104.18.70.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.18.70.149	attack	"MarketingPromoSystems, 8 The Green Suite #5828 Dover DE" 185.230.46.95 - phishing redirect www1.innovationaltech.xyz	2020-05-24 22:42:26
104.18.70.28	spam	AGAIN and AGAIN and ALWAYS the same REGISTRAR as 1api.net TO STOP IMMEDIATELY for keeping SPAMMERS, LIERS, ROBERS and else since too many years ! The cheapest service, as usual... Dossier transmis aux autorités Européennes et Françaises pour CONDAMNATION à 750 € par POURRIEL émis les SOUS MERDES, OK ? From: Joka Date: Wed, 18 Mar 2020 16:46:18 +0000 Subject: LE CASINO JOKA. =?utf-8?b?T8OZ?= LES FORTUNES SE PROFILENT Message-Id: <4WMA.BA1D.F33KVOH670.20200318164618859@bestoffer-today.com> live@bestoffer-today.com which send to « https://bestoffer-today.com/4WMA-BA1D-F33KVOH670/uauto.aspx » to BURN / CLOSE / DELETTE / STOP IMMEDIATELY for SPAM, PHISHING and SCAM on STOLLEN List ! ! ! bestoffer-today.com => 1api.net bestoffer-today.com => 104.16.209.86 104.16.209.86 => cloudflare.com AS USUAL... 1api.net => 84.200.110.124 84.200.110.124 => accelerated.de live@bestoffer-today.com => 94.143.106.199 94.143.106.199 => dotmailer.com dotmailer.com => 104.18.70.28 104.18.70.28 => cloudflare.com AS USUAL... dotmailer.com send to dotdigital.com dotdigital.com => 104.19.144.113 104.19.144.113 => cloudflare.com https://www.mywot.com/scorecard/dotmailer.com https://www.mywot.com/scorecard/dotdigital.com https://www.mywot.com/scorecard/bestoffer-today.com https://www.mywot.com/scorecard/1api.net AS USUAL... https://en.asytech.cn/check-ip/104.16.209.86 https://en.asytech.cn/check-ip/84.200.110.124 https://en.asytech.cn/check-ip/94.143.106.199 https://en.asytech.cn/check-ip/104.18.70.28 https://en.asytech.cn/check-ip/104.19.144.113	2020-03-19 05:04:23
104.18.70.106	attack	siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:48 +0100\] "GET /robots.txt HTTP/1.1" 200 4578 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:49 +0100\] "GET /galerie/villa-bunterkund.html HTTP/1.1" 200 10713 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:55 +0100\] "GET / HTTP/1.1" 200 9534 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" ...	2019-10-27 17:27:20

类型

评论内容

时间

104.18.70.149

attack

"MarketingPromoSystems, 8 The Green Suite #5828 Dover DE" 185.230.46.95 - phishing redirect www1.innovationaltech.xyz

2020-05-24 22:42:26

104.18.70.28

spam

AGAIN and AGAIN and ALWAYS the same REGISTRAR as 1api.net TO STOP IMMEDIATELY for keeping SPAMMERS, LIERS, ROBERS and else since too many years ! The cheapest service, as usual...
Dossier transmis aux autorités Européennes et Françaises pour CONDAMNATION à 750 € par POURRIEL émis les SOUS MERDES, OK ?

From: Joka 
Date: Wed, 18 Mar 2020 16:46:18 +0000
Subject: LE CASINO JOKA. =?utf-8?b?T8OZ?= LES FORTUNES SE PROFILENT
Message-Id: <4WMA.BA1D.F33KVOH670.20200318164618859@bestoffer-today.com>

live@bestoffer-today.com which send to « https://bestoffer-today.com/4WMA-BA1D-F33KVOH670/uauto.aspx » to BURN / CLOSE / DELETTE / STOP IMMEDIATELY for SPAM, PHISHING and SCAM on STOLLEN List ! ! !

bestoffer-today.com => 1api.net

bestoffer-today.com => 104.16.209.86

104.16.209.86 => cloudflare.com AS USUAL...

