104.18.5.80 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.18.50.120	attack	*** Phishing website that camouflaged Amazon.com. (redirect from) https://subscriber.jglboots.com/ domain: subscriber.jglboots.com IP v6 address: 2606:4700:3037::6812:3378 / 2606:4700:3033::6812:3278 IP v4 address: 104.18.50.120 / 104.18.51.120 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com (redirect to) https://counts-pontis-name-flare-and-safty.telemagico.com/ domain: counts-pontis-name-flare-and-safty.telemagico.com IP v6 address: 2606:4700:3030::6818:62f1 / 2606:4700:3033::6818:63f1 IP v4 address: 104.24.99.241 / 104.24.98.241 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com	2020-05-04 03:15:46
104.18.54.70	spam	Used undred times per day for SPAM, PHISHING, SCAM and SEXE on STOLLEN list we don't know where without our agreement, as usual with LIERS and ROBERS ! Especially by namecheap.com with creatensend.com ? https://www.mywot.com/scorecard/creatensend.com https://www.mywot.com/scorecard/namecheap.com Or uniregistry.com with casinovips.com ? https://www.mywot.com/scorecard/casinovips.com https://www.mywot.com/scorecard/uniregistry.com And the same few hours before... By GoDaddy.com, une autre SOUS MERDE adepte d'ESCROCS commebonusmasters.com... https://www.mywot.com/scorecard/bonusmasters.com https://www.mywot.com/scorecard/godaddy.com	2020-02-20 05:28:25
104.18.53.191	attack	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 20:34:01
104.18.52.191	attackspambots	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 18:36:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.5.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61103
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.5.80.			IN	A

;; AUTHORITY SECTION:
.			141	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021700 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 01:54:33 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 80.5.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.5.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.81.67.63	attackbotsspam	port scan and connect, tcp 23 (telnet)	2020-08-12 18:12:43
113.110.228.73	attackspambots	Aug 12 05:32:38 dev0-dcde-rnet sshd[7992]: Failed password for root from 113.110.228.73 port 2451 ssh2 Aug 12 05:44:55 dev0-dcde-rnet sshd[8176]: Failed password for root from 113.110.228.73 port 2452 ssh2	2020-08-12 17:13:05
186.206.131.61	attackbotsspam	Aug 9 20:24:50 host sshd[29627]: reveeclipse mapping checking getaddrinfo for bace833d.virtua.com.br [186.206.131.61] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 9 20:24:50 host sshd[29627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.206.131.61 user=r.r Aug 9 20:24:52 host sshd[29627]: Failed password for r.r from 186.206.131.61 port 35119 ssh2 Aug 9 20:24:53 host sshd[29627]: Received disconnect from 186.206.131.61: 11: Bye Bye [preauth] Aug 9 20:32:13 host sshd[22138]: reveeclipse mapping checking getaddrinfo for bace833d.virtua.com.br [186.206.131.61] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 9 20:32:13 host sshd[22138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.206.131.61 user=r.r Aug 9 20:32:15 host sshd[22138]: Failed password for r.r from 186.206.131.61 port 42573 ssh2 Aug 9 20:32:15 host sshd[22138]: Received disconnect from 186.206.131.61: 11: Bye Bye [preauth........ -------------------------------	2020-08-12 18:41:36
113.190.122.63	attackbotsspam	Icarus honeypot on github	2020-08-12 18:38:53
162.253.129.77	attackbotsspam	(From aimee.strange@yahoo.com) Stem cell therapy has proven itself to be one of the most effective treatments for Parkinson's Disease. IMC is the leader in stem cell therapies in Mexico. For more information on how we can treat Parkinson's Disease please visit: https://bit.ly/parkinson-integramedicalcenter	2020-08-12 18:32:52
178.62.0.215	attack	Aug 12 07:21:31 django-0 sshd[31700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.0.215 user=root Aug 12 07:21:33 django-0 sshd[31700]: Failed password for root from 178.62.0.215 port 38476 ssh2 ...	2020-08-12 17:11:32
106.124.140.36	attack	Aug 12 12:03:21 webhost01 sshd[13753]: Failed password for root from 106.124.140.36 port 43081 ssh2 ...	2020-08-12 18:39:22
129.28.173.105	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-12T06:44:07Z and 2020-08-12T06:50:23Z	2020-08-12 17:39:10
49.176.242.163	attackbots	SmallBizIT.US 1 packets to tcp(23)	2020-08-12 18:32:31
112.85.42.172	attackbots	Aug 12 12:06:50 vps639187 sshd\[32275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.172 user=root Aug 12 12:06:52 vps639187 sshd\[32275\]: Failed password for root from 112.85.42.172 port 11356 ssh2 Aug 12 12:06:55 vps639187 sshd\[32275\]: Failed password for root from 112.85.42.172 port 11356 ssh2 ...	2020-08-12 18:38:06
128.14.230.200	attack	Aug 12 08:14:33 hidden sshd[26393]: Failed password for hidden from 128.14.230.200 port 53514 ssh2 Aug 12 08:19:12 hidden sshd[26465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.14.230.200 user=root Aug 12 08:19:15 hidden sshd[26465]: Failed password for hidden from 128.14.230.200 port 36338 ssh2 Aug 12 08:23:54 hidden sshd[32978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.14.230.200 user=root Aug 12 08:23:56 hidden sshd[32978]: Failed password for hidden from 128.14.230.200 port 47394 ssh2	2020-08-12 18:04:55
115.84.99.25	attackspambots	Unauthorized IMAP connection attempt	2020-08-12 17:06:17
116.103.107.20	attack	2020-08-11 22:36:51.327024-0500 localhost smtpd[4103]: NOQUEUE: reject: RCPT from unknown[116.103.107.20]: 554 5.7.1 Service unavailable; Client host [116.103.107.20] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/116.103.107.20; from= to= proto=ESMTP helo=<[116.103.107.20]>	2020-08-12 18:08:00
188.128.39.113	attackbots	Aug 12 00:16:09 pixelmemory sshd[1112703]: Failed password for root from 188.128.39.113 port 32862 ssh2 Aug 12 00:20:09 pixelmemory sshd[1127616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.128.39.113 user=root Aug 12 00:20:10 pixelmemory sshd[1127616]: Failed password for root from 188.128.39.113 port 41470 ssh2 Aug 12 00:24:21 pixelmemory sshd[1143635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.128.39.113 user=root Aug 12 00:24:23 pixelmemory sshd[1143635]: Failed password for root from 188.128.39.113 port 50082 ssh2 ...	2020-08-12 17:14:08
180.76.114.141	attackspam	Aug 12 08:41:23 rush sshd[30578]: Failed password for root from 180.76.114.141 port 36940 ssh2 Aug 12 08:43:09 rush sshd[30618]: Failed password for root from 180.76.114.141 port 56168 ssh2 ...	2020-08-12 17:05:15

Recently Reported IPs

104.18.5.85	104.18.5.83	104.18.6.107	104.18.6.112
104.18.5.92	104.18.6.106	104.18.6.119	104.18.6.116
104.21.65.58	104.18.6.12	104.18.6.150	6.189.167.230
104.18.6.167	104.18.6.170	104.18.6.156	104.18.6.19
104.18.6.184	104.18.6.179	104.18.6.194	104.18.6.195