104.18.7.40 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.18.7.4	attackspam	[DoS Attack: SYN/ACK Scan] from source: 104.18.7.4, port 443, Friday, July 31, 2020 22:27:58	2020-08-01 06:05:57
104.18.70.149	attack	"MarketingPromoSystems, 8 The Green Suite #5828 Dover DE" 185.230.46.95 - phishing redirect www1.innovationaltech.xyz	2020-05-24 22:42:26
104.18.71.149	attack	"MarketingPromoSystems, 8 The Green Suite #5828 Dover DE" 185.230.46.95 - phishing redirect www1.innovationaltech.xyz	2020-05-24 22:11:41
104.18.72.149	attackspam	"MarketingPromoSystems, 8 The Green Suite #5828 Dover DE" 185.230.46.95 - phishing redirect www1.innovationaltech.xyz	2020-05-24 21:44:55
104.18.70.28	spam	AGAIN and AGAIN and ALWAYS the same REGISTRAR as 1api.net TO STOP IMMEDIATELY for keeping SPAMMERS, LIERS, ROBERS and else since too many years ! The cheapest service, as usual... Dossier transmis aux autorités Européennes et Françaises pour CONDAMNATION à 750 € par POURRIEL émis les SOUS MERDES, OK ? From: Joka Date: Wed, 18 Mar 2020 16:46:18 +0000 Subject: LE CASINO JOKA. =?utf-8?b?T8OZ?= LES FORTUNES SE PROFILENT Message-Id: <4WMA.BA1D.F33KVOH670.20200318164618859@bestoffer-today.com> live@bestoffer-today.com which send to « https://bestoffer-today.com/4WMA-BA1D-F33KVOH670/uauto.aspx » to BURN / CLOSE / DELETTE / STOP IMMEDIATELY for SPAM, PHISHING and SCAM on STOLLEN List ! ! ! bestoffer-today.com => 1api.net bestoffer-today.com => 104.16.209.86 104.16.209.86 => cloudflare.com AS USUAL... 1api.net => 84.200.110.124 84.200.110.124 => accelerated.de live@bestoffer-today.com => 94.143.106.199 94.143.106.199 => dotmailer.com dotmailer.com => 104.18.70.28 104.18.70.28 => cloudflare.com AS USUAL... dotmailer.com send to dotdigital.com dotdigital.com => 104.19.144.113 104.19.144.113 => cloudflare.com https://www.mywot.com/scorecard/dotmailer.com https://www.mywot.com/scorecard/dotdigital.com https://www.mywot.com/scorecard/bestoffer-today.com https://www.mywot.com/scorecard/1api.net AS USUAL... https://en.asytech.cn/check-ip/104.16.209.86 https://en.asytech.cn/check-ip/84.200.110.124 https://en.asytech.cn/check-ip/94.143.106.199 https://en.asytech.cn/check-ip/104.18.70.28 https://en.asytech.cn/check-ip/104.19.144.113	2020-03-19 05:04:23
104.18.70.106	attack	siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:48 +0100\] "GET /robots.txt HTTP/1.1" 200 4578 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:49 +0100\] "GET /galerie/villa-bunterkund.html HTTP/1.1" 200 10713 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:55 +0100\] "GET / HTTP/1.1" 200 9534 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" ...	2019-10-27 17:27:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.7.40
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50932
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.7.40.			IN	A

