104.18.5.52 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.18.50.120	attack	*** Phishing website that camouflaged Amazon.com. (redirect from) https://subscriber.jglboots.com/ domain: subscriber.jglboots.com IP v6 address: 2606:4700:3037::6812:3378 / 2606:4700:3033::6812:3278 IP v4 address: 104.18.50.120 / 104.18.51.120 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com (redirect to) https://counts-pontis-name-flare-and-safty.telemagico.com/ domain: counts-pontis-name-flare-and-safty.telemagico.com IP v6 address: 2606:4700:3030::6818:62f1 / 2606:4700:3033::6818:63f1 IP v4 address: 104.24.99.241 / 104.24.98.241 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com	2020-05-04 03:15:46
104.18.54.70	spam	Used undred times per day for SPAM, PHISHING, SCAM and SEXE on STOLLEN list we don't know where without our agreement, as usual with LIERS and ROBERS ! Especially by namecheap.com with creatensend.com ? https://www.mywot.com/scorecard/creatensend.com https://www.mywot.com/scorecard/namecheap.com Or uniregistry.com with casinovips.com ? https://www.mywot.com/scorecard/casinovips.com https://www.mywot.com/scorecard/uniregistry.com And the same few hours before... By GoDaddy.com, une autre SOUS MERDE adepte d'ESCROCS commebonusmasters.com... https://www.mywot.com/scorecard/bonusmasters.com https://www.mywot.com/scorecard/godaddy.com	2020-02-20 05:28:25
104.18.53.191	attack	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 20:34:01
104.18.52.191	attackspambots	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 18:36:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.5.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27385
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.5.52.			IN	A

;; AUTHORITY SECTION:
.			450	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021602 1800 900 604800 86400

