JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.118.22.22

18.118.22.22 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-18-118-22-22.us-east-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.118.22.22

Whois 18.118.22.22

IP Abuse Reports for 18.118.22.22:

This IP address has been reported a total of 55 times from 46 distinct sources. 18.118.22.22 was first reported on February 26th 2026, and the most recent report was 22 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 SOC [GOLINE SA]	2026-06-05 14:24:55 (22 hours ago)	IDS Alert: IDS High-Severity Alert === ATTACK === Signature: IDS High-Severity Alert \| SID: N/A \| Se ... show more IDS Alert: IDS High-Severity Alert === ATTACK === Signature: IDS High-Severity Alert \| SID: N/A \| Severity: 1-2 \| Category: Security Threat === SOURCE === IP: 18.118.22.22 (IPv4) \| Port: N/A \| Country: United States \| ISP: AT-88-Z \| rDNS: ec2-18-118-22-22.us-east-2.compute.amazonaws.com === TARGET === Host: lg.goline.ch \| IP: lg.goline.ch \| Port: multiple \| Protocol: TCP/UDP \| App: N/A === RESPONSE === Time: 2026-06-05 16:24:54 \| Action: Blocked show less	Port Scan Hacking Bad Web Bot
🇨🇭 SOC [GOLINE SA]	2026-06-05 10:55:50 (1 day ago)	IDS Alert: IDS High-Severity Alert === ATTACK === Signature: IDS High-Severity Alert \| SID: N/A \| Se ... show more IDS Alert: IDS High-Severity Alert === ATTACK === Signature: IDS High-Severity Alert \| SID: N/A \| Severity: 1-2 \| Category: Security Threat === SOURCE === IP: 18.118.22.22 (IPv4) \| Port: N/A \| Country: United States \| ISP: AT-88-Z \| rDNS: ec2-18-118-22-22.us-east-2.compute.amazonaws.com === TARGET === Host: lg.goline.ch \| IP: lg.goline.ch \| Port: multiple \| Protocol: TCP/UDP \| App: N/A === RESPONSE === Time: 2026-06-05 12:55:49 \| Action: Blocked show less	Port Scan Hacking Bad Web Bot
🇨🇭 SOC [GOLINE SA]	2026-06-05 10:28:07 (1 day ago)	IDS Alert: IDS High-Severity Alert === ATTACK === Signature: IDS High-Severity Alert \| SID: N/A \| Se ... show more IDS Alert: IDS High-Severity Alert === ATTACK === Signature: IDS High-Severity Alert \| SID: N/A \| Severity: 1-2 \| Category: Security Threat === SOURCE === IP: 18.118.22.22 (IPv4) \| Port: N/A \| Country: United States \| ISP: Unknown \| rDNS: None === TARGET === Host: lg.goline.ch \| IP: lg.goline.ch \| Port: multiple \| Protocol: TCP/UDP \| App: N/A === RESPONSE === Time: 2026-06-05 12:27:53 \| Action: Blocked show less	Port Scan Hacking Bad Web Bot
🇨🇭 SOC [GOLINE SA]	2026-06-05 10:11:59 (1 day ago)	IDS Alert: IDS High-Severity Alert === ATTACK === Signature: IDS High-Severity Alert \| SID: N/A \| Se ... show more IDS Alert: IDS High-Severity Alert === ATTACK === Signature: IDS High-Severity Alert \| SID: N/A \| Severity: 1-2 \| Category: Security Threat === SOURCE === IP: 18.118.22.22 (IPv4) \| Port: N/A \| Country: United States \| ISP: Unknown \| rDNS: None === TARGET === Host: lg.goline.ch \| IP: lg.goline.ch \| Port: multiple \| Protocol: TCP/UDP \| App: N/A === RESPONSE === Time: 2026-06-05 12:11:46 \| Action: Blocked show less	Port Scan Hacking Bad Web Bot
