JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.221.201.211

18.221.201.211 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-18-221-201-211.us-east-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.221.201.211

Whois 18.221.201.211

IP Abuse Reports for 18.221.201.211:

This IP address has been reported a total of 20 times from 20 distinct sources. 18.221.201.211 was first reported on June 5th 2026, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇺 apa4h	2026-06-05 09:05:03 (20 hours ago)	banned by Fail2Ban postfix	Brute-Force
🇩🇪 JF Berne	2026-06-05 09:03:00 (20 hours ago)	SMTP AUTH	Brute-Force
🇳🇱 Sonar	2026-06-05 09:00:41 (20 hours ago)	Bad_host	Brute-Force
🇳🇱 NP Admin	2026-06-05 09:00:33 (20 hours ago)	Detections=4	Brute-Force
🇫🇷 Lacrimosa99	2026-06-05 09:00:32 (20 hours ago)	2026-06-05 10:56:46 SMTP protocol synchronization error (input sent without waiting for greeting): r ... show more 2026-06-05 10:56:46 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=[18.221.201.211] input="\n" 2026-06-05 10:59:43 SMTP call from [18.221.201.211] dropped: too many syntax or protocol errors (last command was "?") 2026-06-05 11:00:32 SMTP call from [18.221.201.211] dropped: too many syntax or protocol errors (last command was "\023\003\023\001\023\002\001??{?\005?\005\001?????") ... show less	Spoofing Brute-Force
🇩🇪 Melle	2026-06-05 09:00:08 (20 hours ago)	Blocked by CrowdSec \| Scenario: crowdsecurity/postfix-non-smtp-command \| 18.221.201.211 triggered 1 ... show more Blocked by CrowdSec \| Scenario: crowdsecurity/postfix-non-smtp-command \| 18.221.201.211 triggered 1 events \| Detected: 2026-06-05T09:00:06.301858761Z show less	Email Spam
🇺🇸 bouvier.me	2026-06-05 08:59:21 (20 hours ago)	2026-06-05T04:56:33.385347sitens3 postfix/submission/smtpd[266852]: lost connection after CONNECT fr ... show more 2026-06-05T04:56:33.385347sitens3 postfix/submission/smtpd[266852]: lost connection after CONNECT from ec2-18-221-201-211.us-east-2.compute.amazonaws.com[18.221.201.211] 2026-06-05T04:56:48.072985sitens3 postfix/submission/smtpd[266852]: lost connection after CONNECT from ec2-18-221-201-211.us-east-2.compute.amazonaws.com[18.221.201.211] 2026-06-05T04:59:20.680003sitens3 postfix/submission/smtpd[266852]: lost connection after CONNECT from ec2-18-221-201-211.us-east-2.compute.amazonaws.com[18.221.201.211] ... show less	Web Spam Brute-Force Exploited Host
🇺🇸 oukat	2026-06-05 08:59:09 (20 hours ago)	POP3/IMAP/SMTP-submission authentication brute-force	Brute-Force
🇩🇪 Justin F. \| AS204464	2026-06-05 08:58:36 (20 hours ago)	Honeypot [nx-infrastructure]: HTTP/1.1 request on 8585 GET / User-Agent: visionheight.com/scan Mozi ... show more Honeypot [nx-infrastructure]: HTTP/1.1 request on 8585 GET / User-Agent: visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 8585 [2] TCP Reported by: Justin F. show less	Hacking Bad Web Bot
🇺🇸 drewf.ink	2026-06-05 08:58:15 (20 hours ago)	[08:58] Port scanning. Port(s) scanned: TCP/587	Port Scan
🇦🇺 LiftUp Hosting	2026-06-05 08:57:58 (20 hours ago)	Honeypot hit: Unauthorized traffic (1 bytes of payload); 3001 [3] TCP	Port Scan
🇳🇿 TazzNZ	2026-06-05 08:57:53 (20 hours ago)	2026-06-05T20:55:48.387816+12:00 eragon sm-mta[2661557]: 6558tlIf2661557: rejecting commands from ec ... show more 2026-06-05T20:55:48.387816+12:00 eragon sm-mta[2661557]: 6558tlIf2661557: rejecting commands from ec2-18-221-201-211.us-east-2.compute.amazonaws.com [18.221.201.211] due to pre-greeting traffic after 0 seconds 2026-06-05T20:56:02.899497+12:00 eragon sm-mta[2661576]: 6558u2Na2661576: rejecting commands from ec2-18-221-201-211.us-east-2.compute.amazonaws.com [18.221.201.211] due to pre-greeting traffic after 0 seconds 2026-06-05T20:56:59.960320+12:00 eragon sm-mta[2661715]: 6558ux842661715: rejecting commands from ec2-18-221-201-211.us-east-2.compute.amazonaws.com [18.221.201.211] due to pre-greeting traffic after 0 seconds ... show less	Brute-Force SSH
🇯🇵 mkaraki	2026-06-05 08:57:47 (20 hours ago)	1780649866 # Service_probe # SIGNATURE_SEND # source_ip:18.221.201.211 # dst_port:3001 ...	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-05 08:56:59 (20 hours ago)	Honeypot hit: HTTP/1.1 request on 3001 GET / User-Agent: visionheight.com/scan Mozilla/5.0 (Macinto ... show more Honeypot hit: HTTP/1.1 request on 3001 GET / User-Agent: visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 3001 [5] TCP show less	Web App Attack
🇩🇪 femboy.cat	2026-06-05 08:56:53 (20 hours ago)	Port scan to tcp/10001 from 18.221.201.211	Brute-Force

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.56

🇧🇷 186.26.89.90

🇸🇮 176.65.134.3

🇺🇸 162.216.149.120

🇺🇸 109.105.210.9

🇫🇷 91.231.89.74

🇷🇴 80.94.92.167

🇬🇧 35.203.211.32

🇵🇪 181.64.123.74

🇰🇷 112.184.56.199

🇨🇳 111.17.213.162

🇧🇩 103.179.198.19

🇮🇳 103.112.35.42

🇮🇩 103.65.237.216

🇷🇺 94.243.8.164

🇫🇷 91.231.89.234

🇨🇳 47.95.207.195

🇳🇱 45.148.10.147

🇨🇳 43.140.37.167

🇬🇧 35.203.210.210