LookupEnrich Feeds CVEs Payloads Campaigns AEI Index MCP Blog Docs

iAnonymous lookups: 10/min, 60/hr per source IP. Sign in (free) to lift the limit, run heavier queries, and get an API key for MCP / HTTP.

Filtered actors

query: asn:14618

1.4K unique IPs · 8.4K events · 1 countries · 1 ASNs

Activity · last 30d

peak 882 on 2026-05-20

Top source networks · click to refine

AS14618 Amazon.com, Inc.100.0%

query: asn:14618×window: 30d

Turn this query into a daily email digest or an IOC feed URL.Save as feed

Sample payloads

top distinct probes matching this query

Protocol	Port	Probe / payload	Hits	Example
HTTP	1024	GET / UA: Mozilla/5.0 (Windows NT 6.2;en-US) AppleWebKit/537.32.36 (KHTML, live Gecko) Chrome/55.0.3006.59 Safari/537.32	3.5K · 1.2K IPs	98.80.4.73 →
RDP	3390	)$�Cookie: mstshash=NCRACK_USER	660	3.89.69.160 →
HTTP	8443/HTTPS-alt	GET /favicon.ico UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	382 · 216 IPs	44.201.77.114 →
HTTP	443/HTTPS	GET /.env UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36	375 · 8 IPs	54.90.66.49 →
HTTP	8443/HTTPS-alt	GET /robots.txt UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	364 · 210 IPs	13.218.88.108 →
-	7001/WebLogic	P	250 · 118 IPs	44.220.185.78 →
-	443/HTTPS	�%��LR_ݪ�'*Ω�-	100 · 8 IPs	13.219.193.6 →
HTTP	443/HTTPS	GET /.env.local UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36	77 · 2 IPs	54.90.66.49 →
HTTP	443/HTTPS	GET /.env.bak UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36	77 · 2 IPs	54.90.66.49 →
HTTP	18081	GET /config.json UA: Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	76	35.153.183.17 →
HTTP	3003	GET /.bash_history UA: Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36	76	3.81.150.10 →
HTTP	18080	GET /config.js UA: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0	76	35.153.183.17 →

IPCountryASNTop portsEvents

3.89.69.160ec2-3-89-69-160.compute-1.amazonaws.com 🇺🇸US AS14618 Amazon.com, Inc.3393 3391 3396 3392 3390664

35.153.183.17ec2-35-153-183-17.compute-1.amazonaws.com 🇺🇸US AS14618 Amazon.com, Inc.3000/Web-alt 18081 3003 3001 18080456

54.90.66.49ec2-54-90-66-49.compute-1.amazonaws.com 🇺🇸US AS14618 Amazon.com, Inc.443/HTTPS276

3.81.150.10ec2-3-81-150-10.compute-1.amazonaws.com 🇺🇸US AS14618 Amazon.com, Inc.3000/Web-alt 18081 3003 3002 3001152

54.173.125.217ec2-54-173-125-217.compute-1.amazonaws.com 🇺🇸US AS14618 Amazon.com, Inc.5001 3000/Web-alt 18081 4444 1808076

54.221.87.16ec2-54-221-87-16.compute-1.amazonaws.com 🇺🇸US AS14618 Amazon.com, Inc.8081 8000/HTTP-alt 80/HTTP 8001 7777/Oracle76

184.72.77.224ec2-184-72-77-224.compute-1.amazonaws.com 🇺🇸US AS14618 Amazon.com, Inc.4001 6666 3333 18080 811837

18.97.26.19scanner-18-97-26-19.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.30005 10002 2376/Docker 9200/Elastic 1044328

18.97.19.141scanner-18-97-19-141.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.19888 6666 8880 8083 1878927

54.196.175.8ec2-54-196-175-8.compute-1.amazonaws.com 🇺🇸US AS14618 Amazon.com, Inc.4001 18081 3002 18080 300127

98.80.4.40scanner-98-80-4-40.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.50997 7001/WebLogic 2222/SSH26

44.220.188.223scanner-44-220-188-223.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.50030 5223 1878925

18.97.26.69scanner-18-97-26-69.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.135/MSRPC 9191 7001/WebLogic 2086 10000/Webmin25

