpd[205774]: NOQUEUE: reject: RCPT from 200-148-25-132.dsl.telesp.net.br[200.148.25.132]: 450 4.7.1 <2rentacar.com>: Helo command rejected: Host not found; from= to= proto=ESMTP helo=<2rentacar.com> May 25 13:16:30 web01.agentur-b-2.de postfix/smtpd[205774]: NOQUEUE: reject: RCPT from 200-148-25-132.dsl.telesp.net.br[200.148.25.132]: 450 4.7.1 <2rentacar.com>: Helo command rejected: Host not found; from= to= proto=ESMTP helo=<2rentacar.com> May 25 13:16:36 web01.agentur-b-2.de postfix/smtpd[205774]: NOQUEUE: reject: RCPT from 200-148-25-132.dsl.telesp.net.br[200.148.25.132]: 450 4.7.1 <2rentaca	2020-05-26 01:59:35
85.214.198.36	attack	May 25 15:25:06 XXX sshd[10327]: Invalid user admin from 85.214.198.36 port 45576	2020-05-26 01:42:43

Recently Reported IPs

104.18.6.102	125.212.211.142	104.18.6.224	104.18.6.212
104.18.66.135	104.18.69.135	104.18.66.62	104.18.6.32
104.18.67.135	213.35.156.28	104.18.66.19	104.18.65.62
104.18.68.135	104.18.65.19	104.18.7.102	125.212.216.46
104.18.7.161	104.18.7.224	104.18.70.135	104.18.7.32