;; AUTHORITY SECTION:
.			376	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022000 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 20 19:23:26 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 40.7.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 40.7.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.235.69.80	attack	Aug 12 14:30:33 Ubuntu-1404-trusty-64-minimal sshd\[6829\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.69.80 user=root Aug 12 14:30:34 Ubuntu-1404-trusty-64-minimal sshd\[6829\]: Failed password for root from 49.235.69.80 port 50990 ssh2 Aug 12 14:41:34 Ubuntu-1404-trusty-64-minimal sshd\[16308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.69.80 user=root Aug 12 14:41:36 Ubuntu-1404-trusty-64-minimal sshd\[16308\]: Failed password for root from 49.235.69.80 port 38664 ssh2 Aug 12 14:43:06 Ubuntu-1404-trusty-64-minimal sshd\[17077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.69.80 user=root	2020-08-12 21:48:12
159.203.219.38	attack	Aug 12 14:40:16 pve1 sshd[11869]: Failed password for root from 159.203.219.38 port 58215 ssh2 ...	2020-08-12 21:11:32
113.108.88.78	attackspam	Aug 12 13:56:02 rocket sshd[21311]: Failed password for root from 113.108.88.78 port 33757 ssh2 Aug 12 13:58:36 rocket sshd[21559]: Failed password for root from 113.108.88.78 port 42181 ssh2 ...	2020-08-12 21:43:55
157.245.106.153	attackbots	157.245.106.153 - - [12/Aug/2020:14:21:44 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.106.153 - - [12/Aug/2020:14:47:55 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-12 21:10:35
118.69.173.199	attackbotsspam	118.69.173.199 - - [12/Aug/2020:13:27:27 +0100] "POST /wp-login.php HTTP/1.1" 200 1807 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 118.69.173.199 - - [12/Aug/2020:13:27:28 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 118.69.173.199 - - [12/Aug/2020:13:43:28 +0100] "POST /wp-login.php HTTP/1.1" 200 2327 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-12 21:23:48
42.118.100.2	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-08-12 21:36:22
134.122.96.20	attack	Aug 12 12:39:22 jumpserver sshd[122990]: Failed password for root from 134.122.96.20 port 53842 ssh2 Aug 12 12:43:09 jumpserver sshd[123027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.96.20 user=root Aug 12 12:43:11 jumpserver sshd[123027]: Failed password for root from 134.122.96.20 port 36288 ssh2 ...	2020-08-12 21:43:02
156.96.56.226	attackspam	Brute forcing email accounts	2020-08-12 21:45:00
2a02:560:10:6::75	attackspambots	[12-Aug-2020 14:43:06 +0200]: IMAP Error: Login failed for florian@ruhnke.cloud against imap.ruhnke.cloud from 2a02:560:10:6::75(X-Real-IP: 2a02:560:10:6::75,X-Forwarded-For: 2a02:560:10:6::75). Empty startup greeting (imap.ruhnke.cloud:143) in /usr/local/www/roundcube/program/lib/Roundcube/rcube_imap.php on line 200 (POST /?_task=mail&_action=refresh)	2020-08-12 21:46:26
61.185.114.130	attackspam	Aug 12 14:55:40 melroy-server sshd[7606]: Failed password for root from 61.185.114.130 port 39618 ssh2 ...	2020-08-12 21:12:57
159.89.194.160	attackbotsspam	Aug 12 12:38:26 jumpserver sshd[122980]: Failed password for root from 159.89.194.160 port 38668 ssh2 Aug 12 12:43:03 jumpserver sshd[123016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.194.160 user=root Aug 12 12:43:05 jumpserver sshd[123016]: Failed password for root from 159.89.194.160 port 49892 ssh2 ...	2020-08-12 21:49:29
23.95.32.138	attack	" "	2020-08-12 21:34:54
222.186.180.41	attack	Aug 12 14:18:02 rocket sshd[24418]: Failed password for root from 222.186.180.41 port 50530 ssh2 Aug 12 14:18:28 rocket sshd[24463]: Failed password for root from 222.186.180.41 port 9880 ssh2 ...	2020-08-12 21:24:17
219.137.66.228	attackspambots	Aug 11 06:21:42 mail sshd[26412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.137.66.228 user=r.r Aug 11 06:21:44 mail sshd[26412]: Failed password for r.r from 219.137.66.228 port 54746 ssh2 Aug 11 06:21:44 mail sshd[26412]: Received disconnect from 219.137.66.228 port 54746:11: Bye Bye [preauth] Aug 11 06:21:44 mail sshd[26412]: Disconnected from 219.137.66.228 port 54746 [preauth] Aug 11 06:32:40 mail sshd[26623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.137.66.228 user=r.r Aug 11 06:32:42 mail sshd[26623]: Failed password for r.r from 219.137.66.228 port 55904 ssh2 Aug 11 06:32:42 mail sshd[26623]: Received disconnect from 219.137.66.228 port 55904:11: Bye Bye [preauth] Aug 11 06:32:42 mail sshd[26623]: Disconnected from 219.137.66.228 port 55904 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=219.137.66.228	2020-08-12 21:31:25
46.161.53.8	attack	DATE:2020-08-12 14:43:18, IP:46.161.53.8, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-08-12 21:34:29

Recently Reported IPs

104.18.7.248	104.18.7.236	104.18.7.34	104.18.7.44
104.18.7.244	104.18.7.36	104.18.7.38	104.18.7.48
104.18.7.9	104.18.13.36	104.18.7.73	104.18.72.35
104.18.7.72	104.18.73.35	104.18.70.52	104.18.72.78
104.18.7.47	104.18.73.78	104.18.75.12	104.18.76.12