🇨🇭 SOC [GOLINE SA]	2026-06-05 09:56:51 (1 day ago)	IDS Alert: IDS High-Severity Alert === ATTACK === Signature: IDS High-Severity Alert \| SID: N/A \| Se ... show more IDS Alert: IDS High-Severity Alert === ATTACK === Signature: IDS High-Severity Alert \| SID: N/A \| Severity: 1-2 \| Category: Security Threat === SOURCE === IP: 18.118.22.22 (IPv4) \| Port: N/A \| Country: United States \| ISP: Unknown \| rDNS: None === TARGET === Host: lg.goline.ch \| IP: lg.goline.ch \| Port: multiple \| Protocol: TCP/UDP \| App: N/A === RESPONSE === Time: 2026-06-05 11:56:37 \| Action: Blocked show less	Port Scan Hacking Bad Web Bot
🇩🇪 IP Analyzer	2026-06-05 03:30:02 (1 day ago)	Unauthorized connection attempt from IP address 18.118.22.22 on Port 143(IMAP)	Port Scan
🇦🇺 LiftUp Hosting	2026-06-05 03:15:55 (1 day ago)	Honeypot hit: HTTP/1.1 request on 9300 GET / User-Agent: visionheight.com/scan Mozilla/5.0 (Macinto ... show more Honeypot hit: HTTP/1.1 request on 9300 GET / User-Agent: visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 9300 [4] TCP show less	Hacking Bad Web Bot
🇬🇧 Hobby Bob	2026-06-05 03:12:34 (1 day ago)	Jun 5 04:12:34 mail dovecot: pop3-login: Disconnected: Connection closed (no auth attempts in 1 secs ... show more Jun 5 04:12:34 mail dovecot: pop3-login: Disconnected: Connection closed (no auth attempts in 1 secs): user=, rip=18.118.22.22, lip=X.X.X.X session= show less	Port Scan Hacking
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-05 03:10:59 (1 day ago)	Honeypot hit: HTTP/1.1 request on 9300 GET / User-Agent: visionheight.com/scan Mozilla/5.0 (Macinto ... show more Honeypot hit: HTTP/1.1 request on 9300 GET / User-Agent: visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 9300 [2] TCP show less	Web App Attack
Anonymous	2026-06-05 03:10:48 (1 day ago)	Heralding honeypot: imap on port 143	Brute-Force
🇩🇪 Justin F. \| AS204464	2026-06-05 03:10:43 (1 day ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (1 bytes of payload); 58000 [3], 8093 [1] TCP Rep ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (1 bytes of payload); 58000 [3], 8093 [1] TCP Reported by: Justin F. show less	Port Scan
🇩🇪 excill	2026-06-05 03:10:29 (1 day ago)	Honeypot mesh observed 703 attack events in 24h — cowrie/dionaea/heralding/suricata	Port Scan Hacking Brute-Force SSH
🇯🇵 HeliJP	2026-06-05 03:10:01 (1 day ago)	Unauthorized connection attempt from IP address 18.118.22.22 on port 995	Port Scan Brute-Force
Anonymous	2026-06-05 03:06:35 (1 day ago)	SIEM ALERT AUTO REPORT	Email Spam
🇩🇪 BULLSEYE	2026-06-05 03:02:32 (1 day ago)	Automated IMAP security detection from MailEnable logs. Observed patterns: LOGIN fails=0, AUTHENTICA ... show more Automated IMAP security detection from MailEnable logs. Observed patterns: LOGIN fails=0, AUTHENTICATE fails=0, Scanner/Probe=6; Score=12 (weights: login=2, auth=2, scan=2). Top: SCAN:UNKN_CMD=4, SCAN:HTTP_PROBE=1, SCAN:EMPTY_UNKN=1 (possible service probing/scanning). Traffic characteristics strongly indicate automated malicious activity against IMAP. show less	Port Scan Brute-Force

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 88.198.25.181

🇵🇱 87.251.64.158

🇮🇩 43.129.44.66

🇬🇧 31.14.254.7

🇲🇽 187.161.117.21

🇬🇧 185.216.145.189

🇺🇸 162.216.150.14

🇨🇳 113.195.163.224

🇮🇳 103.54.101.248

🇷🇺 94.51.65.135

🇸🇪 83.191.181.23

🇱🇹 81.30.98.62

🇮🇳 203.145.143.163

🇿🇦 197.101.198.70

🇬🇧 185.216.145.172

🇩🇿 154.241.143.5

🇨🇭 104.244.74.201

🇲🇦 81.192.46.45

🇺🇸 74.207.137.176

🇺🇸 44.201.153.18