JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.218.223.56

18.218.223.56 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 22%: ?

22%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-18-218-223-56.us-east-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.218.223.56

Whois 18.218.223.56

IP Abuse Reports for 18.218.223.56:

This IP address has been reported a total of 5 times from 4 distinct sources. 18.218.223.56 was first reported on May 25th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-26 21:59:38 (2 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-25. show less	Web App Attack SSH Hacking
🇧🇪 cmbplf	2026-05-25 08:38:55 (2 weeks ago)	2.389 requests with url.path *.env	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-25 04:54:52 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 18.218.223.56 (ec2-18-218-223-56.us-east-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 18.218.223.56 (ec2-18-218-223-56.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 00:54:47.145406 2026] [security2:error] [pid 22795:tid 22795] [client 18.218.223.56:37988] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blockadefoundationrepair.com"] [uri "/.git/config"] [unique_id "ahPWFw01Rms1XDDhWWfvhQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 controleert.nl	2026-05-25 04:54:27 (2 weeks ago)	18.218.223.56 - - [25/May/2026:06:54:12 +0200] "GET /mailer/.env HTTP/1.1" 404 12292 "-" "Mozilla/5. ... show more 18.218.223.56 - - [25/May/2026:06:54:12 +0200] "GET /mailer/.env HTTP/1.1" 404 12292 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "-" 18.218.223.56 - - [25/May/2026:06:54:13 +0200] "GET /mail/.env HTTP/1.1" 404 12291 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "-" 18.218.223.56 - - [25/May/2026:06:54:14 +0200] "GET /mailing/.env HTTP/1.1" 404 12294 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "-" 18.218.223.56 - - [25/May/2026:06:54:25 +0200] "GET /mailgun/.env HTTP/1.1" 404 12293 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "-" 18.218.223.56 - - [25/May/2026:06:54:26 +0200] "GET /mailjet/.env HTTP/1.1" 404 12292 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 02:03:28 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 18.218.223.56 (ec2-18-218-223-56.us-east-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 18.218.223.56 (ec2-18-218-223-56.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 22:03:20.809566 2026] [security2:error] [pid 18725:tid 18725] [client 18.218.223.56:59420] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blindshine.com"] [uri "/.git/config"] [unique_id "ahOt6Hi-r5HVN4Pj5sFv3gAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.56

🇺🇸 207.180.29.33

🇭🇰 199.45.155.66

🇮🇳 182.95.113.74

🇨🇭 179.43.163.26

🇧🇷 177.106.57.120

🇺🇸 35.245.189.45

🇧🇪 35.233.95.42

🇺🇸 34.162.235.126

🇮🇩 34.101.164.108

🇺🇸 20.168.7.136

🇩🇪 13.140.137.11

🇺🇸 216.180.246.225

🇺🇸 205.210.31.70

🇮🇩 182.8.183.118

🇬🇧 138.68.163.72

🇿🇦 129.232.165.250

🇨🇳 101.200.52.133

🇨🇿 89.203.142.96

🇫🇷 82.102.18.116