1api.net => 84.200.110.124

84.200.110.124 => accelerated.de

live@bestoffer-today.com => 94.143.106.199

94.143.106.199 => dotmailer.com

dotmailer.com => 104.18.70.28

104.18.70.28 => cloudflare.com AS USUAL...

dotmailer.com send to dotdigital.com

dotdigital.com => 104.19.144.113

104.19.144.113 => cloudflare.com

https://www.mywot.com/scorecard/dotmailer.com

https://www.mywot.com/scorecard/dotdigital.com

https://www.mywot.com/scorecard/bestoffer-today.com

https://www.mywot.com/scorecard/1api.net AS USUAL...

https://en.asytech.cn/check-ip/104.16.209.86

https://en.asytech.cn/check-ip/84.200.110.124

https://en.asytech.cn/check-ip/94.143.106.199

https://en.asytech.cn/check-ip/104.18.70.28

https://en.asytech.cn/check-ip/104.19.144.113

2020-03-19 05:04:23

104.18.70.106

attack

siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:48 +0100\] "GET /robots.txt HTTP/1.1" 200 4578 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)"
siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:49 +0100\] "GET /galerie/villa-bunterkund.html HTTP/1.1" 200 10713 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)"
siteaudit.crawler.semrush.com - - \[27/Oct/2019:04:48:55 +0100\] "GET / HTTP/1.1" 200 9534 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)"
...

2019-10-27 17:27:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.18.70.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37864
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.18.70.52.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022000 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 20 19:23:29 CST 2022
;; MSG SIZE  rcvd: 105

HOST信息:

