JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 3.91.148.57

3.91.148.57 was found in our database!

This IP was reported 74 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Data Services Northern Virginia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-3-91-148-57.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 3.91.148.57

Whois 3.91.148.57

IP Abuse Reports for 3.91.148.57:

This IP address has been reported a total of 74 times from 55 distinct sources. 3.91.148.57 was first reported on May 28th 2026, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Admins@FBN	2026-06-04 08:12:20 (11 hours ago)	FW-PortScan: Traffic Blocked srcport=28726 dstport=8080	Port Scan
🇺🇸 ISPLtd	2026-06-04 02:50:32 (16 hours ago)	Jun 3 20:50:28 3.91.148.57 TCP SPT=28156 DPT=10443 SYN Jun 3 20:50:29 3.91.148.57 TCP SPT=28156 DP ... show more Jun 3 20:50:28 3.91.148.57 TCP SPT=28156 DPT=10443 SYN Jun 3 20:50:29 3.91.148.57 TCP SPT=28156 DPT=10443 SYN Jun 3 20:50:31 3.91.148.57 TCP SPT=28156 DPT=10443 ... show less	Port Scan
🇯🇵 mkaraki	2026-06-03 22:44:38 (21 hours ago)	1780526677 # Service_probe # SIGNATURE_SEND # source_ip:3.91.148.57 # dst_port:3389 ...	Port Scan
🇩🇪 _ArminS_	2026-06-03 21:41:14 (22 hours ago)	SP-Scan 50530:31337 detected 2026.06.03 23:41:14 blocked until 2026.07.23 16:44:01	Port Scan
Anonymous	2026-06-03 21:26:36 (22 hours ago)	Tried our host z.	Port Scan Hacking Exploited Host
🇩🇪 ITSNF	2026-06-03 21:05:05 (22 hours ago)	Blocked by os-abuseipdb; 3 hits, proto=tcp, ports=9200	Port Scan Hacking
🇬🇧 ISPLtd	2026-06-03 20:09:32 (23 hours ago)	Jun 3 17:09:29 3.91.148.57 TCP SPT=52376 DPT=8080 SYN Jun 3 17:09:30 3.91.148.57 TCP SPT=52376 DPT ... show more Jun 3 17:09:29 3.91.148.57 TCP SPT=52376 DPT=8080 SYN Jun 3 17:09:30 3.91.148.57 TCP SPT=52376 DPT=8080 SYN Jun 3 17:09:32 3.91.148.57 TCP SPT=52376 DPT=8080 ... show less	Port Scan
🇵🇱 sefinek.net	2026-06-03 20:02:16 (23 hours ago)	Honeypot hit: HTTP/1.1 request on 1245 GET / User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) ... show more Honeypot hit: HTTP/1.1 request on 1245 GET / User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 1245 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇩🇪 Thomas Barth	2026-06-03 19:47:36 (1 day ago)	2026-06-03T21:47:35.806322+02:00 server sshd-session[17734]: Connection closed by 3.91.148.57 port 1 ... show more 2026-06-03T21:47:35.806322+02:00 server sshd-session[17734]: Connection closed by 3.91.148.57 port 18446 [preauth] ... show less	Brute-Force SSH
🇺🇸 drewf.ink	2026-06-03 17:00:32 (1 day ago)	[17:00] Port scanning. Port(s) scanned: TCP/8443	Port Scan
🇩🇪 Justin F. \| AS204464	2026-06-03 12:34:48 (1 day ago)	Honeypot [nx-infrastructure]: HTTP/1.1 request on 1244 GET / User-Agent: Mozilla/5.0 (Windows NT 10 ... show more Honeypot [nx-infrastructure]: HTTP/1.1 request on 1244 GET / User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 1244 [1] TCP Reported by: Justin F. show less	Hacking Bad Web Bot
🇺🇸 ISPLtd	2026-06-03 12:28:07 (1 day ago)	Jun 3 09:27:50 3.91.148.57 TCP SPT=28244 DPT=1244 SYN Jun 3 09:27:51 3.91.148.57 TCP SPT=28244 DPT ... show more Jun 3 09:27:50 3.91.148.57 TCP SPT=28244 DPT=1244 SYN Jun 3 09:27:51 3.91.148.57 TCP SPT=28244 DPT=1244 SYN Jun 3 09:27:53 3.91.148.57 TCP SPT=28244 DPT=1244 SYN ... show less	Port Scan
🇦🇺 foobax	2026-06-03 02:51:32 (1 day ago)	closed the connection from port 45100	SSH Port Scan
🇬🇧 andypiper	2026-06-03 01:01:21 (1 day ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇺🇸 LSPCCU	2026-06-03 00:14:12 (1 day ago)	TSEC Honeypot Network report. Threat score: 100/100. Categories: DDoS Attack, Port Scan, Hacking, Br ... show more TSEC Honeypot Network report. Threat score: 100/100. Categories: DDoS Attack, Port Scan, Hacking, Brute-Force, Web App Attack, SSH. Honeypot: ssh-telnet, cowrie. Context: 3. show less	DDoS Attack Port Scan Hacking Brute-Force Web App Attack SSH

Showing 1 to 15 of 74 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 20.169.48.182

🇺🇦 195.191.168.153

🇵🇰 175.107.233.34

🇳🇱 160.119.71.12

🇫🇮 147.185.133.5

🇺🇸 104.131.68.134

🇳🇱 81.19.216.98

🇺🇸 18.191.90.98

🇺🇸 162.216.149.221

🇨🇳 117.158.166.73

🇮🇩 103.171.85.192

🇱🇹 81.30.98.142

🇮🇳 34.180.24.105

🇨🇳 220.197.78.29

🇨🇳 220.154.140.199

🇺🇸 165.154.172.200

🇮🇳 117.247.87.253

🇸🇦 82.197.58.135

🇺🇸 50.6.169.131

🇩🇪 2a01:4f8:221:29c8::1