JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 3.18.220.10

3.18.220.10 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 37%: ?

37%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-3-18-220-10.us-east-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 3.18.220.10

Whois 3.18.220.10

IP Abuse Reports for 3.18.220.10:

This IP address has been reported a total of 7 times from 5 distinct sources. 3.18.220.10 was first reported on June 18th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 BIV	2026-06-19 00:46:56 (1 day ago)	Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 2083. Automated tiered ... show more Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 2083. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-18 22:17:46 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 3.18.220.10 (ec2-3-18-220-10.us-east-2.compute. ... show more (mod_security) mod_security (id:210492) triggered by 3.18.220.10 (ec2-3-18-220-10.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 18:17:41.332066 2026] [security2:error] [pid 21448:tid 21448] [client 3.18.220.10:40840] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.111"] [uri "/.env.backup"] [unique_id "ajRuhVbfXsDPdhN05nCgjQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2026-06-18 21:28:21 (1 day ago)	tcp/80	Port Scan
🇺🇸 kuj	2026-06-18 21:07:54 (1 day ago)	2026-06-18T15:07:38.667750-06:00 derp derper[226735]: 2026/06/18 15:07:38 http: TLS handshake error ... show more 2026-06-18T15:07:38.667750-06:00 derp derper[226735]: 2026/06/18 15:07:38 http: TLS handshake error from 3.18.220.10:52974: acme/autocert: missing server name 2026-06-18T15:07:49.610759-06:00 derp derper[226735]: 2026/06/18 15:07:49 http: TLS handshake error from 3.18.220.10:34510: acme/autocert: missing server name 2026-06-18T15:07:54.178032-06:00 derp derper[226735]: 2026/06/18 15:07:54 http: TLS handshake error from 3.18.220.10:51536: acme/autocert: missing server name ... show less	Port Scan Brute-Force
🇺🇸 TPI-Abuse	2026-06-18 18:18:32 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 3.18.220.10 (ec2-3-18-220-10.us-east-2.compute. ... show more (mod_security) mod_security (id:210492) triggered by 3.18.220.10 (ec2-3-18-220-10.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 14:18:26.484313 2026] [security2:error] [pid 29190:tid 29190] [client 3.18.220.10:35396] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.48"] [uri "/.git/HEAD"] [unique_id "ajQ2cj8vWVkgLtUviD4DEwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 cwytech	2026-06-18 11:08:31 (2 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/tpot-http-sensitive-files.	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 08:35:28 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 3.18.220.10 (ec2-3-18-220-10.us-east-2.compute. ... show more (mod_security) mod_security (id:210492) triggered by 3.18.220.10 (ec2-3-18-220-10.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 04:35:23.285123 2026] [security2:error] [pid 28795:tid 28795] [client 3.18.220.10:45588] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.174"] [uri "/.htpasswd"] [unique_id "ajOtywlVj13pLaexW63AUgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.198

🇸🇬 173.239.196.170

🇫🇷 143.14.66.48

🇨🇳 120.48.123.76

🇩🇪 69.5.169.124

🇺🇸 66.132.186.242

🇨🇳 58.83.234.85

🇭🇰 43.132.227.251

🇺🇸 13.218.60.183

🇳🇬 197.210.55.187

🇺🇸 147.185.132.191

🇺🇸 135.119.47.58

🇮🇩 124.158.150.55

🇨🇳 111.26.115.124

🇫🇮 94.183.234.128

🇨🇦 67.71.55.209

🇨🇳 223.159.80.91

🇳🇱 185.93.89.73

🇩🇪 165.232.117.238

🇨🇳 112.29.110.90