Host 52.70.18.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.70.18.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
138.117.162.86	attack	Nov 9 11:39:32 pornomens sshd\[5007\]: Invalid user jzapata from 138.117.162.86 port 34625 Nov 9 11:39:32 pornomens sshd\[5007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.117.162.86 Nov 9 11:39:34 pornomens sshd\[5007\]: Failed password for invalid user jzapata from 138.117.162.86 port 34625 ssh2 ...	2019-11-09 19:08:21
185.143.223.81	attack	Nov 9 10:38:25 h2177944 kernel: \[6167894.312776\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=83 PROTO=TCP SPT=53588 DPT=58806 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 9 10:40:08 h2177944 kernel: \[6167997.379988\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=9957 PROTO=TCP SPT=53588 DPT=23286 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 9 10:46:40 h2177944 kernel: \[6168389.242104\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=12127 PROTO=TCP SPT=53588 DPT=48820 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 9 10:49:33 h2177944 kernel: \[6168562.360624\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=20123 PROTO=TCP SPT=53588 DPT=34079 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 9 10:51:07 h2177944 kernel: \[6168655.798297\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.	2019-11-09 19:07:39
192.162.70.66	attackbots	Nov 9 11:51:45 sd-53420 sshd\[16988\]: User root from 192.162.70.66 not allowed because none of user's groups are listed in AllowGroups Nov 9 11:51:45 sd-53420 sshd\[16988\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.162.70.66 user=root Nov 9 11:51:47 sd-53420 sshd\[16988\]: Failed password for invalid user root from 192.162.70.66 port 34158 ssh2 Nov 9 11:56:06 sd-53420 sshd\[18308\]: Invalid user tq from 192.162.70.66 Nov 9 11:56:06 sd-53420 sshd\[18308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.162.70.66 ...	2019-11-09 18:56:37
222.186.169.192	attackbots	Nov 9 11:07:03 localhost sshd\[17144\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.192 user=root Nov 9 11:07:05 localhost sshd\[17144\]: Failed password for root from 222.186.169.192 port 39498 ssh2 Nov 9 11:07:08 localhost sshd\[17144\]: Failed password for root from 222.186.169.192 port 39498 ssh2 ...	2019-11-09 19:09:39
148.70.4.242	attackspambots	2019-11-09T08:37:12.930308abusebot-2.cloudsearch.cf sshd\[12598\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242 user=root	2019-11-09 18:52:16
160.153.154.23	attack	Automatic report - XMLRPC Attack	2019-11-09 18:56:01
177.86.173.220	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/177.86.173.220/ BR - 1H : (169) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN52573 IP : 177.86.173.220 CIDR : 177.86.173.0/24 PREFIX COUNT : 31 UNIQUE IP COUNT : 8192 ATTACKS DETECTED ASN52573 : 1H - 3 3H - 6 6H - 6 12H - 6 24H - 6 DateTime : 2019-11-09 07:23:47 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-09 18:51:19
106.38.62.126	attackspambots	Nov 9 11:34:37 [host] sshd[12890]: Invalid user dsaewq from 106.38.62.126 Nov 9 11:34:37 [host] sshd[12890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.38.62.126 Nov 9 11:34:39 [host] sshd[12890]: Failed password for invalid user dsaewq from 106.38.62.126 port 9275 ssh2	2019-11-09 18:47:44
121.121.77.16	attackbots	RDP Bruteforce	2019-11-09 19:19:37
128.199.67.66	attack	Nov 9 09:03:52 xxxxxxx7446550 sshd[29644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.67.66 user=r.r Nov 9 09:03:53 xxxxxxx7446550 sshd[29644]: Failed password for r.r from 128.199.67.66 port 34458 ssh2 Nov 9 09:03:53 xxxxxxx7446550 sshd[29645]: Received disconnect from 128.199.67.66: 11: Bye Bye Nov 9 09:30:35 xxxxxxx7446550 sshd[3522]: Invalid user splunk from 128.199.67.66 Nov 9 09:30:35 xxxxxxx7446550 sshd[3522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.67.66 Nov 9 09:30:38 xxxxxxx7446550 sshd[3522]: Failed password for invalid user splunk from 128.199.67.66 port 43858 ssh2 Nov 9 09:30:38 xxxxxxx7446550 sshd[3523]: Received disconnect from 128.199.67.66: 11: Bye Bye Nov 9 09:34:24 xxxxxxx7446550 sshd[4341]: Invalid user i from 128.199.67.66 Nov 9 09:34:24 xxxxxxx7446550 sshd[4341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 t........ -------------------------------	2019-11-09 19:00:49
95.90.180.177	attackbotsspam	Nov 9 07:20:24 mxgate1 postfix/postscreen[27578]: CONNECT from [95.90.180.177]:14127 to [176.31.12.44]:25 Nov 9 07:20:24 mxgate1 postfix/dnsblog[27583]: addr 95.90.180.177 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 9 07:20:24 mxgate1 postfix/dnsblog[27583]: addr 95.90.180.177 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 9 07:20:24 mxgate1 postfix/dnsblog[27583]: addr 95.90.180.177 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 9 07:20:24 mxgate1 postfix/dnsblog[27692]: addr 95.90.180.177 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 9 07:20:24 mxgate1 postfix/dnsblog[27582]: addr 95.90.180.177 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 9 07:20:24 mxgate1 postfix/dnsblog[27579]: addr 95.90.180.177 listed by domain bl.spamcop.net as 127.0.0.2 Nov 9 07:20:24 mxgate1 postfix/dnsblog[27580]: addr 95.90.180.177 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 9 07:20:30 mxgate1 postfix/postscreen[27578]: DNSBL rank 6 for [95......... -------------------------------	2019-11-09 18:39:44
46.101.105.147	attackbotsspam	Nov 9 09:10:38 meumeu sshd[5249]: Failed password for root from 46.101.105.147 port 42840 ssh2 Nov 9 09:14:31 meumeu sshd[5671]: Failed password for root from 46.101.105.147 port 54250 ssh2 Nov 9 09:18:27 meumeu sshd[6186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.105.147 ...	2019-11-09 18:46:30
192.254.74.90	attackbots	Automatic report - XMLRPC Attack	2019-11-09 18:58:46
140.143.134.86	attackspam	2019-11-09T09:40:12.917645tmaserv sshd\[25177\]: Failed password for invalid user www-data from 140.143.134.86 port 34305 ssh2 2019-11-09T10:41:08.269084tmaserv sshd\[28097\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.134.86 user=root 2019-11-09T10:41:10.392669tmaserv sshd\[28097\]: Failed password for root from 140.143.134.86 port 45892 ssh2 2019-11-09T10:46:29.983797tmaserv sshd\[28309\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.134.86 user=root 2019-11-09T10:46:31.840664tmaserv sshd\[28309\]: Failed password for root from 140.143.134.86 port 36669 ssh2 2019-11-09T10:51:57.052711tmaserv sshd\[28542\]: Invalid user 002 from 140.143.134.86 port 55689 ...	2019-11-09 19:10:56
222.186.173.201	attackbotsspam	DATE:2019-11-09 11:49:14, IP:222.186.173.201, PORT:ssh SSH brute force auth on honeypot server (honey-neo-dc-bis)	2019-11-09 19:14:14

最近上报的IP列表

104.18.73.35	104.18.72.78	104.18.7.47	104.18.73.78
104.18.75.12	104.18.76.12	104.18.74.83	104.18.13.39
104.18.78.74	104.18.78.224	159.119.54.122	104.18.79.234
104.18.78.38	104.18.79.38	104.18.78.234	104.18.79.74
104.18.8.10	104.18.8.108	104.18.79.13	104.18.8.153