JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.118.107.104

18.118.107.104 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-18-118-107-104.us-east-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.118.107.104

Whois 18.118.107.104

IP Abuse Reports for 18.118.107.104:

This IP address has been reported a total of 35 times from 34 distinct sources. 18.118.107.104 was first reported on June 7th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 sargetun	2026-06-08 19:50:26 (2 weeks ago)	Honeypot: Auto-ban: 24 hour idle after honeypot interaction. Auto-reported from VPS honeypot.	Brute-Force SSH Hacking
🇩🇰 jodk	2026-06-08 03:00:46 (2 weeks ago)	SSH brute-force + malware deployment (Redtail miner). 5 hits on honeypot. Uploaded clean.sh, setup.s ... show more SSH brute-force + malware deployment (Redtail miner). 5 hits on honeypot. Uploaded clean.sh, setup.sh, redtail binaries. Injected SSH backdoor key. show less	Brute-Force SSH
🇬🇧 gbzret4d	2026-06-07 20:09:57 (2 weeks ago)	Honeypot [uk-production01]: HTTP/1.1 request on 22226 GET / User-Agent: visionheight.com/scan Mozil ... show more Honeypot [uk-production01]: HTTP/1.1 request on 22226 GET / User-Agent: visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 22226 [2] TCP show less	Hacking Bad Web Bot
🇸🇬 anotherwatcher	2026-06-07 20:09:48 (2 weeks ago)	bad bot	Bad Web Bot
🇺🇸 Starburst SysOp Team	2026-06-07 20:07:55 (2 weeks ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-mnz6-1)	Hacking Bad Web Bot
Anonymous	2026-06-07 19:56:30 (2 weeks ago)	SIEM ALERT AUTO REPORT	Email Spam
🇨🇦 Roper123	2026-06-07 19:53:50 (2 weeks ago)	Web exploits	Hacking Web App Attack
🇩🇪 guldkage	2026-06-07 19:50:27 (2 weeks ago)	Unauthorized connection attempt detected from IP address 18.118.107.104 to port 8291 (ger-03) [W]	Brute-Force Exploited Host
🇳🇱 ParaBug	2026-06-07 19:49:51 (2 weeks ago)	18.118.107.104 - - [07/Jun/2026:21:49:50 +0200] "\n" 400 432 "-" "-" ...	Phishing Brute-Force Web App Attack
🇩🇪 HoneyPot-FrPri	2026-06-07 19:49:26 (2 weeks ago)	1780861765 - 06/07/2026 21:49:25 Host: 18.118.107.104/18.118.107.104 Port: 3389 TCP Blocked ...	Port Scan
🇧🇷 somosbr	2026-06-07 19:49:24 (2 weeks ago)	[2026-06-07T19:49:24Z] Unsolicited scan from 18.118.107.104 to port 4444/tcp	Port Scan
🇵🇱 sefinek.net	2026-06-07 19:49:10 (2 weeks ago)	Honeypot hit: Unauthorized traffic (1 bytes of payload); 8087 [2] TCP Reported by: https://github.co ... show more Honeypot hit: Unauthorized traffic (1 bytes of payload); 8087 [2] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇦🇹 begou.dev	2026-06-07 19:46:11 (2 weeks ago)	[Threat Intelligence] Port Scanning and/or Unauthorized access -> TCP/3389	Port Scan
🇦🇺 LiftUp Hosting	2026-06-07 19:45:55 (2 weeks ago)	Honeypot hit: HTTP/1.1 request on 8008 GET / User-Agent: visionheight.com/scan Mozilla/5.0 (Macinto ... show more Honeypot hit: HTTP/1.1 request on 8008 GET / User-Agent: visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 8008 [4] TCP show less	Hacking Bad Web Bot
🇺🇸 sargetun	2026-06-07 19:45:32 (2 weeks ago)	Honeypot: RDP probe on port 3389 at 2026-06-07 19:41:47.295769. Automated report from VPS honeypot.	Port Scan

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.90

🇺🇸 143.198.225.197

🇳🇱 91.92.40.12

🇺🇸 2607:f8b0:4004:c25::123

🇭🇰 161.81.122.27

🇺🇸 147.185.132.63

🇺🇸 66.132.195.36

🇮🇳 52.102.196.22

🇺🇸 209.87.169.168

🇸🇬 103.189.235.176

🇱🇹 45.227.254.170

🇻🇳 203.205.37.233

🇹🇭 203.154.158.195

🇳🇱 195.178.110.228

🇫🇮 178.20.210.152

🇰🇷 121.188.193.96

🇨🇳 111.35.7.46

🇷🇴 80.94.92.120

🇺🇸 24.131.167.190

🇹🇷 213.43.32.99