JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.232.52.91

18.232.52.91 was found in our database!

This IP was reported 3 times. Confidence of Abuse is 16%: ?

16%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-18-232-52-91.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.232.52.91

Whois 18.232.52.91

IP Abuse Reports for 18.232.52.91:

This IP address has been reported a total of 3 times from 2 distinct sources. 18.232.52.91 was first reported on June 20th 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-20 22:01:40 (16 hours ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-19. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-20 05:08:41 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 18.232.52.91 (ec2-18-232-52-91.compute-1.amazon ... show more (mod_security) mod_security (id:210492) triggered by 18.232.52.91 (ec2-18-232-52-91.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 01:08:33.821529 2026] [security2:error] [pid 24310:tid 24310] [client 18.232.52.91:33728] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.deanfountain.com"] [uri "/.git/HEAD"] [unique_id "ajYgUWYiqE0Qyfp7M4qP-QAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 03:30:01 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 18.232.52.91 (ec2-18-232-52-91.compute-1.amazon ... show more (mod_security) mod_security (id:210492) triggered by 18.232.52.91 (ec2-18-232-52-91.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 23:29:55.661605 2026] [security2:error] [pid 11077:tid 11077] [client 18.232.52.91:52472] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.godcanuseyou.com"] [uri "/.git/config"] [unique_id "ajYJMw-LsuwKBHIYpDbTLAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 3 of 3 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 3.112.204.246

🇵🇱 212.127.91.32

🇦🇺 193.114.134.130

🇩🇪 172.253.1.208

🇩🇪 167.94.145.16

🇹🇭 118.194.250.232

🇺🇸 109.105.209.17

🇺🇸 104.198.74.90

🇮🇳 103.197.112.46

🇺🇸 52.20.198.190

🇺🇸 50.84.211.204

🇨🇳 43.248.0.177

🇺🇸 20.12.185.213

🇺🇸 3.91.249.148

🇺🇸 2604:a880:400:d1:0:4:9e7c:b001

🇲🇽 189.147.19.238

🇮🇩 157.20.189.179

🇺🇸 139.180.224.207

🇨🇳 120.48.102.177

🇨🇳 118.196.68.35