JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.206.189.73

18.206.189.73 was found in our database!

This IP was reported 345 times. Confidence of Abuse is 38%: ?

38%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-18-206-189-73.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.206.189.73

Whois 18.206.189.73

IP Abuse Reports for 18.206.189.73:

This IP address has been reported a total of 345 times from 70 distinct sources. 18.206.189.73 was first reported on May 28th 2021, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 paulshipley.com.au	2026-06-10 22:37:33 (5 days ago)	[Thu Jun 11 08:37:33.074360 2026] [security2:error] [pid 418355] [client 18.206.189.73:56524] [clien ... show more [Thu Jun 11 08:37:33.074360 2026] [security2:error] [pid 418355] [client 18.206.189.73:56524] [client 18.206.189.73] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "furst.com.au"] [uri "/.git/HEAD"] [unique_id "ainnLY4jEgISIImmzKWevgAAAAA"], referer: http://furst.com.au/.git/HEAD ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 17:01:55 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 18.206.189.73 (ec2-18-206-189-73.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 18.206.189.73 (ec2-18-206-189-73.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 13:01:49.740766 2026] [security2:error] [pid 7256:tid 7286] [client 18.206.189.73:44788] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seracon.com.ec"] [uri "/.git/HEAD"] [unique_id "aiRSfZH7LUojXq-dzJnf3wAAAYA"], referer: https://sucuri.net show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-05 08:05:33 (1 week ago)	Blocked: Reason='Suspicious traffic score=70 (review-based detection)'; Requests=20	Hacking
🇪🇸 el-brujo	2026-05-31 06:50:29 (2 weeks ago)	Cloudflare WAF: Request Path: /.git/HEAD Request Query: Host: elhacker.net userAgent: Mozilla/5.0 ( ... show more Cloudflare WAF: Request Path: /.git/HEAD Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko Action: block Source: firewallManaged ASN Description: Amazon.com, Inc. Country: US Method: GET Timestamp: 2026-05-31T06:50:29Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-05-28 06:29:28 (2 weeks ago)	Cloudflare WAF: Request Path: /.git/HEAD Request Query: Host: elhacker.net userAgent: Mozilla/5.0 ( ... show more Cloudflare WAF: Request Path: /.git/HEAD Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko Action: block Source: firewallManaged ASN Description: Amazon.com, Inc. Country: US Method: GET Timestamp: 2026-05-28T06:29:28Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-05-27 22:58:56 (2 weeks ago)	Cloudflare WAF: Request Path: /.git/HEAD Request Query: Host: elhacker.net userAgent: Mozilla/5.0 ( ... show more Cloudflare WAF: Request Path: /.git/HEAD Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko Action: block Source: firewallManaged ASN Description: Amazon.com, Inc. Country: US Method: GET Timestamp: 2026-05-27T22:58:56Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇩🇪 AetherFox	2026-05-26 04:43:24 (3 weeks ago)	AetherFox VoidGuard detected: [Tue May 26 04:43:23.760860 2026] [authz_core:error] [pid 1729328:tid ... show more AetherFox VoidGuard detected: [Tue May 26 04:43:23.760860 2026] [authz_core:error] [pid 1729328:tid 1729365] [client 18.206.189.73:44270] AH01630: client denied by server configuration: proxy:http://[MASKED]/404testpage4525d2fdc, referer: https://sucuri.net [Tue May 26 04:43:23.760900 2026] [authz_core:error] [pid 1729329:tid 1729362] [client 18.206.189.73:44262] AH01630: client denied by server configuration: proxy:http://[MASKED]/.git/HEAD, referer: https://sucuri.net [Tue May 26 04:43:23.760977 2026] [authz_core:error] [pid 1729328:tid 1729365] [client 18.206.189.73:44270] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html, referer: https://sucuri.net [Tue May 26 04:43:23.761053 2026] [authz_core:error] [pid 1729329:tid 1729362] [client 18.206.189.73:44262] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html, referer: https://sucuri.net [Tue May 26 04:43:23.761767 2026] [authz_core:error] [pid 172 ... show less	Bad Web Bot Web App Attack
🇪🇸 librebit	2026-05-25 03:28:43 (3 weeks ago)	Brute force	Brute-Force
🇺🇸 avgsmoe	2026-05-17 01:14:18 (4 weeks ago)	REPEAT offender. Observed 140 times.	Port Scan Brute-Force
🇪🇸 el-brujo	2026-05-11 03:48:26 (1 month ago)	Cloudflare WAF: Request Path: /.git/HEAD Request Query: Host: elhacker.net userAgent: Mozilla/5.0 ( ... show more Cloudflare WAF: Request Path: /.git/HEAD Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko Action: block Source: firewallManaged ASN Description: Amazon.com, Inc. Country: US Method: GET Timestamp: 2026-05-11T03:48:26Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-05-09 01:30:04 (1 month ago)	Cloudflare WAF: Request Path: /.git/HEAD Request Query: Host: elhacker.net userAgent: Mozilla/5.0 ( ... show more Cloudflare WAF: Request Path: /.git/HEAD Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko Action: block Source: firewallManaged ASN Description: Amazon.com, Inc. Country: US Method: GET Timestamp: 2026-05-09T01:30:04Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇫🇷 ingroscart.it	2026-05-05 00:04:36 (1 month ago)	(mod_security) mod_security triggered on hostname [redacted] 18.206.189.73 (US/United States/ec2-18- ... show more (mod_security) mod_security triggered on hostname [redacted] 18.206.189.73 (US/United States/ec2-18-206-189-73.compute-1.amazonaws.com) show less	SQL Injection
🇫🇷 ingroscart.it	2026-05-01 00:04:38 (1 month ago)	(mod_security) mod_security triggered on hostname [redacted] 18.206.189.73 (US/United States/ec2-18- ... show more (mod_security) mod_security triggered on hostname [redacted] 18.206.189.73 (US/United States/ec2-18-206-189-73.compute-1.amazonaws.com) show less	SQL Injection
🇫🇷 ingroscart.it	2026-04-29 00:04:26 (1 month ago)	(mod_security) mod_security triggered on hostname [redacted] 18.206.189.73 (US/United States/ec2-18- ... show more (mod_security) mod_security triggered on hostname [redacted] 18.206.189.73 (US/United States/ec2-18-206-189-73.compute-1.amazonaws.com) show less	SQL Injection
🇪🇸 librebit	2026-04-27 02:05:17 (1 month ago)	Brute force	Brute-Force

Showing 1 to 15 of 345 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.106.80.22

🇧🇷 177.71.25.223

🇨🇳 115.191.64.182

🇧🇿 45.227.254.154

🇺🇿 213.230.127.104

🇩🇪 213.209.159.175

🇦🇱 188.93.112.20

🇺🇸 147.185.132.148

🇸🇬 140.245.58.29

🇹🇼 118.194.252.168

🇰🇷 114.108.165.18

🇧🇾 93.84.97.4

🇧🇬 79.124.40.82

🇩🇪 69.5.169.254

🇮🇳 49.207.244.154

🇷🇴 2.57.121.112

🇦🇪 2.50.175.79

🇺🇸 216.180.246.112

🇹🇼 198.235.24.90

🇷🇴 141.98.83.240