104.18.70.91 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.18.70.149	attack	"MarketingPromoSystems, 8 The Green Suite #5828 Dover DE" 185.230.46.95 - phishing redirect www1.innovationaltech.xyz	2020-05-24 22:42:26
104.18.70.28	spam	AGAIN and AGAIN and ALWAYS the same REGISTRAR as 1api.net TO STOP IMMEDIATELY for keeping SPAMMERS, LIERS, ROBERS and else since too many years ! The cheapest service, as usual... Dossier transmis aux autorités Européennes et Françaises pour CONDAMNATION à 750 € par POURRIEL émis les SOUS MERDES, OK ? From: Joka Date: Wed, 18 Mar 2020 16:46:18 +0000 Subject: LE CASINO JOKA. =?utf-8?b?T8OZ?= LES FORTUNES SE PROFILENT Message-Id: <4WMA.BA1D.F33KVOH670.20200318164618859@bestoffer-today.com> live@bestoffer-today.com which send to « https://bestoffer-today.com/4WMA-BA1D-F33KVOH670/uauto.aspx » to BURN / CLOSE / DELETTE / STOP IMMEDIATELY for SPAM, PHISHING and SCAM on STOLLEN List ! ! ! bestoffer-today.com => 1api.net bestoffer-today.com => 104.16.209.86 104.16.209.86 => cloudflare.com AS USUAL... 1api.net => 84.200.110.124 84.200.110.124 => accelerated.de live@bestoffer-today.com => 94.143.106.199 94.143.106.199 => dotmailer.com dotmailer.com => 104.18.70.28 104.18.70.28 => cloudflare.com AS USUAL... dotmailer.com send to dotdigital.com dotdigital.com => 104.19.144.113 104.19.144.113 => cloudflare.com https://www.mywot.com/scorecard/dotmailer.com https://www.mywot.com/scorecard/dotdigital.com https://www.mywot.com/scorecard/bestoffer-today.com https://www.mywot.com/scorecard/1api.net AS USUAL... https://en.asytech.cn/check-ip/104.16.209.86 https://en.asytech.cn/check-ip/84.200.110.124 https://en.asytech.cn/check-ip/94.143.106.199 https://en.asytech.cn/check-ip/104.18.70.28 https://en.asytech.cn/check-ip/104.19.144.113	2020-03-19 05:04:23
104.18.70.106	attack	siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:48 +0100\] "GET /robots.txt HTTP/1.1" 200 4578 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:49 +0100\] "GET /galerie/villa-bunterkund.html HTTP/1.1" 200 10713 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:55 +0100\] "GET / HTTP/1.1" 200 9534 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" ...	2019-10-27 17:27:20

Type

Details

Datetime

104.18.70.149

attack

"MarketingPromoSystems, 8 The Green Suite #5828 Dover DE" 185.230.46.95 - phishing redirect www1.innovationaltech.xyz

2020-05-24 22:42:26

104.18.70.28

spam

AGAIN and AGAIN and ALWAYS the same REGISTRAR as 1api.net TO STOP IMMEDIATELY for keeping SPAMMERS, LIERS, ROBERS and else since too many years ! The cheapest service, as usual...
Dossier transmis aux autorités Européennes et Françaises pour CONDAMNATION à 750 € par POURRIEL émis les SOUS MERDES, OK ?

From: Joka 
Date: Wed, 18 Mar 2020 16:46:18 +0000
Subject: LE CASINO JOKA. =?utf-8?b?T8OZ?= LES FORTUNES SE PROFILENT
Message-Id: <4WMA.BA1D.F33KVOH670.20200318164618859@bestoffer-today.com>

live@bestoffer-today.com which send to « https://bestoffer-today.com/4WMA-BA1D-F33KVOH670/uauto.aspx » to BURN / CLOSE / DELETTE / STOP IMMEDIATELY for SPAM, PHISHING and SCAM on STOLLEN List ! ! !

bestoffer-today.com => 1api.net

bestoffer-today.com => 104.16.209.86

104.16.209.86 => cloudflare.com AS USUAL...

1api.net => 84.200.110.124

84.200.110.124 => accelerated.de

live@bestoffer-today.com => 94.143.106.199

94.143.106.199 => dotmailer.com

dotmailer.com => 104.18.70.28

104.18.70.28 => cloudflare.com AS USUAL...

dotmailer.com send to dotdigital.com

dotdigital.com => 104.19.144.113

104.19.144.113 => cloudflare.com

https://www.mywot.com/scorecard/dotmailer.com

https://www.mywot.com/scorecard/dotdigital.com

https://www.mywot.com/scorecard/bestoffer-today.com

https://www.mywot.com/scorecard/1api.net AS USUAL...

https://en.asytech.cn/check-ip/104.16.209.86

https://en.asytech.cn/check-ip/84.200.110.124

https://en.asytech.cn/check-ip/94.143.106.199

https://en.asytech.cn/check-ip/104.18.70.28

https://en.asytech.cn/check-ip/104.19.144.113

2020-03-19 05:04:23

104.18.70.106

attack

siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:48 +0100\] "GET /robots.txt HTTP/1.1" 200 4578 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)"
siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:49 +0100\] "GET /galerie/villa-bunterkund.html HTTP/1.1" 200 10713 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)"
siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:55 +0100\] "GET / HTTP/1.1" 200 9534 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)"
...