;; Query time: 164 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 17 05:51:30 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 52.5.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.5.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.59.43.63	attack	Jun 25 20:39:30 electroncash sshd[9841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.43.63 user=root Jun 25 20:39:32 electroncash sshd[9841]: Failed password for root from 37.59.43.63 port 53178 ssh2 Jun 25 20:42:35 electroncash sshd[10648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.43.63 user=root Jun 25 20:42:36 electroncash sshd[10648]: Failed password for root from 37.59.43.63 port 53576 ssh2 Jun 25 20:45:32 electroncash sshd[11456]: Invalid user pdp from 37.59.43.63 port 53974 ...	2020-06-26 02:53:33
185.166.153.98	attack	lot of request like this : [2020-06-25 18:01:58] NOTICE[1094]: chan_sip.c:29029 handle_request_register: Registration from '"101" ' failed for '185.166.153.98:6144' - Wrong password [2020-06-25 18:01:58] NOTICE[1094]: chan_sip.c:29029 handle_request_register: Registration from '"101" ' failed for '185.166.153.98:6144' - Wrong password	2020-06-26 02:31:04
200.152.107.102	attack	Jun 25 16:56:55 host postfix/smtps/smtpd\[10160\]: warning: mlsrj200152107p102.static.mls.com.br\[200.152.107.102\]: SASL PLAIN authentication failed:	2020-06-26 02:19:40
120.79.17.144	attackbotsspam	120.79.17.144 - - [25/Jun/2020:14:56:29 +0200] "GET /wp-login.php HTTP/1.1" 200 6398 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 120.79.17.144 - - [25/Jun/2020:14:56:35 +0200] "POST /wp-login.php HTTP/1.1" 200 6649 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 120.79.17.144 - - [25/Jun/2020:14:56:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-26 02:52:22
36.155.115.95	attackbots	Jun 25 15:48:44 srv-ubuntu-dev3 sshd[60123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.115.95 user=root Jun 25 15:48:47 srv-ubuntu-dev3 sshd[60123]: Failed password for root from 36.155.115.95 port 51447 ssh2 Jun 25 15:53:39 srv-ubuntu-dev3 sshd[60909]: Invalid user kenneth from 36.155.115.95 Jun 25 15:53:39 srv-ubuntu-dev3 sshd[60909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.115.95 Jun 25 15:53:39 srv-ubuntu-dev3 sshd[60909]: Invalid user kenneth from 36.155.115.95 Jun 25 15:53:42 srv-ubuntu-dev3 sshd[60909]: Failed password for invalid user kenneth from 36.155.115.95 port 46591 ssh2 Jun 25 15:58:31 srv-ubuntu-dev3 sshd[61731]: Invalid user ftptest from 36.155.115.95 Jun 25 15:58:31 srv-ubuntu-dev3 sshd[61731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.115.95 Jun 25 15:58:31 srv-ubuntu-dev3 sshd[61731]: Invalid user ftptest f ...	2020-06-26 02:36:03
167.99.69.130	attackspam	Invalid user lxd from 167.99.69.130 port 40248	2020-06-26 02:24:17
222.186.42.137	attackspam	Jun 25 20:45:12 host sshd[19614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.137 user=root Jun 25 20:45:15 host sshd[19614]: Failed password for root from 222.186.42.137 port 38274 ssh2 ...	2020-06-26 02:49:57
106.12.110.157	attack	2020-06-25T13:22:43.113215mail.csmailer.org sshd[12557]: Failed password for root from 106.12.110.157 port 17418 ssh2 2020-06-25T13:26:35.024534mail.csmailer.org sshd[13283]: Invalid user xiao from 106.12.110.157 port 63542 2020-06-25T13:26:35.028035mail.csmailer.org sshd[13283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.110.157 2020-06-25T13:26:35.024534mail.csmailer.org sshd[13283]: Invalid user xiao from 106.12.110.157 port 63542 2020-06-25T13:26:37.003805mail.csmailer.org sshd[13283]: Failed password for invalid user xiao from 106.12.110.157 port 63542 ssh2 ...	2020-06-26 02:43:02
187.66.163.1	attackbotsspam	Jun 25 05:11:23 h2065291 sshd[26465]: reveeclipse mapping checking getaddrinfo for bb42a301.virtua.com.br [187.66.163.1] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 25 05:11:23 h2065291 sshd[26465]: Invalid user vnc from 187.66.163.1 Jun 25 05:11:23 h2065291 sshd[26465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.66.163.1 Jun 25 05:11:25 h2065291 sshd[26465]: Failed password for invalid user vnc from 187.66.163.1 port 57815 ssh2 Jun 25 05:11:26 h2065291 sshd[26465]: Received disconnect from 187.66.163.1: 11: Bye Bye [preauth] Jun 25 05:27:51 h2065291 sshd[26854]: reveeclipse mapping checking getaddrinfo for bb42a301.virtua.com.br [187.66.163.1] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 25 05:27:51 h2065291 sshd[26854]: Invalid user eunho from 187.66.163.1 Jun 25 05:27:51 h2065291 sshd[26854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.66.163.1 Jun 25 05:27:53 h2065291 sshd[2685........ -------------------------------	2020-06-26 02:26:23
52.151.73.46	attack	Jun 25 20:18:07 serwer sshd\[19122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.151.73.46 user=root Jun 25 20:18:07 serwer sshd\[19124\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.151.73.46 user=root Jun 25 20:18:09 serwer sshd\[19122\]: Failed password for root from 52.151.73.46 port 16454 ssh2 Jun 25 20:18:09 serwer sshd\[19124\]: Failed password for root from 52.151.73.46 port 16532 ssh2 ...	2020-06-26 02:28:46
218.92.0.216	attack	2020-06-25T13:43:43.394141morrigan.ad5gb.com sshd[2775308]: Failed password for root from 218.92.0.216 port 50543 ssh2 2020-06-25T13:43:46.002806morrigan.ad5gb.com sshd[2775308]: Failed password for root from 218.92.0.216 port 50543 ssh2	2020-06-26 02:52:49
51.140.182.205	attackspam	Jun 25 20:06:39 ns3042688 postfix/smtpd\[6245\]: warning: unknown\[51.140.182.205\]: SASL LOGIN authentication failed: encryption needed to use mechanism Jun 25 20:09:05 ns3042688 postfix/smtpd\[6677\]: warning: unknown\[51.140.182.205\]: SASL LOGIN authentication failed: encryption needed to use mechanism Jun 25 20:11:26 ns3042688 postfix/smtpd\[7086\]: warning: unknown\[51.140.182.205\]: SASL LOGIN authentication failed: encryption needed to use mechanism Jun 25 20:13:51 ns3042688 postfix/smtpd\[7527\]: warning: unknown\[51.140.182.205\]: SASL LOGIN authentication failed: encryption needed to use mechanism Jun 25 20:16:10 ns3042688 postfix/smtpd\[7901\]: warning: unknown\[51.140.182.205\]: SASL LOGIN authentication failed: encryption needed to use mechanism ...	2020-06-26 02:35:39
167.99.180.52	attack	Jun 25 09:11:01 node1 sshd[14790]: Received disconnect from 167.99.180.52: 11: Normal Shutdown, Thank you for playing [preauth] Jun 25 09:11:15 node1 sshd[14840]: Received disconnect from 167.99.180.52: 11: Normal Shutdown, Thank you for playing [preauth] Jun 25 09:11:30 node1 sshd[14850]: Received disconnect from 167.99.180.52: 11: Normal Shutdown, Thank you for playing [preauth] Jun 25 09:11:44 node1 sshd[14876]: Received disconnect from 167.99.180.52: 11: Normal Shutdown, Thank you for playing [preauth] Jun 25 09:11:58 node1 sshd[14888]: Received disconnect from 167.99.180.52: 11: Normal Shutdown, Thank you for playing [preauth] Jun 25 09:12:12 node1 sshd[14940]: Received disconnect from 167.99.180.52: 11: Normal Shutdown, Thank you for playing [preauth] Jun 25 09:12:26 node1 sshd[14957]: Received disconnect from 167.99.180.52: 11: Normal Shutdown, Thank you for playing [preauth] Jun 25 09:12:40 node1 sshd[14973]: Received disconnect from 167.99.180.52: 11: Normal Sh........ -------------------------------	2020-06-26 02:22:40
63.141.231.10	attackbotsspam	20 attempts against mh-misbehave-ban on wood	2020-06-26 02:46:36
114.67.110.240	attack	Jun 25 20:07:32 ns382633 sshd\[12765\]: Invalid user support from 114.67.110.240 port 53207 Jun 25 20:07:32 ns382633 sshd\[12765\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.110.240 Jun 25 20:07:35 ns382633 sshd\[12765\]: Failed password for invalid user support from 114.67.110.240 port 53207 ssh2 Jun 25 20:11:38 ns382633 sshd\[13624\]: Invalid user mc from 114.67.110.240 port 26198 Jun 25 20:11:38 ns382633 sshd\[13624\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.110.240	2020-06-26 02:12:51

Recently Reported IPs

104.18.5.35	104.18.5.56	104.18.5.65	104.18.5.7
206.128.27.49	104.18.5.86	104.18.6.10	104.18.6.109
104.18.6.120	104.18.6.127	104.18.6.130	104.18.6.185
104.18.6.190	104.18.6.208	157.176.41.206	104.18.6.21
104.18.6.210	104.18.6.218	193.89.51.80	104.18.6.219