JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.61.252.63

18.61.252.63 was found in our database!

This IP was reported 74 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Data Services India
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-18-61-252-63.ap-south-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇮🇳 India
City	Hyderabad, Telangana

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.61.252.63

Whois 18.61.252.63

IP Abuse Reports for 18.61.252.63:

This IP address has been reported a total of 74 times from 41 distinct sources. 18.61.252.63 was first reported on April 24th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-15 07:15:13 (1 hour ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
Anonymous	2026-06-15 06:06:08 (2 hours ago)	Bot / scanning and/or hacking attempts: GET /wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.gpexlogi ... show more Bot / scanning and/or hacking attempts: GET /wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.gpexlogisti, GET /?rest_route=/wp/v2/users HTTP/1.1, GET /author-sitemap.xml HTTP/1.1, GET /feed/ HTTP/1.1, GET /wp-sitemap-users-1.xml HTTP/1.1, GET /?author=3 HTTP/1.1, GET /wp-json/wp/v2/posts?_embed&per_page=5 HTTP/1.1, GET /?author=2 HTTP/1.1, GET /wp-json/wc/v3/products HTTP/1.1, POST /xmlrpc.php HTTP/1.1, GET /?author=8 HTTP/1.1, GET /wp-json/wcfm/v1/store-vendors HTTP/1.1, GET /?author=1 HTTP/1.1, GET /?author=4 HTTP/1.1, GET /?author=5 HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 nyt	2026-06-15 04:40:48 (3 hours ago)	Brute-Force, Web App Attack, suspicious: Login brute-force (8/60s)	Brute-Force Web App Attack
🇩🇪 neogenius	2026-06-15 00:06:06 (8 hours ago)	Web App Attack	Web App Attack Brute-Force
Anonymous	2026-06-14 21:06:41 (11 hours ago)	Fail2Ban WordPress login brute-force detected	Brute-Force Web App Attack
🇬🇧 blik2108	2026-06-14 12:08:24 (20 hours ago)	blog.blacknellsatsea.co.uk:443 18.61.252.63 - - [14/Jun/2026:13:08:23 +0100] "POST /wp-login.php HTT ... show more blog.blacknellsatsea.co.uk:443 18.61.252.63 - - [14/Jun/2026:13:08:23 +0100] "POST /wp-login.php HTTP/1.1" 200 7176 "https://blog.blacknellsatsea.co.uk/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" blog.blacknellsatsea.co.uk:443 18.61.252.63 - - [14/Jun/2026:13:08:23 +0100] "POST /wp-login.php HTTP/1.1" 200 7175 "https://blog.blacknellsatsea.co.uk/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" blog.blacknellsatsea.co.uk:443 18.61.252.63 - - [14/Jun/2026:13:08:23 +0100] "POST /wp-login.php HTTP/1.1" 200 7177 "https://blog.blacknellsatsea.co.uk/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" blog.blacknellsatsea.co.uk:443 18.61.252.63 - - [14/Jun/2026:13:08:23 +0100] "POST /wp-login.php HTTP/1.1" 200 7176 "https://blog.blacknellsatsea.co ... show less	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-14 10:02:06 (22 hours ago)	WordPress: User enumeration. Pattern match "(author\\\\= (88030-193)	Hacking
🇩🇪 poseidon00	2026-06-14 09:54:21 (22 hours ago)	18.61.252.63 - - [14/Jun/2026:09:54:20 +0000] "POST /wp-login.php HTTP/1.1" 200 6567 "https://www.ch ... show more 18.61.252.63 - - [14/Jun/2026:09:54:20 +0000] "POST /wp-login.php HTTP/1.1" 200 6567 "https://www.check4cyber.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 18.61.252.63 - - [14/Jun/2026:09:54:20 +0000] "POST /wp-login.php HTTP/1.1" 200 6549 "https://www.check4cyber.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 18.61.252.63 - - [14/Jun/2026:09:54:20 +0000] "POST /wp-login.php HTTP/1.1" 200 6576 "https://www.check4cyber.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 18.61.252.63 - - [14/Jun/2026:09:54:20 +0000] "POST /wp-login.php HTTP/1.1" 200 6548 "https://www.check4cyber.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 18.61.252.63 - - [14/Jun/2026:09:54: ... show less	Brute-Force Web App Attack
🇫🇷 solution.it	2026-06-14 02:37:41 (1 day ago)	[Sun Jun 14 04:37:41.140770 2026] [php7:error] [pid 3542327:tid 3542327] [client 18.61.252.63:49436] ... show more [Sun Jun 14 04:37:41.140770 2026] [php7:error] [pid 3542327:tid 3542327] [client 18.61.252.63:49436] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat, referer: https://www.solution.it/wp-login.php show less	Web App Attack
🇫🇷 dynamix	2026-06-13 23:48:08 (1 day ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-13 22:33:22 (1 day ago)	18.61.252.63 - - [14/Jun/2026:00:33:19 +0200] "POST /wp-login.php HTTP/1.1" 200 130359 "https://www. ... show more 18.61.252.63 - - [14/Jun/2026:00:33:19 +0200] "POST /wp-login.php HTTP/1.1" 200 130359 "https://www.pentagontvzambia.org/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 18.61.252.63 - - [14/Jun/2026:00:33:20 +0200] "POST /wp-login.php HTTP/1.1" 200 129882 "https://www.pentagontvzambia.org/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 18.61.252.63 - - [14/Jun/2026:00:33:21 +0200] "POST /wp-login.php HTTP/1.1" 200 129890 "https://www.pentagontvzambia.org/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 18.61.252.63 - - [14/Jun/2026:00:33:21 +0200] "POST /wp-login.php HTTP/1.1" 200 130359 "https://www.pentagontvzambia.org/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0 ... show less	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-06-13 21:45:07 (1 day ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
Anonymous	2026-06-13 20:53:26 (1 day ago)	Fail2Ban WordPress login brute-force detected	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-13 17:25:49 (1 day ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 abdubhai	2026-06-11 09:41:15 (3 days ago)	18.61.252.63 - - [11/Jun/2026:14 ...	Brute-Force

Showing 1 to 15 of 74 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a05:d01c:8c7:6800:fa1f:3402:8e79:96c6

🇺🇸 209.85.210.179

🇮🇳 182.72.102.106

🇫🇮 157.22.45.58

🇨🇳 122.7.54.155

🇨🇳 120.48.150.20

🇩🇪 91.58.149.158

🇫🇮 87.121.89.116

🇫🇷 85.217.140.25

🇬🇧 82.36.32.24

🇳🇱 81.19.216.94

🇻🇳 42.96.17.249

🇺🇸 34.162.40.213

🇱🇹 81.30.98.49

🇷🇴 80.94.92.187

🇮🇪 54.171.91.176

🇺🇸 52.22.87.224

🇦🇷 45.238.106.166

🇳🇱 45.148.10.141

🇧🇷 43.164.193.198