JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.189.74.1

18.189.74.1 was found in our database!

This IP was reported 19,785 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	scan.visionheight.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.189.74.1

Whois 18.189.74.1

IP Abuse Reports for 18.189.74.1:

This IP address has been reported a total of 19,785 times from 273 distinct sources. 18.189.74.1 was first reported on February 3rd 2026, and the most recent report was 6 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-04 10:05:16 (6 hours ago)	tcp ports: 23,8180 (48 or more attempts)	Port Scan
🇩🇪 Admins@FBN	2026-06-04 10:05:04 (6 hours ago)	FW-PortScan: Traffic Blocked srcport=61234 dstport=23	Port Scan
🇦🇺 FEWA	2026-06-04 10:03:31 (6 hours ago)	Fail2Ban Ban Triggered	Hacking Brute-Force
🇫🇷 zulzeen	2026-06-04 10:00:37 (6 hours ago)	[distribamap-0] Blocked by SysWarden Firewall [BLOCK] (Telnet IoT Attack)	IoT Targeted Brute-Force
🇲🇿 delsio	2026-06-04 09:59:41 (6 hours ago)	AS37697 ntopng observed inbound attack; alert=Live Flow Malicious Fingerprint; source=18.189.74.1; d ... show more AS37697 ntopng observed inbound attack; alert=Live Flow Malicious Fingerprint; source=18.189.74.1; destination=169.255.133.210; destination_port=23; score=20; action=bgp_blackhole_and_flowspec_discard; block_duration=18000s; reason=high-confidence ntopng_blacklisted,alert_name alert=Live Flow Malicious Fingerprint dst=169.255.133.210 port=23 show less	Port Scan Hacking
🇦🇩 bakunin1848	2026-06-04 09:58:05 (6 hours ago)	Firewall IPS Detection on 04-06-2026 at 11:58:05	Port Scan Exploited Host
🇵🇱 genokrad	2026-06-04 09:57:18 (6 hours ago)	Unauthorized connection attempt on TCP/23 (Telnet)	Port Scan
🇺🇸 mutebot.net	2026-06-04 09:51:40 (7 hours ago)	SRC=18.189.74.1, PROTO=TCP, SPT=61234, DPT=23	Port Scan
🇨🇭 pingusurmars	2026-06-04 09:50:09 (7 hours ago)	Blocked by UFW on ampereone [23/tcp] Source port: 61234 TTL: 52 Packet length: 52 TOS: 0x00 This re ... show more Blocked by UFW on ampereone [23/tcp] Source port: 61234 TTL: 52 Packet length: 52 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan IoT Targeted Brute-Force
🇩🇪 london2038.com	2026-06-04 09:47:20 (7 hours ago)	Connection atttempts against closed TCP ports Jun 4 07:20:01 BLOCK SRC=18.189.74.1 LEN=52 TOS=0x00 ... show more Connection atttempts against closed TCP ports Jun 4 07:20:01 BLOCK SRC=18.189.74.1 LEN=52 TOS=0x00 PREC=0x00 TTL=59 ID=41021 PROTO=TCP SPT=61234 DPT=49153 WINDOW=65535 RES=0x00 SYN Jun 4 08:22:12 BLOCK SRC=18.189.74.1 LEN=52 TOS=0x00 PREC=0x00 TTL=59 ID=18456 PROTO=TCP SPT=61234 DPT=8091 WINDOW=65535 RES=0x00 SYN Jun 4 11:47:20 BLOCK SRC=18.189.74.1 LEN=52 TOS=0x00 PREC=0x00 TTL=59 ID=34233 PROTO=TCP SPT=61234 DPT=23 WINDOW=65535 RES=0x00 SYN show less	Port Scan
🇧🇾 sashan	2026-06-04 09:30:26 (7 hours ago)	2026-06-04T12:30:25.542667+03:00 gate kernel: nftables: JAIL-TELNET IN=wan OUT= MAC= SRC=18.189.74.1 ... show more 2026-06-04T12:30:25.542667+03:00 gate kernel: nftables: JAIL-TELNET IN=wan OUT= MAC= SRC=18.189.74.1 DST=xxx.xxx.xxx.xxx LEN=52 TOS=0x00 PREC=0x00 TTL=55 ID=7073 PROTO=TCP SPT=61234 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇳🇱 StopAbuse	2026-06-04 09:30:14 (7 hours ago)	tcp/23	Port Scan Exploited Host
🇱🇹 NotACaptcha	2026-06-04 09:27:23 (7 hours ago)	Unauthorised access (Jun 4 12:27) SRC=18.189.74.1 LEN=52 TTL=52 ID=58017 TCP DPT=23 WINDOW=65535 SY ... show more Unauthorised access (Jun 4 12:27) SRC=18.189.74.1 LEN=52 TTL=52 ID=58017 TCP DPT=23 WINDOW=65535 SYN Unauthorised access (Jun 3 03:27) SRC=18.189.74.1 LEN=52 TTL=52 ID=15698 TCP DPT=3306 WINDOW=65535 SYN Unauthorised access (Jun 2 18:20) SRC=18.189.74.1 LEN=52 TTL=52 ID=38107 TCP DPT=21 WINDOW=65535 SYN Unauthorised access (Jun 1 17:03) SRC=18.189.74.1 LEN=52 TTL=53 ID=57312 TCP DPT=1433 WINDOW=65535 SYN Unauthorised access (Jun 1 06:50) SRC=18.189.74.1 LEN=52 TTL=53 ID=42715 TCP DPT=5432 WINDOW=65535 SYN show less	Port Scan
🇫🇷 EDSL	2026-06-04 09:22:01 (7 hours ago)	[SRV-VPN1] Blocked by SysWarden Firewall (Telnet IoT Attack)	Port Scan IoT Targeted Brute-Force
🇫🇷 aki	2026-06-04 09:21:40 (7 hours ago)	Drop: ...	Port Scan

Showing 46 to 60 of 19785 reports

‹
1
2
3
4
5
6
7
8
9
10
...
1318
1319
›

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 39.171.240.69

🇺🇸 20.65.138.21

🇸🇪 13.50.125.54

🇧🇷 2804:1450:fe13:ea00:7dd7:73a2:e40b:9976

🇧🇷 177.2.43.241

🇨🇳 111.53.147.80

🇺🇸 50.6.228.32

🇸🇬 47.84.197.66

🇩🇪 158.94.208.225

🇰🇷 112.121.9.170

🇭🇰 101.36.111.38

🇺🇸 52.200.93.170

🇨🇦 34.130.30.127

🇻🇳 14.225.173.146

🇨🇳 171.114.226.4

🇮🇹 113.30.151.23

🇮🇳 103.252.168.4

🇺🇸 64.62.156.123

🇳🇱 45.142.193.53

🇺🇸 35.245.149.91