JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.213.113.117

18.213.113.117 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-18-213-113-117.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.213.113.117

Whois 18.213.113.117

IP Abuse Reports for 18.213.113.117:

This IP address has been reported a total of 25 times from 20 distinct sources. 18.213.113.117 was first reported on June 17th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 Peregrine	2026-06-19 03:13:14 (1 day ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: - 18.213.113.117 - - [17/Jun/2026:20:14:39 -0300] " ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: - 18.213.113.117 - - [17/Jun/2026:20:14:39 -0300] "GET /.git/HEAD HTTP/1.1" 404 18193 show less	Bad Web Bot
🇧🇷 SOC-BR	2026-06-18 07:23:24 (2 days ago)	Attack detected by Fortinet - applications3: Spring.Boot.Actuator.Unauthorized.Access - 2026-06-17 2 ... show more Attack detected by Fortinet - applications3: Spring.Boot.Actuator.Unauthorized.Access - 2026-06-17 20:01:51 - Source Port 37302 show less	Port Scan Hacking
🇷🇸 Scan	2026-06-18 00:45:34 (2 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 LotPhantom	2026-06-17 23:59:19 (2 days ago)	2026-06-17T23:59:19.163798+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1 ... show more 2026-06-17T23:59:19.163798+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1:fe:00:00:00:01:01:08:00 SRC=18.213.113.117 DST=157.230.217.55 LEN=60 TOS=0x00 PREC=0x00 TTL=58 ID=26276 DF PROTO=TCP SPT=59418 DPT=2086 WINDOW=62727 RES=0x00 SYN URGP=0 2026-06-17T23:59:19.163874+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1:fe:00:00:00:01:01:08:00 SRC=18.213.113.117 DST=157.230.217.55 LEN=60 TOS=0x00 PREC=0x00 TTL=58 ID=56208 DF PROTO=TCP SPT=34710 DPT=2082 WINDOW=62727 RES=0x00 SYN URGP=0 ... show less	Port Scan Hacking
🇧🇷 SOCBRAZIL	2026-06-17 23:34:24 (2 days ago)	IPS: Web Server Enforcement Violation.	Hacking
🇩🇪 HoneyPot-FrPri	2026-06-17 23:31:44 (2 days ago)	18.213.113.117 - - [18/Jun/2026:01:31:41 +0200] "GET /.git/HEAD HTTP/1.1" 404 187 "-" "Mozilla/5.0 ( ... show more 18.213.113.117 - - [18/Jun/2026:01:31:41 +0200] "GET /.git/HEAD HTTP/1.1" 404 187 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 18.213.113 ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 23:31:02 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 18.213.113.117 (ec2-18-213-113-117.compute-1.am ... show more (mod_security) mod_security (id:210492) triggered by 18.213.113.117 (ec2-18-213-113-117.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 19:30:56.975628 2026] [security2:error] [pid 25056:tid 25056] [client 18.213.113.117:38706] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.104"] [uri "/.git/HEAD"] [unique_id "ajMuMJ3uEJAecsLINftBQQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Starburst SysOp Team	2026-06-17 23:19:39 (2 days ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-14)	Hacking Bad Web Bot
🇧🇷 Peregrine	2026-06-17 23:14:43 (2 days ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: - 18.213.113.117 - - [17/Jun/2026:20:14:39 -0300] " ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: - 18.213.113.117 - - [17/Jun/2026:20:14:39 -0300] "GET /.git/HEAD HTTP/1.1" 404 18193 show less	Bad Web Bot
🇳🇱 Savvii	2026-06-17 22:56:52 (2 days ago)	15 attempts against mh-modsecurity-ban on cmdb	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 22:40:20 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 18.213.113.117 (ec2-18-213-113-117.compute-1.am ... show more (mod_security) mod_security (id:210492) triggered by 18.213.113.117 (ec2-18-213-113-117.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 18:40:16.393135 2026] [security2:error] [pid 10889:tid 10979] [client 18.213.113.117:60390] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.24"] [uri "/.git/HEAD"] [unique_id "ajMiUNAdI9rm-Ag0fPk1jgAAAgg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Mykola Spesivtsev	2026-06-17 22:23:51 (2 days ago)	HTTP Tarpit detected bot activity:TargetPort:80, Path:/.git/HEAD, Method:GET, UA:Mozilla/5.0 (Macint ... show more HTTP Tarpit detected bot activity:TargetPort:80, Path:/.git/HEAD, Method:GET, UA:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0. show less	Port Scan Web App Attack Bad Web Bot
🇩🇪 ghostwarriors	2026-06-17 22:20:25 (2 days ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Rip	2026-06-17 22:18:31 (2 days ago)	Automated recon attempt targeting restricted and sensitive paths.	Web App Attack
🇮🇩 Burayot	2026-06-17 22:07:45 (2 days ago)	LF_APACHE_403: 18.213.113.117 (US/United States/ec2-18-213-113-117.compute-1.amazonaws.com), more th ... show more LF_APACHE_403: 18.213.113.117 (US/United States/ec2-18-213-113-117.compute-1.amazonaws.com), more than 10 Apache 403 hits in the last 3600 secs show less	Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 170.106.15.3

🇯🇵 195.172.211.205

🇺🇸 184.105.247.251

🇧🇴 181.188.148.74

🇦🇷 181.0.214.136

🇩🇪 139.59.208.49

🇨🇳 114.237.144.215

🇮🇩 103.83.179.2

🇭🇰 103.20.223.56

🇬🇧 89.37.172.158

🇭🇷 82.23.211.87

🇺🇦 79.143.45.75

🇧🇬 78.83.249.54

🇫🇷 51.83.10.173

🇳🇱 217.60.195.160

🇵🇱 194.180.49.56

🇺🇸 193.34.74.56

🇺🇸 185.221.22.182

🇩🇪 167.233.22.224

🇳🇱 160.119.76.62