44.220.185.33scanner-44-220-185-33.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.5001 11211/Memcached 50065 502 66624

98.80.4.73scanner-98-80-4-73.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.135/MSRPC 5001 8443/HTTPS-alt 102424

3.213.226.45ec2-3-213-226-45.compute-1.amazonaws.com 🇺🇸US AS14618 Amazon.com, Inc.443/HTTPS22

44.220.185.195scanner-44-220-185-195.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.5601/Kibana 8883 24442 322 66622

44.220.188.130scanner-44-220-188-130.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.8090 4444 1044322

18.97.5.60scanner-18-97-5-60.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.9091 7443 51007 2376/Docker 717021

44.220.185.113scanner-44-220-185-113.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.5601/Kibana 50996 445/SMB 5357 808521

13.219.193.6ec2-13-219-193-6.compute-1.amazonaws.com 🇺🇸US AS14618 Amazon.com, Inc.443/HTTPS21

18.97.26.96scanner-18-97-26-96.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.502 873/Rsync21

98.80.4.4scanner-98-80-4-4.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.5672 443/HTTPS 7001/WebLogic21

18.97.26.41scanner-18-97-26-41.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.443/HTTPS 8022 8181 207720

18.97.19.167scanner-18-97-19-167.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.5901 2078 8081 4433 2801720

44.220.185.23scanner-44-220-185-23.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.27017/MongoDB 4000 1443 6667/IRC 50220

3.227.192.235ec2-3-227-192-235.compute-1.amazonaws.com 🇺🇸US AS14618 Amazon.com, Inc.443/HTTPS20

44.220.188.178scanner-44-220-188-178.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.30002 8008/HTTP-alt 12345 10554 1044320

44.220.185.238scanner-44-220-185-238.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.30002 8000/HTTP-alt 3389/RDP 8022 50219

18.97.26.7scanner-18-97-26-7.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.5223 541 10554 8088/Hadoop19

44.220.185.78scanner-44-220-185-78.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.1521/Oracle 10002 2096 7001/WebLogic 300119

18.97.26.27scanner-18-97-26-27.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.50035 1200 2002 1878918

18.97.26.35scanner-18-97-26-35.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.81 19888 6000/X11 10443 986518

44.220.188.67scanner-44-220-188-67.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.50035 7548 2086 52703 3240018

18.97.26.93scanner-18-97-26-93.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.9091 8086/InfluxDB 18789 2222/SSH18

44.220.185.47scanner-44-220-185-47.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.4443 40000 2082 5005 987017

18.97.19.247scanner-18-97-19-247.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.19200 5000/Web-alt 2077 717017

44.220.185.82scanner-44-220-185-82.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.4443 4000 9200/Elastic 88817

98.80.4.125scanner-98-80-4-125.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.4443 9090/Prometheus 50035 1194/OpenVPN 25/SMTP16

18.97.5.8scanner-18-97-5-8.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.4443 50475 5061/SIPS 50995 207916

44.220.185.234scanner-44-220-185-234.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.443/HTTPS 986916

44.220.185.122scanner-44-220-185-122.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.8800 47001 465/SMTPS 50216

44.220.188.27scanner-44-220-188-27.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.5901 5000/Web-alt 6002 6001 209516

18.97.19.139scanner-18-97-19-139.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.2376/Docker 744315

44.220.185.222scanner-44-220-185-222.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.8042 8883 7001/WebLogic15

44.220.185.254scanner-44-220-185-254.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.587/SMTP 5000/Web-alt 179/BGP15

44.220.185.164scanner-44-220-185-164.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.30003 137/NetBIOS 179/BGP 8443/HTTPS-alt15

44.220.185.76scanner-44-220-185-76.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.19200 541 1044315

44.220.188.152scanner-44-220-188-152.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.5601/Kibana 137/NetBIOS 465/SMTPS15

44.220.185.190scanner-44-220-185-190.reposify.net 🇺🇸US AS14618 Amazon.com, Inc.4000 5000/Web-alt 8060 50030 208015

Showing top 50 by event count. Window is the last 30d. Add or remove filters by clicking any value on a per-IP report.