AbuseIPDB » 52.91.195.196
52.91.195.196 was found in our database!
This IP was reported 14 times. Confidence of Abuse is 83%: ?
| ISP | Amazon Technologies Inc. |
|---|---|
| Usage Type | Data Center/Web Hosting/Transit |
| ASN | AS14618 |
| Hostname(s) |
ec2-52-91-195-196.compute-1.amazonaws.com |
| Domain Name | amazon.com |
| Country | πΊπΈ United States of America |
| City | Ashburn, Virginia |
IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.
IP Abuse Reports for 52.91.195.196:
This IP address has been reported a total of 14 times from 13 distinct sources. 52.91.195.196 was first reported on , and the most recent report was .
Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.
| Reporter | IoA Timestamp (UTC) | Comment | Categories | |
|---|---|---|---|---|
| π©πͺ ISPLtd |
|
Port Scan | ||
| π©πͺ Thomas Barth |
|
Brute-Force SSH | ||
| πΊπΈ Choice Tech LLC |
Blocked by OPNsense firewall; 3 hits, proto=tcp, ports=9200
|
Port Scan Hacking | ||
| π§π· somosbr |
[2026-07-02T18:08:07Z] Unsolicited scan from 52.91.195.196 to port 3232/tcp
|
Port Scan | ||
| Anonymous |
PROTO=TCP DPT=1244
|
Port Scan Hacking | ||
| πΊπΈ MPL |
tcp/31337 (56 or more attempts)
|
Port Scan | ||
| πΊπΈ MPL |
tcp/31337 (140 or more attempts)
|
Port Scan | ||
| πΊπΈ cwytech |
Fleet-wide ban from the Ghostfleet π». Triggered by scenario: cwy/pf-geofence-high.
|
Hacking | ||
| πΊπΈ RAP |
2026-07-02 12:06:37 UTC Unauthorized activity to TCP port 9200.
|
Port Scan | ||
| π¨π¦ polycoda |
AutoBlock: π‘ Port Scan (Non Decay-Based)
|
Port Scan | ||
| πΊπΈ Cyber Crusader |
Hundreds of Attempts (at least) to Connect to and Access Firewall Ports
|
Port Scan Hacking Brute-Force | ||
| π¨πΏ Countryman |
repeated unauthorized connection attempts, host sweep, port scan
|
Port Scan | ||
| π©πͺ iNetWorker |
trying to access non-authorized port
|
Port Scan | ||
| π²π³ Public CSIRT/CC of Mongolia |
Honeypot hit: Unauthorized traffic (243 bytes of payload); 3232 [1] TCP
|
Port Scan |
Showing 1 to 14 of 14 reports
Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown π©