2019-10-27 17:27:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.70.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49404
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.70.91.			IN	A

;; AUTHORITY SECTION:
.			10	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031100 1800 900 604800 86400

;; Query time: 75 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 11 18:48:16 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 91.70.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 91.70.18.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.178.16.172	attack	Automatic report BANNED IP	2020-05-10 18:01:30
159.203.123.99	attackbots	WordPress login Brute force / Web App Attack on client site.	2020-05-10 17:46:26
159.89.197.1	attackbots	Unauthorized SSH login attempts	2020-05-10 17:52:03
51.178.24.61	attackspambots	May 10 09:59:55 xeon sshd[35886]: Failed password for invalid user deploy from 51.178.24.61 port 40052 ssh2	2020-05-10 17:31:24
139.199.30.155	attackspambots	May 10 07:57:06 [host] sshd[20960]: Invalid user o May 10 07:57:06 [host] sshd[20960]: pam_unix(sshd: May 10 07:57:08 [host] sshd[20960]: Failed passwor	2020-05-10 18:09:02
128.199.142.138	attack	May 10 05:48:38 NPSTNNYC01T sshd[23287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 May 10 05:48:40 NPSTNNYC01T sshd[23287]: Failed password for invalid user canada from 128.199.142.138 port 57088 ssh2 May 10 05:50:39 NPSTNNYC01T sshd[23434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 ...	2020-05-10 18:06:13
46.238.200.43	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 46.238.200.43 (PL/Poland/static-46-238-200-43.intkomp.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-05-10 08:19:40 plain authenticator failed for static-46-238-200-43.intkomp.net [46.238.200.43]: 535 Incorrect authentication data (set_id=job)	2020-05-10 17:38:50
129.211.26.12	attack	May 10 08:07:30 home sshd[8501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.26.12 May 10 08:07:32 home sshd[8501]: Failed password for invalid user persimmon from 129.211.26.12 port 55952 ssh2 May 10 08:11:50 home sshd[9149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.26.12 ...	2020-05-10 17:45:37
186.146.1.122	attack	May 9 22:30:08 web1 sshd\[17244\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.146.1.122 user=root May 9 22:30:10 web1 sshd\[17244\]: Failed password for root from 186.146.1.122 port 38726 ssh2 May 9 22:34:25 web1 sshd\[17622\]: Invalid user boc from 186.146.1.122 May 9 22:34:25 web1 sshd\[17622\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.146.1.122 May 9 22:34:28 web1 sshd\[17622\]: Failed password for invalid user boc from 186.146.1.122 port 47570 ssh2	2020-05-10 18:10:46
114.242.139.19	attack	Bruteforce detected by fail2ban	2020-05-10 17:48:15
203.90.233.7	attackbots	2020-05-10T04:13:46.8495451495-001 sshd[10859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.90.233.7 user=root 2020-05-10T04:13:48.6018861495-001 sshd[10859]: Failed password for root from 203.90.233.7 port 30755 ssh2 2020-05-10T04:17:09.7966991495-001 sshd[10969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.90.233.7 user=root 2020-05-10T04:17:11.4181131495-001 sshd[10969]: Failed password for root from 203.90.233.7 port 59120 ssh2 2020-05-10T04:20:32.1756141495-001 sshd[11066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.90.233.7 user=root 2020-05-10T04:20:33.9979791495-001 sshd[11066]: Failed password for root from 203.90.233.7 port 22973 ssh2 ...	2020-05-10 18:02:19
128.199.254.23	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2020-05-10 18:11:05
43.226.153.29	attackbots	20 attempts against mh-ssh on install-test	2020-05-10 17:57:12
103.91.77.19	attackbots	$f2bV_matches	2020-05-10 17:40:51
185.176.27.34	attack	05/10/2020-05:30:17.290196 185.176.27.34 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-05-10 17:36:34

Recently Reported IPs

104.18.7.76	104.18.73.72	9.201.12.224	104.18.74.72
104.18.75.13	104.18.76.13	104.18.77.17	104.18.78.17
104.18.8.110	104.18.8.140	180.149.125.175	104.18.8.160
104.18.8.18	104.18.8.195	104.18.8.201	104.18.8.27
104.18.8.50	104.18.8.9	104.18.8.98	104.18.9.110