104.18.70.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.18.70.149	attack	"MarketingPromoSystems, 8 The Green Suite #5828 Dover DE" 185.230.46.95 - phishing redirect www1.innovationaltech.xyz	2020-05-24 22:42:26
104.18.70.28	spam	AGAIN and AGAIN and ALWAYS the same REGISTRAR as 1api.net TO STOP IMMEDIATELY for keeping SPAMMERS, LIERS, ROBERS and else since too many years ! The cheapest service, as usual... Dossier transmis aux autorités Européennes et Françaises pour CONDAMNATION à 750 € par POURRIEL émis les SOUS MERDES, OK ? From: Joka Date: Wed, 18 Mar 2020 16:46:18 +0000 Subject: LE CASINO JOKA. =?utf-8?b?T8OZ?= LES FORTUNES SE PROFILENT Message-Id: <4WMA.BA1D.F33KVOH670.20200318164618859@bestoffer-today.com> live@bestoffer-today.com which send to « https://bestoffer-today.com/4WMA-BA1D-F33KVOH670/uauto.aspx » to BURN / CLOSE / DELETTE / STOP IMMEDIATELY for SPAM, PHISHING and SCAM on STOLLEN List ! ! ! bestoffer-today.com => 1api.net bestoffer-today.com => 104.16.209.86 104.16.209.86 => cloudflare.com AS USUAL... 1api.net => 84.200.110.124 84.200.110.124 => accelerated.de live@bestoffer-today.com => 94.143.106.199 94.143.106.199 => dotmailer.com dotmailer.com => 104.18.70.28 104.18.70.28 => cloudflare.com AS USUAL... dotmailer.com send to dotdigital.com dotdigital.com => 104.19.144.113 104.19.144.113 => cloudflare.com https://www.mywot.com/scorecard/dotmailer.com https://www.mywot.com/scorecard/dotdigital.com https://www.mywot.com/scorecard/bestoffer-today.com https://www.mywot.com/scorecard/1api.net AS USUAL... https://en.asytech.cn/check-ip/104.16.209.86 https://en.asytech.cn/check-ip/84.200.110.124 https://en.asytech.cn/check-ip/94.143.106.199 https://en.asytech.cn/check-ip/104.18.70.28 https://en.asytech.cn/check-ip/104.19.144.113	2020-03-19 05:04:23
104.18.70.106	attack	siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:48 +0100\] "GET /robots.txt HTTP/1.1" 200 4578 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:49 +0100\] "GET /galerie/villa-bunterkund.html HTTP/1.1" 200 10713 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:55 +0100\] "GET / HTTP/1.1" 200 9534 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" ...	2019-10-27 17:27:20

类型

评论内容

时间

104.18.70.149

attack

"MarketingPromoSystems, 8 The Green Suite #5828 Dover DE" 185.230.46.95 - phishing redirect www1.innovationaltech.xyz

2020-05-24 22:42:26

104.18.70.28

spam

AGAIN and AGAIN and ALWAYS the same REGISTRAR as 1api.net TO STOP IMMEDIATELY for keeping SPAMMERS, LIERS, ROBERS and else since too many years ! The cheapest service, as usual...
Dossier transmis aux autorités Européennes et Françaises pour CONDAMNATION à 750 € par POURRIEL émis les SOUS MERDES, OK ?

From: Joka 
Date: Wed, 18 Mar 2020 16:46:18 +0000
Subject: LE CASINO JOKA. =?utf-8?b?T8OZ?= LES FORTUNES SE PROFILENT
Message-Id: <4WMA.BA1D.F33KVOH670.20200318164618859@bestoffer-today.com>

live@bestoffer-today.com which send to « https://bestoffer-today.com/4WMA-BA1D-F33KVOH670/uauto.aspx » to BURN / CLOSE / DELETTE / STOP IMMEDIATELY for SPAM, PHISHING and SCAM on STOLLEN List ! ! !

bestoffer-today.com => 1api.net

bestoffer-today.com => 104.16.209.86

104.16.209.86 => cloudflare.com AS USUAL...

1api.net => 84.200.110.124

84.200.110.124 => accelerated.de

live@bestoffer-today.com => 94.143.106.199

94.143.106.199 => dotmailer.com

dotmailer.com => 104.18.70.28

104.18.70.28 => cloudflare.com AS USUAL...

dotmailer.com send to dotdigital.com

dotdigital.com => 104.19.144.113

104.19.144.113 => cloudflare.com

https://www.mywot.com/scorecard/dotmailer.com

https://www.mywot.com/scorecard/dotdigital.com

https://www.mywot.com/scorecard/bestoffer-today.com

https://www.mywot.com/scorecard/1api.net AS USUAL...

https://en.asytech.cn/check-ip/104.16.209.86

https://en.asytech.cn/check-ip/84.200.110.124

https://en.asytech.cn/check-ip/94.143.106.199

https://en.asytech.cn/check-ip/104.18.70.28

https://en.asytech.cn/check-ip/104.19.144.113

2020-03-19 05:04:23

104.18.70.106

attack

siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:48 +0100\] "GET /robots.txt HTTP/1.1" 200 4578 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)"
siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:49 +0100\] "GET /galerie/villa-bunterkund.html HTTP/1.1" 200 10713 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)"
siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:55 +0100\] "GET / HTTP/1.1" 200 9534 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)"
...

