JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.172.193.21

54.172.193.21 was found in our database!

This IP was reported 51 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-54-172-193-21.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.172.193.21

Whois 54.172.193.21

IP Abuse Reports for 54.172.193.21:

This IP address has been reported a total of 51 times from 42 distinct sources. 54.172.193.21 was first reported on May 28th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 rellim.com	2026-06-04 09:12:51 (4 hours ago)	Jun 4 02:12:48 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08 ... show more Jun 4 02:12:48 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=54.172.193.21 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=105 ID=37338 DF PROTO=TCP SPT=19604 DPT=8443 WINDOW=62727 RES=0x00 SYN URGP=0 Jun 4 02:12:49 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=54.172.193.21 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=105 ID=37339 DF PROTO=TCP SPT=19604 DPT=8443 WINDOW=62727 RES=0x00 SYN URGP=0 Jun 4 02:12:51 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=54.172.193.21 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=105 ID=37340 DF PROTO=TCP SPT=19604 DPT=8443 WINDOW=62727 RES=0x00 SYN URGP=0 ... show less	Port Scan
Anonymous	2026-06-04 08:17:15 (5 hours ago)	Hit honeypot r.	Port Scan Hacking Exploited Host
Anonymous	2026-06-04 07:48:07 (6 hours ago)	Malicious activity detected	Port Scan Brute-Force Hacking
🇩🇪 dispaisyenterprises	2026-06-04 03:22:59 (10 hours ago)	Honeypot [fra-de-honeypot]: Unauthorized traffic (243 bytes of payload); 50050 [1] TCP Reported by D ... show more Honeypot [fra-de-honeypot]: Unauthorized traffic (243 bytes of payload); 50050 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇳🇱 BIV	2026-06-03 21:17:37 (16 hours ago)	Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 8443. Automated tiered ... show more Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 8443. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Bad Web Bot
🇺🇸 Choice Tech LLC	2026-06-03 19:10:04 (19 hours ago)	Blocked by OPNsense firewall; 3 hits, proto=tcp, ports=13443	Port Scan Hacking
Anonymous	2026-06-03 17:24:32 (20 hours ago)	2026-06-03T18:24:31.344057+01:00 vps kernel: [42247638.269957] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-06-03T18:24:31.344057+01:00 vps kernel: [42247638.269957] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=54.172.193.21 DST=54.37.14.118 LEN=60 TOS=0x00 PREC=0x00 TTL=112 ID=5614 DF PROTO=TCP SPT=45152 DPT=56001 WINDOW=62727 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇫🇮 6kilowatti	2026-06-03 16:26:16 (21 hours ago)	2026-06-03T19:26:15.212604+03:00 oh6ah kernel: [UFW BLOCK] IN=enp2s0 OUT= MAC=00:26:18:a8:d6:75:fc:2 ... show more 2026-06-03T19:26:15.212604+03:00 oh6ah kernel: [UFW BLOCK] IN=enp2s0 OUT= MAC=00:26:18:a8:d6:75:fc:2d:5e:71:aa:73:08:00 SRC=54.172.193.21 DST=192.168.0.102 LEN=60 TOS=0x00 PREC=0x00 TTL=115 ID=16610 DF PROTO=TCP SPT=27832 DPT=56001 WINDOW=62727 RES=0x00 SYN URGP=0 ... show less	Port Scan
Anonymous	2026-06-03 13:14:41 (1 day ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇬🇧 Andrew	2026-06-03 08:15:01 (1 day ago)	Blocked by UFW (TCP on port 1244). Source port: 21044 TTL: 115 Packet length: 60 TOS: 0x00 This rep ... show more Blocked by UFW (TCP on port 1244). Source port: 21044 TTL: 115 Packet length: 60 TOS: 0x00 This report (for 54.172.193.21) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 djboddington	2026-06-03 08:05:31 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/ssh-bf	SSH Brute-Force
🇬🇧 andypiper	2026-06-03 01:01:12 (1 day ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇺🇸 LSPCCU	2026-06-03 00:14:33 (1 day ago)	TSEC Honeypot Network report. Threat score: 100/100. Categories: DDoS Attack, Port Scan, Hacking, Br ... show more TSEC Honeypot Network report. Threat score: 100/100. Categories: DDoS Attack, Port Scan, Hacking, Brute-Force, Web App Attack, SSH. Honeypot: ssh-telnet, cowrie. Context: 54. show less	DDoS Attack Port Scan Hacking Brute-Force Web App Attack SSH
🇩🇪 marcel-knorr.de	2026-06-03 00:09:14 (1 day ago)	[MK-Root1] Blocked by UFW	Brute-Force Port Scan
Anonymous	2026-06-02 21:16:09 (1 day ago)	Drop from IP address 54.172.193.21 to tcp-port 3232	Port Scan

Showing 1 to 15 of 51 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇿 213.230.92.207

🇺🇸 209.85.219.104

🇨🇳 171.114.228.87

🇺🇸 88.216.73.18

🇫🇷 86.217.21.47

🇺🇸 64.94.156.236

🇩🇪 4.182.219.135

🇮🇳 2402:8100:282b:9c28:6952:e0ed:ada3:2de7

🇹🇳 196.203.13.67

🇸🇬 194.164.107.5

🇺🇿 188.113.236.158

🇷🇺 176.124.188.25

🇺🇸 162.243.147.237

🇮🇱 147.235.221.253

🇧🇩 103.187.124.1

🇮🇳 103.89.136.111

🇩🇪 47.65.243.68

🇧🇪 35.189.230.217

🇺🇸 216.25.89.146

🇩🇪 213.209.159.236