18.64.0.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 18.64.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33382
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;18.64.0.1.			IN	A

;; AUTHORITY SECTION:
.			386	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020600 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 06 20:34:15 CST 2022
;; MSG SIZE  rcvd: 102

Host info

1.0.64.18.in-addr.arpa domain name pointer server-18-64-0-1.icn57.r.cloudfront.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
1.0.64.18.in-addr.arpa	name = server-18-64-0-1.icn57.r.cloudfront.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
219.85.184.9	attackbotsspam	Port probing on unauthorized port 23	2020-08-08 20:37:12
209.97.177.73	attackbotsspam	209.97.177.73 - - [08/Aug/2020:13:17:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2178 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 209.97.177.73 - - [08/Aug/2020:13:17:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2177 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 209.97.177.73 - - [08/Aug/2020:13:17:39 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-08 20:50:23
150.129.8.24	attackbotsspam	xmlrpc attack	2020-08-08 20:55:32
120.210.134.49	attack	Aug 8 05:34:03 dignus sshd[24085]: Failed password for root from 120.210.134.49 port 60256 ssh2 Aug 8 05:36:22 dignus sshd[24370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.210.134.49 user=root Aug 8 05:36:24 dignus sshd[24370]: Failed password for root from 120.210.134.49 port 59832 ssh2 Aug 8 05:38:45 dignus sshd[24648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.210.134.49 user=root Aug 8 05:38:47 dignus sshd[24648]: Failed password for root from 120.210.134.49 port 59450 ssh2 ...	2020-08-08 20:59:27
106.54.128.79	attackspambots	Aug 8 14:11:37 abendstille sshd\[21454\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.128.79 user=root Aug 8 14:11:38 abendstille sshd\[21454\]: Failed password for root from 106.54.128.79 port 35414 ssh2 Aug 8 14:14:38 abendstille sshd\[24103\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.128.79 user=root Aug 8 14:14:41 abendstille sshd\[24103\]: Failed password for root from 106.54.128.79 port 38026 ssh2 Aug 8 14:17:35 abendstille sshd\[26984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.128.79 user=root ...	2020-08-08 20:54:47
145.239.11.166	attack	[2020-08-08 08:17:11] NOTICE[1248][C-00004d77] chan_sip.c: Call from '' (145.239.11.166:36046) to extension '00447441399590' rejected because extension not found in context 'public'. [2020-08-08 08:17:11] SECURITY[1275] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-08T08:17:11.083-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00447441399590",SessionID="0x7f27204f0348",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/145.239.11.166/5060",ACLName="no_extension_match" [2020-08-08 08:17:53] NOTICE[1248][C-00004d79] chan_sip.c: Call from '' (145.239.11.166:26764) to extension '00447441399590' rejected because extension not found in context 'public'. [2020-08-08 08:17:53] SECURITY[1275] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-08T08:17:53.292-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00447441399590",SessionID="0x7f27204f0348",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/14 ...	2020-08-08 20:38:28
88.129.250.205	attackbotsspam	SSH break in attempt ...	2020-08-08 20:30:49
45.84.196.70	attackspam	2020-08-08T14:17:57+0200 Failed SSH Authentication/Brute Force Attack. (Server 10)	2020-08-08 20:35:12
134.209.236.191	attackspambots	2020-08-08 14:24:13,766 fail2ban.actions: WARNING [ssh] Ban 134.209.236.191	2020-08-08 20:26:40
162.158.78.109	attack	Aug 8 14:17:50 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.78.109 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=59 ID=56748 DF PROTO=TCP SPT=56132 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Aug 8 14:17:51 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.78.109 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=59 ID=56749 DF PROTO=TCP SPT=56132 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Aug 8 14:17:53 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.78.109 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=59 ID=56750 DF PROTO=TCP SPT=56132 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0	2020-08-08 20:38:02
176.212.112.32	attackbotsspam	Aug 8 09:58:45 firewall sshd[32416]: Failed password for root from 176.212.112.32 port 43101 ssh2 Aug 8 10:02:51 firewall sshd[32526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.212.112.32 user=root Aug 8 10:02:53 firewall sshd[32526]: Failed password for root from 176.212.112.32 port 48241 ssh2 ...	2020-08-08 21:04:56
95.221.21.225	attack	Aug 8 14:17:40 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=95.221.21.225 DST=173.212.244.83 LEN=48 TOS=0x00 PREC=0x00 TTL=122 ID=20746 PROTO=UDP SPT=60731 DPT=1024 LEN=28 Aug 8 14:17:43 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=95.221.21.225 DST=173.212.244.83 LEN=48 TOS=0x00 PREC=0x00 TTL=122 ID=20747 PROTO=UDP SPT=60731 DPT=1024 LEN=28 Aug 8 14:17:43 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=95.221.21.225 DST=173.212.244.83 LEN=132 TOS=0x00 PREC=0x00 TTL=122 ID=20748 PROTO=UDP SPT=60731 DPT=1024 LEN=112 Aug 8 14:17:45 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=95.221.21.225 DST=173.212.244.83 LEN=52 TOS=0x00 PREC=0x00 TTL=122 ID=20749 DF PROTO=TCP SPT=53016 DPT=1024 WINDOW=64240 RES=0x00 SYN URGP=0 Aug 8 14:17:46 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23 ...	2020-08-08 20:43:33
220.168.206.6	attackbotsspam	Attempted Brute Force (dovecot)	2020-08-08 20:58:02
201.231.172.33	attack	Aug 8 14:05:41 server sshd[30191]: Failed password for root from 201.231.172.33 port 30529 ssh2 Aug 8 14:11:07 server sshd[4578]: Failed password for root from 201.231.172.33 port 53345 ssh2 Aug 8 14:17:47 server sshd[12443]: Failed password for root from 201.231.172.33 port 21282 ssh2	2020-08-08 20:42:49
202.71.25.10	attack	Unauthorised access (Aug 8) SRC=202.71.25.10 LEN=52 TTL=108 ID=1574 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Aug 7) SRC=202.71.25.10 LEN=52 TTL=111 ID=27988 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-08 20:27:25

Recently Reported IPs

125.224.211.246	174.211.147.92	90.251.81.172	25.117.201.149
12.136.209.127	80.98.208.216	237.104.228.107	252.56.85.136
182.46.10.186	113.151.122.41	174.242.33.8	92.73.49.182
111.94.231.127	5.42.110.66	46.147.255.13	67.123.209.25
135.24.120.226	13.105.193.111	197.11.133.91	51.104.71.97