104.18.5.80 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.18.50.120	attack	*** Phishing website that camouflaged Amazon.com. (redirect from) https://subscriber.jglboots.com/ domain: subscriber.jglboots.com IP v6 address: 2606:4700:3037::6812:3378 / 2606:4700:3033::6812:3278 IP v4 address: 104.18.50.120 / 104.18.51.120 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com (redirect to) https://counts-pontis-name-flare-and-safty.telemagico.com/ domain: counts-pontis-name-flare-and-safty.telemagico.com IP v6 address: 2606:4700:3030::6818:62f1 / 2606:4700:3033::6818:63f1 IP v4 address: 104.24.99.241 / 104.24.98.241 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com	2020-05-04 03:15:46
104.18.54.70	spam	Used undred times per day for SPAM, PHISHING, SCAM and SEXE on STOLLEN list we don't know where without our agreement, as usual with LIERS and ROBERS ! Especially by namecheap.com with creatensend.com ? https://www.mywot.com/scorecard/creatensend.com https://www.mywot.com/scorecard/namecheap.com Or uniregistry.com with casinovips.com ? https://www.mywot.com/scorecard/casinovips.com https://www.mywot.com/scorecard/uniregistry.com And the same few hours before... By GoDaddy.com, une autre SOUS MERDE adepte d'ESCROCS commebonusmasters.com... https://www.mywot.com/scorecard/bonusmasters.com https://www.mywot.com/scorecard/godaddy.com	2020-02-20 05:28:25
104.18.53.191	attack	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 20:34:01
104.18.52.191	attackspambots	*** Phishing website that camouflaged Google. https://google-chrome.doysstv.com/?index	2020-01-04 18:36:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.5.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61103
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.5.80.			IN	A

;; AUTHORITY SECTION:
.			141	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021700 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 01:54:33 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 80.5.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.5.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.234.218.85	attack	$f2bV_matches	2020-08-03 13:17:13
115.69.223.115	attack	Port probing on unauthorized port 445	2020-08-03 12:49:32
106.13.179.45	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-03 13:11:50
217.182.79.176	attackspam	frenzy	2020-08-03 12:48:49
212.230.159.92	attackspam	Aug 3 03:42:17 UTC__SANYALnet-Labs__cac14 sshd[28189]: Connection from 212.230.159.92 port 59702 on 64.137.176.112 port 22 Aug 3 03:42:18 UTC__SANYALnet-Labs__cac14 sshd[28189]: User r.r from 212.230.159.92 not allowed because not listed in AllowUsers Aug 3 03:42:18 UTC__SANYALnet-Labs__cac14 sshd[28189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.230.159.92 user=r.r Aug 3 03:42:20 UTC__SANYALnet-Labs__cac14 sshd[28189]: Failed password for invalid user r.r from 212.230.159.92 port 59702 ssh2 Aug 3 03:42:20 UTC__SANYALnet-Labs__cac14 sshd[28189]: Received disconnect from 212.230.159.92: 11: Bye Bye [preauth] Aug 3 03:51:10 UTC__SANYALnet-Labs__cac14 sshd[28422]: Connection from 212.230.159.92 port 39968 on 64.137.176.112 port 22 Aug 3 03:51:11 UTC__SANYALnet-Labs__cac14 sshd[28422]: User r.r from 212.230.159.92 not allowed because not listed in AllowUsers Aug 3 03:51:11 UTC__SANYALnet-Labs__cac14 sshd[28422]: pam........ -------------------------------	2020-08-03 13:07:35
192.99.34.142	attackbotsspam	DIS,DEF GET /wp-login.php	2020-08-03 13:43:38
208.68.39.124	attackspam	4834/tcp 9825/tcp 9790/tcp... [2020-06-02/08-02]88pkt,32pt.(tcp)	2020-08-03 13:15:46
14.252.204.234	attackspam	1596426999 - 08/03/2020 05:56:39 Host: 14.252.204.234/14.252.204.234 Port: 445 TCP Blocked	2020-08-03 13:16:33
154.28.188.38	attacknormal	Tried to hack into NAS admin account	2020-08-03 13:29:39
106.13.188.35	attackspambots	Aug 3 04:39:24 rush sshd[22990]: Failed password for root from 106.13.188.35 port 35594 ssh2 Aug 3 04:41:55 rush sshd[23100]: Failed password for root from 106.13.188.35 port 60398 ssh2 ...	2020-08-03 13:09:18
190.12.66.27	attack	Aug 2 23:45:21 mx sshd[28508]: Failed password for root from 190.12.66.27 port 59872 ssh2	2020-08-03 12:57:40
106.75.67.48	attackspambots	Aug 3 05:50:19 abendstille sshd\[26616\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.67.48 user=root Aug 3 05:50:21 abendstille sshd\[26616\]: Failed password for root from 106.75.67.48 port 34210 ssh2 Aug 3 05:53:34 abendstille sshd\[30097\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.67.48 user=root Aug 3 05:53:36 abendstille sshd\[30097\]: Failed password for root from 106.75.67.48 port 55692 ssh2 Aug 3 05:56:46 abendstille sshd\[694\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.67.48 user=root ...	2020-08-03 13:09:51
185.176.27.34	attackbots	Port scan on 27 port(s): 26680 26681 26682 26790 26890 26891 26998 26999 27000 27280 27281 27282 27483 27484 27485 27592 27593 27687 27795 27796 27797 27998 27999 28000 28280 28281 28282	2020-08-03 13:03:12
159.89.88.119	attackbots	Aug 3 06:44:52 piServer sshd[26300]: Failed password for root from 159.89.88.119 port 56572 ssh2 Aug 3 06:47:52 piServer sshd[26644]: Failed password for root from 159.89.88.119 port 49250 ssh2 ...	2020-08-03 13:07:55
40.72.97.22	attack	Aug 3 06:43:49 ns37 sshd[12252]: Failed password for root from 40.72.97.22 port 42888 ssh2 Aug 3 06:43:49 ns37 sshd[12252]: Failed password for root from 40.72.97.22 port 42888 ssh2	2020-08-03 13:02:18

Recently Reported IPs

104.18.5.85	104.18.5.83	104.18.6.107	104.18.6.112
104.18.5.92	104.18.6.106	104.18.6.119	104.18.6.116
104.21.65.58	104.18.6.12	104.18.6.150	6.189.167.230
104.18.6.167	104.18.6.170	104.18.6.156	104.18.6.19
104.18.6.184	104.18.6.179	104.18.6.194	104.18.6.195