JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.97.19.148

18.97.19.148 was found in our database!

This IP was reported 171 times. Confidence of Abuse is 70%: ?

70%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	scanner-18-97-19-148.reposify.net
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.97.19.148

Whois 18.97.19.148

IP Abuse Reports for 18.97.19.148:

This IP address has been reported a total of 171 times from 80 distinct sources. 18.97.19.148 was first reported on July 11th 2025, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-12 22:12:22 (21 hours ago)	Honeypot hit: HTTP/1.1 request on 8200 GET / User-Agent: elasticsearch-py/7.13.4 (Python 3.10.12) A ... show more Honeypot hit: HTTP/1.1 request on 8200 GET / User-Agent: elasticsearch-py/7.13.4 (Python 3.10.12) Accept-Encoding: identity; 8200 [8] TCP show less	Web App Attack
🇭🇰 sandra361	2026-06-12 16:04:21 (1 day ago)	Port scan detected: 13 attempts across 1 ports (587). \| Evidence: REAPER_TARPIT: IN=eth0 SRC=18.97.1 ... show more Port scan detected: 13 attempts across 1 ports (587). \| Evidence: REAPER_TARPIT: IN=eth0 SRC=18.97.19.148 LEN=60 TOS=0x14 PREC=0x00 TTL=54 ID=25439 DF PROTO=TCP SPT=39466 DPT=587 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇦🇺 LiftUp Hosting	2026-06-12 11:28:00 (1 day ago)	Honeypot hit: HTTP/1.1 request on 8015 GET / User-Agent: Mozilla/5.0 (Windows NT 6.2;en-US) AppleWe ... show more Honeypot hit: HTTP/1.1 request on 8015 GET / User-Agent: Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/54.0.3085.90 Safari/537.32 Accept: / Accept-Encoding: gzip, deflate; 8015 [7] TCP show less	Hacking Bad Web Bot
Anonymous	2026-06-07 07:11:36 (6 days ago)	Illegitimate and/or suspicious requests.	Hacking
🇳🇴 tmiland	2026-06-06 10:57:29 (1 week ago)	Suricata Detected 6 attacks from 18.97.19.148.; GPL DNS named version attempt; IP: 18.97.19.148; Por ... show more Suricata Detected 6 attacks from 18.97.19.148.; GPL DNS named version attempt; IP: 18.97.19.148; Ports: 56658; Direction: to_server; Trigger: DNS; Category: Attempted Information Leak; Severity: 2 show less	Brute-Force
Anonymous	2026-06-06 09:53:09 (1 week ago)	Reported from Nginx log analysis 17. Log: 18.97.19.148 - - [06/Jun/2026:xx:xx:xx 0200] "GET / HTTP/ ... show more Reported from Nginx log analysis 17. Log: 18.97.19.148 - - [06/Jun/2026:xx:xx:xx 0200] "GET / HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/53.0.3019.105 Safari/537.32" "-" "US United States Ashburn" "AS14618" "Amazon.com, Inc." show less	Port Scan Brute-Force SSH
🇳🇱 stom	2026-05-22 10:27:16 (3 weeks ago)	2026-05-22T10:27:13.881851 socky.stom66.co.uk proftpd[156474]: session[156474] 5.79.80.26 (18.97.19. ... show more 2026-05-22T10:27:13.881851 socky.stom66.co.uk proftpd[156474]: session[156474] 5.79.80.26 (18.97.19.148[18.97.19.148]): USER anonymous: no such user found from 18.97.19.148 [18.97.19.148] to ::ffff:5.79.80.26:21 ... show less	Brute-Force FTP Brute-Force
🇯🇵 mkaraki	2026-05-22 03:35:50 (3 weeks ago)	1779420948 # Service_probe # SIGNATURE_SEND # source_ip:18.97.19.148 # dst_port:9201 ...	Port Scan
🇫🇷 Thaliruth	2026-05-20 19:14:26 (3 weeks ago)	May 20 21:14:25 151 postfix/smtpd[2315023]: disconnect from scanner-18-97-19-148.reposify.net[18.97. ... show more May 20 21:14:25 151 postfix/smtpd[2315023]: disconnect from scanner-18-97-19-148.reposify.net[18.97.19.148] ehlo=1 auth=0/1 commands=1/2 ... show less	Hacking Brute-Force
🇺🇸 drewf.ink	2026-05-20 17:26:35 (3 weeks ago)	[17:26] Port scanning. Port(s) scanned: TCP/6697	Port Scan
🇹🇷 pamircil	2026-05-18 19:00:24 (3 weeks ago)	🍯 WinnieThePooh Honeypot : GET request to '/' on (http/80)💀	SSH Brute-Force Hacking
🇷🇴 gtheo99	2026-05-18 02:21:48 (3 weeks ago)	(CT) IP 18.97.19.148 (US/United States/scanner-18-97-19-148.reposify.net) found to have 284 connecti ... show more (CT) IP 18.97.19.148 (US/United States/scanner-18-97-19-148.reposify.net) found to have 284 connections show less	Port Scan
🇩🇪 Justin F. \| AS204464	2026-05-17 10:05:09 (3 weeks ago)	Honeypot [nx-infrastructure]: HTTP/1.1 request on 8008 GET / User-Agent: Mozilla/5.0 (Windows NT 6. ... show more Honeypot [nx-infrastructure]: HTTP/1.1 request on 8008 GET / User-Agent: Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/59.0.3067.63 Safari/537.32 Accept: / Accept-Encoding: gzip, deflate; 8008 [7] TCP Reported by: Justin F. show less	Hacking Bad Web Bot
🇩🇪 femboy.cat	2026-05-14 10:07:11 (4 weeks ago)	Port scan to tcp/26 from 18.97.19.148	Brute-Force
🇺🇸 LSPCCU	2026-05-07 00:37:44 (1 month ago)	TSEC Honeypot Network report. Threat score: 100/100. Categories: DDoS Attack, Port Scan, Hacking, Br ... show more TSEC Honeypot Network report. Threat score: 100/100. Categories: DDoS Attack, Port Scan, Hacking, Brute-Force, Web App Attack, SSH. Honeypot: ssh-telnet, cowrie. Context: This attacker IP (18. show less	DDoS Attack Port Scan Hacking Brute-Force Web App Attack SSH

Showing 1 to 15 of 171 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇪 94.200.95.18

🇪🇸 46.35.117.110

🇩🇪 45.135.141.17

🇺🇸 20.172.240.136

🇮🇷 5.232.102.176

🇰🇷 210.222.46.15

🇩🇪 79.215.44.35

🇩🇪 34.32.85.41

🇺🇸 20.118.32.47

🇨🇳 14.103.104.36

🇺🇸 216.25.89.89

🇸🇬 104.248.158.72

🇬🇧 35.203.210.234

🇯🇵 210.156.0.132

🇫🇷 173.249.10.85

🇨🇳 116.167.200.102

🇹🇼 114.34.130.221

🇻🇳 103.186.101.231

🇭🇰 43.154.195.142

🇺🇸 34.63.255.223