JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.209.31.144

18.209.31.144 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 14%: ?

14%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-18-209-31-144.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.209.31.144

Whois 18.209.31.144

IP Abuse Reports for 18.209.31.144:

This IP address has been reported a total of 4 times from 2 distinct sources. 18.209.31.144 was first reported on June 22nd 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-23 22:02:17 (5 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-22. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-22 22:06:12 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 18.209.31.144 (ec2-18-209-31-144.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 18.209.31.144 (ec2-18-209-31-144.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 18:06:09.119013 2026] [security2:error] [pid 17940:tid 17940] [client 18.209.31.144:46280] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "statevictoryfund.progressivefileshare.org"] [uri "/.git/HEAD"] [unique_id "ajmx0b7a7fjlqMvdUG_SvQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-22 22:01:04 (6 days ago)	Auto-ban: >3000 req/min op 2026-06-22	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-22 15:02:32 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 18.209.31.144 (ec2-18-209-31-144.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 18.209.31.144 (ec2-18-209-31-144.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 11:02:27.246653 2026] [security2:error] [pid 5125:tid 5125] [client 18.209.31.144:56090] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.mountararattrek.com"] [uri "/.git/HEAD"] [unique_id "ajlOgzP_Ei6Jj46E0ZmH6gAAADM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 216.98.213.197

🇩🇪 209.38.243.115

🇧🇷 200.223.200.26

🇻🇪 167.249.32.224

🇺🇸 159.223.98.144

🇧🇷 152.244.203.249

🇺🇸 143.198.150.150

🇮🇳 139.59.86.13

🇭🇰 46.247.61.43

🇺🇸 40.121.179.100

🇮🇪 34.241.13.89

🇭🇰 34.150.87.243

🇧🇷 34.95.223.23

🇧🇷 20.197.238.124

🇨🇳 14.103.184.200

🇷🇴 2.57.121.25

🇮🇩 2001:448a:5130:afb1:4d8e:c948:357b:7531

🇨🇳 218.200.9.182

🇻🇪 200.8.9.168

🇿🇼 196.27.114.137