104.18.5.64 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.18.50.120	attack	*** Phishing website that camouflaged Amazon.com. (redirect from) https://subscriber.jglboots.com/ domain: subscriber.jglboots.com IP v6 address: 2606:4700:3037::6812:3378 / 2606:4700:3033::6812:3278 IP v4 address: 104.18.50.120 / 104.18.51.120 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com (redirect to) https://counts-pontis-name-flare-and-safty.telemagico.com/ domain: counts-pontis-name-flare-and-safty.telemagico.com IP v6 address: 2606:4700:3030::6818:62f1 / 2606:4700:3033::6818:63f1 IP v4 address: 104.24.99.241 / 104.24.98.241 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com	2020-05-04 03:15:46
104.18.54.70	spam	Used undred times per day for SPAM, PHISHING, SCAM and SEXE on STOLLEN list we don't know where without our agreement, as usual with LIERS and ROBERS ! Especially by namecheap.com with creatensend.com ? https://www.mywot.com/scorecard/creatensend.com https://www.mywot.com/scorecard/namecheap.com Or uniregistry.com with casinovips.com ? https://www.mywot.com/scorecard/casinovips.com https://www.mywot.com/scorecard/uniregistry.com And the same few hours before... By GoDaddy.com, une autre SOUS MERDE adepte d'ESCROCS commebonusmasters.com... https://www.mywot.com/scorecard/bonusmasters.com https://www.mywot.com/scorecard/godaddy.com	2020-02-20 05:28:25
104.18.53.191	attack	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 20:34:01
104.18.52.191	attackspambots	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 18:36:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.5.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23135
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.5.64.			IN	A

;; AUTHORITY SECTION:
.			271	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022000 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 20 18:11:55 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 64.5.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 64.5.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.213.49.176	attack	Repeated RDP login failures. Last user: Administrator	2020-05-29 16:59:40
171.249.33.143	attackspambots	firewall-block, port(s): 88/tcp	2020-05-29 17:37:23
37.138.247.113	attackbots	Automatic report - Port Scan Attack	2020-05-29 17:29:19
14.126.29.214	attackspam	2020-05-29T05:50:43.958975 X postfix/smtpd[583267]: NOQUEUE: reject: RCPT from unknown[14.126.29.214]: 554 5.7.1 Service unavailable; Client host [14.126.29.214] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/14.126.29.214; from= to= proto=SMTP helo=	2020-05-29 17:11:20
185.176.27.42	attackspam	May 29 11:02:38 debian-2gb-nbg1-2 kernel: \[13001744.183915\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=48733 PROTO=TCP SPT=45548 DPT=8668 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-29 17:34:27
187.84.146.190	attack	Spam detected 2020.05.29 05:51:07 blocked until 2020.07.17 22:53:07	2020-05-29 16:54:32
203.135.20.36	attackbots	May 29 11:23:40 sshd\[27410\]: User root from 203.135.20.36 not allowed because not listed in AllowUsersMay 29 11:23:42 sshd\[27410\]: Failed password for invalid user root from 203.135.20.36 port 43962 ssh2 ...	2020-05-29 17:38:48
51.68.190.223	attack	May 29 08:49:46 ns382633 sshd\[7677\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.190.223 user=root May 29 08:49:48 ns382633 sshd\[7677\]: Failed password for root from 51.68.190.223 port 40652 ssh2 May 29 08:57:05 ns382633 sshd\[9323\]: Invalid user feered from 51.68.190.223 port 55636 May 29 08:57:05 ns382633 sshd\[9323\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.190.223 May 29 08:57:08 ns382633 sshd\[9323\]: Failed password for invalid user feered from 51.68.190.223 port 55636 ssh2	2020-05-29 17:10:12
117.242.174.177	attack	port 23	2020-05-29 17:25:30
180.166.192.66	attackspam	Invalid user brollins from 180.166.192.66 port 54944	2020-05-29 17:24:32
182.61.130.51	attackspam	Invalid user maruszewski from 182.61.130.51 port 33284	2020-05-29 17:19:13
78.46.123.108	attackbotsspam	TCP Flag(s): PSH SYN TCP Xmas Tree dropped	2020-05-29 17:04:57
178.62.113.55	attack	TCP ports : 4379 / 6223 / 7024 / 10171 / 11187 / 13324 / 13683 / 14158 / 29447 / 30774	2020-05-29 17:16:27
106.58.220.87	attackbots	(pop3d) Failed POP3 login from 106.58.220.87 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: May 29 12:40:53 ir1 dovecot[2885757]: pop3-login: Aborted login (auth failed, 1 attempts in 3 secs): user=, method=PLAIN, rip=106.58.220.87, lip=5.63.12.44, session=<77q++8Sma+NqOtxX>	2020-05-29 17:22:32
187.188.150.200	attackspam	(imapd) Failed IMAP login from 187.188.150.200 (MX/Mexico/fixed-187-188-150-200.totalplay.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: May 29 08:20:36 ir1 dovecot[2885757]: imap-login: Disconnected (auth failed, 1 attempts in 11 secs): user=, method=PLAIN, rip=187.188.150.200, lip=5.63.12.44, session=	2020-05-29 17:15:18

Recently Reported IPs

104.18.5.63	104.18.5.88	104.18.5.95	104.18.5.97
104.18.59.63	104.18.6.101	104.18.6.128	104.18.6.137
104.18.6.14	104.18.6.140	104.18.6.148	104.18.6.168
104.18.6.169	104.18.6.172	104.18.6.177	104.18.6.178
104.18.6.18	104.18.6.187	104.18.6.198	104.18.6.199