JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.119.125.155

18.119.125.155 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 62%: ?

62%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-18-119-125-155.us-east-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.119.125.155

Whois 18.119.125.155

IP Abuse Reports for 18.119.125.155:

This IP address has been reported a total of 31 times from 16 distinct sources. 18.119.125.155 was first reported on January 1st 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 TheCoon	2026-06-07 03:00:02 (2 weeks ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-06 12:21:03 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.co ... show more (mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 08:20:55.815745 2026] [security2:error] [pid 29258:tid 29258] [client 18.119.125.155:45632] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "callalbany.com"] [uri "/.env"] [unique_id "aiQQp27SiJR_Mng2H1xVNAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 05:53:32 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.co ... show more (mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 01:53:27.848254 2026] [security2:error] [pid 19711:tid 19711] [client 18.119.125.155:49800] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bradjohnsonqh.com"] [uri "/.env"] [unique_id "aiO11-TXLnIeULxl27lx4AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-06-06 02:54:17 (2 weeks ago)	Unauthorized access to webpage admin	Web App Attack
🇩🇪 BlueWire Hosting	2026-06-06 02:42:54 (2 weeks ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇮🇹 ciccio diddo	2026-06-05 21:31:22 (2 weeks ago)	CMS/WP Exploit multiple 404 port:Tcp/80,443	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 11:12:54 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.co ... show more (mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 07:12:46.901931 2026] [security2:error] [pid 2774:tid 2774] [client 18.119.125.155:37942] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beetreelabs.com"] [uri "/.env"] [unique_id "aiKvLk_LBuVd5bVgP3_M8AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 10:22:04 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.co ... show more (mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 06:21:55.858977 2026] [security2:error] [pid 7692:tid 7692] [client 18.119.125.155:49112] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beautifulnoise.com"] [uri "/.env"] [unique_id "aiKjQ1GFdP5jvi78diwjiQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 07:24:58 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.co ... show more (mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 03:24:55.358697 2026] [security2:error] [pid 14987:tid 14987] [client 18.119.125.155:56130] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barriebrown.com"] [uri "/.env"] [unique_id "aiJ5x3yxKf9hGEX0L-IyVAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Matthew Ping	2026-06-05 07:15:02 (2 weeks ago)	ModSecurity rule 949110 triggered on dedicated4785. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
Anonymous	2026-06-05 05:05:19 (2 weeks ago)	Blocked: Reason='Suspicious traffic score=75 (review-based detection)'; Requests=4	Hacking
🇩🇪 Bedios GmbH	2026-06-05 03:27:09 (2 weeks ago)	Login credentials theft attempt	Hacking
🇺🇸 TPI-Abuse	2026-06-05 02:47:11 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.co ... show more (mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 22:47:03.422604 2026] [security2:error] [pid 22592:tid 22592] [client 18.119.125.155:47398] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "badfoodlawsuit.com"] [uri "/.env"] [unique_id "aiI4px9BfcbsGKTiXFU5iwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 01:17:13 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.co ... show more (mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 21:17:05.966537 2026] [security2:error] [pid 24388:tid 24388] [client 18.119.125.155:49234] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "azpinklimos.com"] [uri "/.env"] [unique_id "aiIjkTzufFtr1MdZHlKxCwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 00:06:47 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.co ... show more (mod_security) mod_security (id:210492) triggered by 18.119.125.155 (ec2-18-119-125-155.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 20:06:42.210168 2026] [security2:error] [pid 23126:tid 23126] [client 18.119.125.155:53690] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "awakenings.info"] [uri "/.env"] [unique_id "aiITEnwYFdmkrfozE6l0igAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 153.122.170.31

🇺🇸 2a04:c300:400::199

🇨🇳 221.218.252.162

🇯🇵 212.102.51.63

🇺🇦 194.42.205.100

🇮🇶 185.181.111.83

🇬🇧 167.99.90.69

🇺🇸 162.216.149.3

🇧🇷 143.0.188.113

🇺🇸 104.140.148.86

🇨🇳 58.58.130.22

🇺🇸 13.219.5.24

🇰🇪 217.199.144.86

🇺🇸 216.126.237.61

🇪🇹 196.190.220.199

🇩🇪 194.88.98.90

🇸🇬 188.166.251.103

🇨🇳 180.167.128.202

🇩🇪 85.28.47.237

🇭🇰 220.246.47.146