2019-10-27 17:27:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.70.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37864
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.70.52.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022000 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 20 19:23:29 CST 2022
;; MSG SIZE  rcvd: 105

HOST信息:

Host 52.70.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.70.18.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.254.22.172	attackbots	Jul 24 23:29:40 mockhub sshd[23274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.22.172 Jul 24 23:29:42 mockhub sshd[23274]: Failed password for invalid user telkom from 51.254.22.172 port 33820 ssh2 ...	2020-07-25 16:41:57
106.13.168.43	attack	$f2bV_matches	2020-07-25 16:31:34
61.177.172.158	attackbotsspam	2020-07-25T08:38:07.470681shield sshd\[27370\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.158 user=root 2020-07-25T08:38:09.481950shield sshd\[27370\]: Failed password for root from 61.177.172.158 port 39274 ssh2 2020-07-25T08:38:12.756616shield sshd\[27370\]: Failed password for root from 61.177.172.158 port 39274 ssh2 2020-07-25T08:38:15.199158shield sshd\[27370\]: Failed password for root from 61.177.172.158 port 39274 ssh2 2020-07-25T08:40:11.043680shield sshd\[27695\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.158 user=root	2020-07-25 16:49:16
222.186.180.142	attackspam	Jul 25 10:04:04 abendstille sshd\[24582\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root Jul 25 10:04:07 abendstille sshd\[24582\]: Failed password for root from 222.186.180.142 port 33363 ssh2 Jul 25 10:04:14 abendstille sshd\[24626\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root Jul 25 10:04:16 abendstille sshd\[24626\]: Failed password for root from 222.186.180.142 port 18073 ssh2 Jul 25 10:04:26 abendstille sshd\[24819\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root ...	2020-07-25 16:15:31
190.66.50.204	attackbotsspam	Automatic report - Port Scan Attack	2020-07-25 16:37:22
42.123.126.188	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-25 16:14:33
47.17.177.110	attack	SSH brute-force attempt	2020-07-25 16:49:42
14.41.1.51	attackbotsspam	2020-07-25T05:51:13.036671amanda2.illicoweb.com sshd\[35169\]: Invalid user admin from 14.41.1.51 port 46587 2020-07-25T05:51:13.259614amanda2.illicoweb.com sshd\[35169\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.41.1.51 2020-07-25T05:51:15.754475amanda2.illicoweb.com sshd\[35169\]: Failed password for invalid user admin from 14.41.1.51 port 46587 ssh2 2020-07-25T05:51:17.633213amanda2.illicoweb.com sshd\[35178\]: Invalid user admin from 14.41.1.51 port 46704 2020-07-25T05:51:17.855578amanda2.illicoweb.com sshd\[35178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.41.1.51 ...	2020-07-25 16:42:23
104.248.159.69	attackspam	$f2bV_matches	2020-07-25 16:44:48
122.51.222.42	attackbots	$f2bV_matches	2020-07-25 16:34:56
111.26.172.222	attackspam	2020-07-25T02:24:53.048965linuxbox-skyline auth[15986]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=info rhost=111.26.172.222 ...	2020-07-25 16:32:34
46.229.168.130	attackbotsspam	Attacks websites by trying to access known vulnerables of plugins, brute-force of backends or probing of administrative tools	2020-07-25 16:27:08
124.160.96.249	attack	2020-07-25T09:51:15+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-07-25 16:16:20
5.196.4.222	attackspambots	Jul 25 03:50:45 george sshd[29775]: Failed password for invalid user ftp from 5.196.4.222 port 40020 ssh2 Jul 25 03:55:14 george sshd[30305]: Invalid user cache from 5.196.4.222 port 53960 Jul 25 03:55:14 george sshd[30305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.4.222 Jul 25 03:55:16 george sshd[30305]: Failed password for invalid user cache from 5.196.4.222 port 53960 ssh2 Jul 25 03:59:31 george sshd[31495]: Invalid user website from 5.196.4.222 port 39654 ...	2020-07-25 16:22:26
223.167.12.203	attack	Invalid user dmb from 223.167.12.203 port 35134 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.167.12.203 Invalid user dmb from 223.167.12.203 port 35134 Failed password for invalid user dmb from 223.167.12.203 port 35134 ssh2 Invalid user gs from 223.167.12.203 port 55600	2020-07-25 16:09:58

最近上报的IP列表

104.18.73.35	104.18.72.78	104.18.7.47	104.18.73.78
104.18.75.12	104.18.76.12	104.18.74.83	104.18.13.39
104.18.78.74	104.18.78.224	159.119.54.122	104.18.79.234
104.18.78.38	104.18.79.38	104.18.78.234	104.18.79.74
104.18.8.10	104.18.8.108	104.18.79.13	104.18.8.153