AbuseIPDB » 18.217.104.52

18.217.104.52 was found in our database!

This IP was reported 111 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-18-217-104-52.us-east-2.compute.amazonaws.com
Domain Name	amazon.com
Country	United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 18.217.104.52

Whois 18.217.104.52

IP Abuse Reports for 18.217.104.52:

This IP address has been reported a total of 111 times from 71 distinct sources. 18.217.104.52 was first reported on May 26th 2024, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
Sipo Chutão	2025-02-11 01:00:01 (1 day ago)	\x16\x03\x01 400"	Hacking
Sipo Chutão	2025-02-01 01:00:01 (1 week ago)	Web Attack	Hacking
rshict	2025-01-28 10:14:39 (2 weeks ago)	Hacking, Brute-Force, Web App Attack	Hacking Brute-Force Web App Attack
Anonymous	2025-01-15 11:08:01 (3 weeks ago)	[14/Jan/2025:12:47:05 -0500] \"GET / HTTP/1.0\" Blank UA [14/Jan/2025:13:13:01 -0500] \"\x16\x ... show more[14/Jan/2025:12:47:05 -0500] \"GET / HTTP/1.0\" Blank UA [14/Jan/2025:13:13:01 -0500] \"\x16\x03\x01\" Blank UA [14/Jan/2025:13:13:38 -0500] \"GET / HTTP/1.1\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36\" show less	Hacking
svejk	2025-01-15 08:13:00 (3 weeks ago)	[15/Jan/2025:00:47:07 +1030] "GET / HTTP/1.1" 400 650 "-"	Phishing Port Scan
Anonymous	2025-01-14 22:50:14 (4 weeks ago)	Reported from Nginx log analysis 4. Log: 18.217.104.52 - - [14/Jan/2025:xx:xx:xx 0100] "GET / HTTP/ ... show moreReported from Nginx log analysis 4. Log: 18.217.104.52 - - [14/Jan/2025:xx:xx:xx 0100] "GET / HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36" "-" "US United States Columbus" "AS16509" "AMAZON-02" show less	Port Scan Brute-Force SSH
drewf.ink	2025-01-14 19:16:41 (4 weeks ago)	[19:16] Port scanning. Port(s) scanned: TCP/2083	Port Scan
Prepaid-Host.com	2025-01-14 19:16:02 (4 weeks ago)	Malicious activity detected by Prepaid-Host Honeypot (Honeytrap). (Port: 38850)	Brute-Force SSH
Anymous	2025-01-14 19:10:14 (4 weeks ago)	GET / HTTP/1.0 400 1285 "-" "-"	Port Scan Web App Attack
kumiko	2025-01-14 18:52:56 (4 weeks ago)	[2025-01-14 18:52:56] Probing for exploits [1 requests] "\x16\x03\x01" 301	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-14 18:44:01 (4 weeks ago)	\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xB7\x9C\xA9 GET / HTTP/1.1 \x16\x03\x01\x00{\x01\ ... show more\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xB7\x9C\xA9 GET / HTTP/1.1 \x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x13z\x07\x0 show less	Bad Web Bot Web App Attack
archiv-pm	2025-01-14 18:43:19 (4 weeks ago)	Probing for resource vulnerabilities HTTP(S)	Web App Attack
flaus	2025-01-14 18:33:33 (4 weeks ago)	$f2bV_matches	Hacking Bad Web Bot Web App Attack
Anonymous	2025-01-14 18:25:59 (4 weeks ago)	Fail2Ban Log Report 18.217.104.52 - [14/Jan/2025:19:25:53 +0100] "\x16\x03\x01\x00{\x01\x00\x00w\x03 ... show moreFail2Ban Log Report 18.217.104.52 - [14/Jan/2025:19:25:53 +0100] "\x16\x03\x01\x00{\x01\x00\x00w\x03\x03<\xD9'\xFB\xA3\x96L\x184l;7\x987\xDC\xB4\x01R\x9Dk\x89\xB1\x8FvC\xA4\x80\x86\xDB\x96wN\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0" 403 146 "-" "-" "-" "-" ... show less	Hacking SQL Injection Web App Attack
LRNP	2025-01-14 18:25:54 (4 weeks ago)	_:80 18.217.104.52 - - [14/Jan/2025:18:25:54 +0000] "\x16\x03\x01\x00{\x01\x00\x00w\x03\x03M)\x9A\x9 ... show more_:80 18.217.104.52 - - [14/Jan/2025:18:25:54 +0000] "\x16\x03\x01\x00{\x01\x00\x00w\x03\x03M)\x9A\x9DM4\x824\x14\x8D\x94[#\x92\x179a\xC0\xAA=g\xE9%\x0F\xEC7\xB2\x9D\xA9\xA2\xFDe\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0" 400 150 "-" "-" ... show less	Bad Web Bot Web App Attack