AbuseIPDB » 18.97.9.173

18.97.9.173 was found in our database!

This IP was reported 97 times. Confidence of Abuse is 61%: ?

61%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	18-97-9-173.crawl.commoncrawl.org
Domain Name	amazon.com
Country	United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 18.97.9.173

Whois 18.97.9.173

IP Abuse Reports for 18.97.9.173:

This IP address has been reported a total of 97 times from 41 distinct sources. 18.97.9.173 was first reported on November 30th 2024, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
NotCool	2025-06-13 22:13:30 (9 hours ago)	(CRAWLDELAY) Generic Bot Crawl-delay Violation 18.97.9.173 (US/United States/18-97-9-173.crawl.commo ... show more(CRAWLDELAY) Generic Bot Crawl-delay Violation 18.97.9.173 (US/United States/18-97-9-173.crawl.commoncrawl.org): 10 in the last 3600 secs show less	Bad Web Bot
conseilgouz	2025-06-10 15:05:22 (3 days ago)	coe-88 : Bloc AI bots=>/robots.txt	Hacking
2000cn.com.au	2025-06-10 15:02:07 (3 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Bad Web Bot Web App Attack
MAGIC	2025-06-10 12:08:28 (3 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
masterguru	2025-06-10 10:20:20 (3 days ago)	BAD BOT - Detected and Blocked.. Matched phrase "ccbot" at REQUEST_HEADERS:User-Agent. (1100000-122)	Bad Web Bot
Site.eu	2025-05-25 11:47:06 (2 weeks ago)	Excessive multi-domain requests	Brute-Force
Mendip_Defender	2025-05-24 08:39:11 (2 weeks ago)	18.97.9.173 - - [24/May/2025:09:39:07 +0100] "GET / HTTP/1.0" 301 812 "-" "CCBot/2.0 (https://common ... show more18.97.9.173 - - [24/May/2025:09:39:07 +0100] "GET / HTTP/1.0" 301 812 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" ... show less	Bad Web Bot
MAGIC	2025-05-23 21:04:38 (3 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
conseilgouz	2025-05-19 13:47:38 (3 weeks ago)	ece-88 : Bloc AI bots=>/robots.txt	Hacking
antlac1	2025-05-19 00:53:49 (3 weeks ago)	crowdsecurity/http-bad-user-agent	Brute-Force Web App Attack
Anonymous	2025-05-17 11:13:06 (3 weeks ago)	2025-05-17T13:13:05.621267+02:00 firewall[1655347]: HIGH: #2102479: User-Agent is in the Bot Access ... show more2025-05-17T13:13:05.621267+02:00 firewall[1655347]: HIGH: #2102479: User-Agent is in the Bot Access Control blacklist from 18.97.9.173 on www show less	Web App Attack
MAGIC	2025-05-16 20:02:00 (4 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
technash	2025-05-16 14:57:00 (4 weeks ago)	Web scraping activity detected from this IP 5.15.2025 [Azure Network Watcher].	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-05-16 06:53:43 (4 weeks ago)	(mod_security) mod_security (id:217291) triggered by 18.97.9.173 (18-97-9-173.crawl.commoncrawl.org) ... show more(mod_security) mod_security (id:217291) triggered by 18.97.9.173 (18-97-9-173.crawl.commoncrawl.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 16 02:53:39.660065 2025] [security2:error] [pid 1741705:tid 1741705] [client 18.97.9.173:50730] [client 18.97.9.173] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(\\\\n\|\\\\r)" at ARGS_NAMES:\\nfromwhere. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "145"] [id "217291"] [rev "2"] [msg "HTTP Header Injection Attack via payload (CR/LF detected)\|\|killeramps.com\|F\|2"] [data "Matched Data: \\x0a found within ARGS_NAMES:\\x5cnfromwhere: \\x0afromwhere"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "killeramps.com"] [uri "/g12contact.php"] [unique_id "aCbg855lCcXb68oupRmz9AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
FeG Deutschland	2025-05-13 02:40:23 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack

Showing 1 to 15 of 97 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

118.70.78.220

146.174.185.239

175.12.108.55

59.12.160.91

95.55.155.142

185.216.116.71

196.251.88.103

185.93.89.77

113.128.66.123

81.156.255.128

121.29.178.78

162.241.203.27

120.48.116.57

31.203.157.126

103.193.176.112

5.189.188.40

114.9.50.10

47.245.118.83

156.249.129.112

59.91.169.129