JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.118.200.52

18.118.200.52 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-18-118-200-52.us-east-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.118.200.52

Whois 18.118.200.52

IP Abuse Reports for 18.118.200.52:

This IP address has been reported a total of 43 times from 39 distinct sources. 18.118.200.52 was first reported on May 14th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 NetGuard	2026-06-04 19:44:22 (1 week ago)	#honeypot #netguard247 #dionaea #networkexploit Captured by NetGuard 24/7 T-Pot honeypot (netguard24 ... show more #honeypot #netguard247 #dionaea #networkexploit Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com). Timestamp: 2026-05-28T19:38:06.885+00:00 Attacker IP: 18.118.200.52 \| Port: 1723 \| Country: United States Honeypot: dionaea \| Attack: network_exploit Source: NetGuard 24/7 (netguard24-7.com) \| PhantomGrid Defense show less	Hacking SQL Injection Web App Attack
🇨🇦 Luhte	2026-05-31 19:42:32 (1 week ago)	Unsolicited TCP connection from 18.118.200.52 to port 0 at 2026-05-31T19:42:32Z. Source IP completed ... show more Unsolicited TCP connection from 18.118.200.52 to port 0 at 2026-05-31T19:42:32Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring. show less	Port Scan Hacking
🇩🇪 excill	2026-05-29 03:08:19 (2 weeks ago)	Honeypot mesh observed 870 attack events in 24h — cowrie/dionaea/heralding/suricata	Port Scan Hacking Brute-Force SSH
🇩🇪 EnthecSolutions	2026-05-28 22:01:20 (2 weeks ago)	Detected by Enthec Solutions. \| Attempts: 53 in 24h \| Target port: 22227	Port Scan Hacking
🇹🇷 0xi	2026-05-28 21:00:28 (2 weeks ago)	SIP/VoIP scanning and toll fraud attempt detected (224 attempts). Targeted ports: 22227, 1962, 8020, ... show more SIP/VoIP scanning and toll fraud attempt detected (224 attempts). Targeted ports: 22227, 1962, 8020, 5060, 1723. Triggered sensors: P0f, Suricata, Honeytrap, Dionaea. Observed via distributed honeypot network. show less	Port Scan Hacking
🇺🇸 LSPCCU	2026-05-28 20:58:35 (2 weeks ago)	TSEC Honeypot Network report. Threat score: 65/100. Categories: Port Scan, Hacking, Brute-Force, Web ... show more TSEC Honeypot Network report. Threat score: 65/100. Categories: Port Scan, Hacking, Brute-Force, Web App Attack, SSH, IoT Targeted. Honeypot: ssh-telnet, cowrie. Context: IP observed in Suricata network metadata. show less	Port Scan Hacking Brute-Force Web App Attack SSH IoT Targeted
🇺🇸 knock	2026-05-28 20:11:17 (2 weeks ago)	Knock-Knock honeypot brute-force: proto8 (3 total hits)	Brute-Force
Anonymous	2026-05-28 20:10:13 (2 weeks ago)	Fail2Ban Log Report 18.118.200.52 - [28/May/2026:22:10:10 +0200] "\x16\x03\x01\x00{\x01\x00\x00w\x03 ... show more Fail2Ban Log Report 18.118.200.52 - [28/May/2026:22:10:10 +0200] "\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x86K\xC9\xE1\|\xDA~\xACH0\xA0\xF9\x0B\x9Ae\xD1\x1B\xA8\xA7\xD424\xC2n\xC6\x14\x93P\xB7\xD2LS\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0" 403 146 "-" "-" "-" "-" ... show less	Port Scan Hacking
🇯🇵 pixelboost.kr	2026-05-28 20:09:56 (2 weeks ago)	18.118.200.52 - - [29/May/2026:05:05:07 +0900] "" 400 0 "-" "-" 18.118.200.52 - - [29/May/2026:05:09 ... show more 18.118.200.52 - - [29/May/2026:05:05:07 +0900] "" 400 0 "-" "-" 18.118.200.52 - - [29/May/2026:05:09:55 +0900] "\x16\x03\x01\x00{\x01\x00\x00w\x03\x03u\x16\xD78bzL\xC6\x0CUj\x13q\x9E\xC4\x1A\x15\xC6\xCB\xEDxA\xBCz\xF1\x93\x13%\x02\xE9\xFD\xBD\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0" 400 150 "-" "-" ... show less	Bad Web Bot Web App Attack
Anonymous	2026-05-28 20:07:41 (2 weeks ago)	...	Bad Web Bot
🇳🇱 genokrad	2026-05-28 20:06:20 (2 weeks ago)	Direct ip access to website TCP 80/443 [visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X ... show more Direct ip access to website TCP 80/443 [visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_]. show less	Port Scan Web App Attack
🇩🇪 london2038.com	2026-05-28 20:05:00 (2 weeks ago)	Malformed or malicious web request 18.118.200.52 - - [28/May/2026:22:04:56 +0200] "" 400 0 "-" "-"	Hacking Web App Attack
🇺🇸 Bankbook8585	2026-05-28 20:04:57 (2 weeks ago)	T-Pot honeypot \| Dionaea honeypot: pptpd	Port Scan Hacking
🇹🇷 0xi	2026-05-28 20:00:38 (2 weeks ago)	SIP/VoIP scanning and toll fraud attempt detected (59 attempts). Targeted ports: 1723, 5060. Trigger ... show more SIP/VoIP scanning and toll fraud attempt detected (59 attempts). Targeted ports: 1723, 5060. Triggered sensors: P0f, Suricata, Dionaea. Observed via distributed honeypot network. show less	Port Scan Hacking
Anonymous	2026-05-28 19:53:59 (2 weeks ago)	Malicious Probing/Bad Request	Bad Web Bot

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.133

🇬🇧 185.166.42.143

🇨🇳 183.141.186.175

🇩🇪 167.71.48.103

🇫🇮 147.185.133.110

🇺🇸 136.109.72.168

🇭🇰 101.36.122.139

🇧🇾 86.57.206.207

🇷🇺 83.239.108.218

🇺🇸 67.199.225.116

🇸🇬 43.134.42.6

🇬🇧 35.203.211.104

🇱🇰 220.247.224.226

🇳🇱 195.178.110.30

🇫🇷 185.255.126.57

🇰🇷 112.175.29.94

🇸🇬 104.223.37.89

🇩🇪 77.0.57.166

🇹🇼 60.250.246.239

🇮🇩 36.95.221.140