JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.97.19.249

18.97.19.249 was found in our database!

This IP was reported 165 times. Confidence of Abuse is 68%: ?

68%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	scanner-18-97-19-249.reposify.net
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.97.19.249

Whois 18.97.19.249

IP Abuse Reports for 18.97.19.249:

This IP address has been reported a total of 165 times from 76 distinct sources. 18.97.19.249 was first reported on July 10th 2025, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Justin F. \| AS204464	2026-06-08 10:46:40 (5 hours ago)	Honeypot [nx-infrastructure]: HTTP/1.1 request on 8060 GET / User-Agent: Mozilla/5.0 (Windows NT 6. ... show more Honeypot [nx-infrastructure]: HTTP/1.1 request on 8060 GET / User-Agent: Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/59.0.3025.66 Safari/537.32 Accept: / Accept-Encoding: gzip, deflate; 8060 [7] TCP Reported by: Justin F. show less	Hacking Bad Web Bot
🇩🇪 femboy.cat	2026-06-07 11:09:08 (1 day ago)	Port scan to tcp/8010 from 18.97.19.249	Brute-Force
🇦🇺 LiftUp Hosting	2026-06-06 12:33:58 (2 days ago)	Honeypot hit: SSH handshake/banner (24 bytes of payload); 1337 [5] TCP	SSH
Anonymous	2026-06-06 03:53:05 (2 days ago)	Reported from Nginx log analysis 17. Log: 18.97.19.249 - - [06/Jun/2026:xx:xx:xx 0200] "GET / HTTP/ ... show more Reported from Nginx log analysis 17. Log: 18.97.19.249 - - [06/Jun/2026:xx:xx:xx 0200] "GET / HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/54.0.3108.69 Safari/537.32" "-" "US United States Ashburn" "AS14618" "Amazon.com, Inc." show less	Port Scan Brute-Force SSH
🇫🇷 Thaliruth	2026-06-05 18:27:28 (2 days ago)	Jun 5 20:27:27 151 dovecot: pop3-login: Login aborted: Disconnected: Too many bad commands (no auth ... show more Jun 5 20:27:27 151 dovecot: pop3-login: Login aborted: Disconnected: Too many bad commands (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=18.97.19.249, lip=46.252.194.151, session=<TL4W0IVTLoISYRP5> Jun 5 20:27:27 151 dovecot: pop3-login: Login aborted: Disconnected: Too many bad commands (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=18.97.19.249, lip=46.252.194.151, session=<OmQf0IVTNIISYRP5> Jun 5 20:27:27 151 dovecot: pop3-login: Login aborted: Disconnected: Too many bad commands (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=18.97.19.249, lip=46.252.194.151, session=<8NUi0IVTOIISYRP5> ... show less	Hacking Brute-Force
Anonymous	2026-05-27 03:52:08 (1 week ago)	Reported from Nginx log analysis 16. Log: 18.97.19.249 - - [27/May/2026:xx:xx:xx 0200] "GET / HTTP/ ... show more Reported from Nginx log analysis 16. Log: 18.97.19.249 - - [27/May/2026:xx:xx:xx 0200] "GET / HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/51.0.3106.83 Safari/537.32" "-" "US United States Ashburn" "AS14618" "Amazon.com, Inc." show less	Port Scan Brute-Force SSH
🇷🇺 genokrad	2026-05-26 11:09:37 (1 week ago)	Website scan TCP 80/443 "/" "Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML,"	Port Scan Web App Attack
🇩🇪 ghostwarriors	2026-05-26 04:20:21 (1 week ago)	Unauthorized connection attempt detected, SSH Brute-Force	Brute-Force Port Scan SSH
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-23 19:05:13 (2 weeks ago)	Honeypot hit: HTTP/1.1 request on 32400 GET / User-Agent: Mozilla/5.0 (Windows NT 6.2;en-US) AppleW ... show more Honeypot hit: HTTP/1.1 request on 32400 GET / User-Agent: Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/55.0.3065.70 Safari/537.32 Accept: / Accept-Encoding: gzip, deflate; 32400 [7] TCP show less	Web App Attack
🇨🇳 ThreatBook.io	2026-05-11 23:26:32 (3 weeks ago)	ThreatBook Intelligence: Edu more details on http://threatbook.io/ip/18.97.19.249 2026-05-11 08:08:0 ... show more ThreatBook Intelligence: Edu more details on http://threatbook.io/ip/18.97.19.249 2026-05-11 08:08:08 / show less	Web App Attack
🇳🇱 i-turnradio.nl	2026-05-10 18:48:09 (4 weeks ago)	2026-05-10 20:48:09 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇩🇪 dispaisyenterprises	2026-05-09 13:27:39 (4 weeks ago)	Honeypot [fra-de-honeypot]: HTTP/1.1 request on 8020 GET / User-Agent: Mozilla/5.0 (Windows NT 6.2; ... show more Honeypot [fra-de-honeypot]: HTTP/1.1 request on 8020 GET / User-Agent: Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/59.0.3072.83 Safari/537.32 Accept: / Accept-Encoding: gzip, deflate; 8020 [7] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-09 09:58:40 (4 weeks ago)	Honeypot hit: HTTP/1.1 request on 9091 GET / User-Agent: Mozilla/5.0 (Windows NT 6.2;en-US) AppleWe ... show more Honeypot hit: HTTP/1.1 request on 9091 GET / User-Agent: Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/53.0.3041.52 Safari/537.32 Accept: / Accept-Encoding: gzip, deflate; 9091 [7] TCP show less	Web App Attack
🇦🇺 FEWA	2026-05-05 12:02:36 (1 month ago)	Fail2Ban Ban Triggered	Hacking Brute-Force
🇮🇹 yvoictra	2026-05-03 15:56:07 (1 month ago)	May 3 17:56:07 niove sshd[495412]: Invalid user from 18.97.19.249 port 50062 ...	Brute-Force SSH

Showing 1 to 15 of 165 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.76.143.203

🇫🇷 172.71.232.61

🇮🇹 151.60.73.23

🇻🇳 113.161.230.217

🇷🇺 80.69.186.68

🇩🇪 69.5.169.61

🇳🇱 64.89.162.78

🇺🇸 34.75.215.75

🇮🇳 2409:40d6:115d:4cbd:b5ee:7b1d:2a7a:e4c1

🇺🇸 216.132.133.26

🇺🇸 216.25.89.89

🇺🇸 205.210.31.66

🇰🇷 110.35.12.7

🇩🇪 69.5.169.6

🇺🇸 45.84.120.3

🇺🇸 205.210.31.76

🇬🇧 193.163.125.175

🇨🇳 180.212.94.107

🇧🇷 138.255.157.62

🇺🇸 107.173.182.172