City: Ashburn
Region: Virginia
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 18.32.0.0 - 18.255.255.255
CIDR: 18.128.0.0/9, 18.64.0.0/10, 18.32.0.0/11
NetName: AT-88-Z
NetHandle: NET-18-32-0-0-1
Parent: NET18 (NET-18-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Amazon Technologies Inc. (AT-88-Z)
RegDate: 2019-10-07
Updated: 2021-02-10
Ref: https://rdap.arin.net/registry/ip/18.32.0.0
OrgName: Amazon Technologies Inc.
OrgId: AT-88-Z
Address: 410 Terry Ave N.
City: Seattle
StateProv: WA
PostalCode: 98109
Country: US
RegDate: 2011-12-08
Updated: 2024-01-24
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/AT-88-Z
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-555-0000
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
OrgRoutingHandle: ARMP-ARIN
OrgRoutingName: AWS RPKI Management POC
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-555-0000
OrgAbuseEmail: trustandsafety@support.aws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-555-0000
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
OrgRoutingHandle: IPROU3-ARIN
OrgRoutingName: IP Routing
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 18.212.80.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10891
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;18.212.80.6. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025092201 1800 900 604800 86400
;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 23 02:00:13 CST 2025
;; MSG SIZE rcvd: 1046.80.212.18.in-addr.arpa domain name pointer ec2-18-212-80-6.compute-1.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
6.80.212.18.in-addr.arpa name = ec2-18-212-80-6.compute-1.amazonaws.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 123.149.211.50 | attackbotsspam | Attempt to attack host OS, exploiting network vulnerabilities, on 02-04-2020 13:40:10. |
2020-04-03 04:43:30 |
| 208.100.26.241 | attackbotsspam | Apr 2 22:05:40 debian-2gb-nbg1-2 kernel: \[8116982.517456\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=208.100.26.241 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=53129 PROTO=TCP SPT=50375 DPT=5985 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-04-03 04:34:26 |
| 122.224.19.41 | attackspam | firewall-block, port(s): 445/tcp |
2020-04-03 04:44:00 |
| 64.20.35.166 | attack | 2020-04-02T13:42:16.512080abusebot-2.cloudsearch.cf sshd[22145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.20.35.166 user=root 2020-04-02T13:42:17.926462abusebot-2.cloudsearch.cf sshd[22145]: Failed password for root from 64.20.35.166 port 46718 ssh2 2020-04-02T13:42:18.700454abusebot-2.cloudsearch.cf sshd[22149]: Invalid user admin from 64.20.35.166 port 48876 2020-04-02T13:42:18.706853abusebot-2.cloudsearch.cf sshd[22149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.20.35.166 2020-04-02T13:42:18.700454abusebot-2.cloudsearch.cf sshd[22149]: Invalid user admin from 64.20.35.166 port 48876 2020-04-02T13:42:20.397037abusebot-2.cloudsearch.cf sshd[22149]: Failed password for invalid user admin from 64.20.35.166 port 48876 ssh2 2020-04-02T13:42:21.087545abusebot-2.cloudsearch.cf sshd[22153]: Invalid user admin from 64.20.35.166 port 51354 ... |
2020-04-03 04:11:37 |
| 54.37.232.108 | attackspambots | Invalid user admin from 54.37.232.108 port 34904 |
2020-04-03 04:46:02 |
| 140.143.56.61 | attackspambots | Apr 2 16:52:26 *** sshd[13104]: Invalid user user from 140.143.56.61 |
2020-04-03 04:34:44 |
| 193.252.189.177 | attack | Invalid user qka from 193.252.189.177 port 53034 |
2020-04-03 04:24:24 |
| 102.23.243.199 | attack | Automatic report - Port Scan Attack |
2020-04-03 04:13:20 |
| 137.74.119.50 | attackbots | Invalid user test from 137.74.119.50 port 37124 |
2020-04-03 04:38:46 |
| 140.249.22.238 | attackbots | 20 attempts against mh-ssh on cloud |
2020-04-03 04:28:28 |
| 208.68.39.124 | attackspam | Apr 2 14:14:55 NPSTNNYC01T sshd[3337]: Failed password for root from 208.68.39.124 port 46168 ssh2 Apr 2 14:20:02 NPSTNNYC01T sshd[3693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.68.39.124 Apr 2 14:20:04 NPSTNNYC01T sshd[3693]: Failed password for invalid user admin from 208.68.39.124 port 59620 ssh2 ... |
2020-04-03 04:11:53 |
| 167.71.222.137 | attackbotsspam | Telnet Server BruteForce Attack |
2020-04-03 04:09:58 |
| 128.199.206.170 | attackbotsspam | 2020-04-02T13:12:10.735987linuxbox-skyline sshd[4441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.206.170 user=root 2020-04-02T13:12:12.524788linuxbox-skyline sshd[4441]: Failed password for root from 128.199.206.170 port 36016 ssh2 ... |
2020-04-03 04:06:56 |
| 192.241.239.66 | attack | MultiHost/MultiPort Probe, Scan, Hack - |
2020-04-03 04:35:06 |
| 167.114.203.73 | attack | Invalid user ni from 167.114.203.73 port 42992 |
2020-04-03 04:35:26 |