JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.221.185.131

54.221.185.131 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 64%: ?

64%

ISP	Amazon Data Services Northern Virginia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-54-221-185-131.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.221.185.131

Whois 54.221.185.131

IP Abuse Reports for 54.221.185.131:

This IP address has been reported a total of 11 times from 10 distinct sources. 54.221.185.131 was first reported on June 28th 2026, and the most recent report was 8 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 LiftUp Hosting	2026-06-29 22:57:58 (8 minutes ago)	Honeypot hit: Unauthorized traffic (243 bytes of payload); 11443 [1] TCP	Port Scan
🇺🇸 conrad10781	2026-06-29 22:15:46 (50 minutes ago)	nginx-direct-ip	Port Scan
🇳🇱 Yachiyo Runami	2026-06-29 21:50:03 (1 hour ago)	Port Scan on Honeypot \| Ports: 21/FTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 116 \| Len: 60B \| Win: ... show more Port Scan on Honeypot \| Ports: 21/FTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 116 \| Len: 60B \| Win: 62727(1) \| rDNS: ec2-54-221-185-131.compute-1.amazonaws.com \| F2B/ufw-honeypot@2026-06-29T21:50:03Z show less	Port Scan Hacking
🇺🇸 Choice Tech LLC	2026-06-29 19:10:02 (3 hours ago)	Blocked by OPNsense firewall; 6 hits, proto=tcp, ports=12443,8443	Port Scan Hacking
🇺🇸 MPL	2026-06-29 18:58:06 (4 hours ago)	tcp/9200 (3 or more attempts)	Port Scan
🇧🇷 somosbr	2026-06-29 16:28:43 (6 hours ago)	[2026-06-29T16:28:43Z] Unsolicited scan from 54.221.185.131 to port 3232/tcp	Port Scan
🇸🇬 drewf.ink	2026-06-29 10:26:51 (12 hours ago)	[10:26] Port scanning. Port(s) scanned: TCP/8443	Port Scan
🇺🇸 cwytech	2026-06-29 07:22:24 (15 hours ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/web-asn-lockdown-high.	Bad Web Bot Web App Attack
🇺🇸 xxkodedxx	2026-06-29 03:48:35 (19 hours ago)	[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 1× edge-block in 10 ... show more [Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 1× edge-block in 10m window. Origin: US / AS14618 Amazon.com, Inc. Active: 03:47:44 UTC Volume: 1 HTTP req Probed: / Status mix: 444×1 Vhost fishing: 67.217.240.72 UA: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" Auto-banned 30d. zorvexus-banner. show less	Bad Web Bot Web App Attack
🇺🇸 cwytech	2026-06-28 23:21:39 (23 hours ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/pf-geofence-high.	Hacking
🇺🇸 cybsecaoccol	2026-06-28 22:12:42 (1 day ago)	unauthorized connection or malicious port scan attempted on tcp port - corp	Port Scan Hacking

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇹 178.255.72.35

🇸🇬 107.150.112.233

🇿🇦 105.184.120.130

🇺🇸 104.248.218.184

🇷🇴 80.94.95.211

🇸🇳 41.82.50.218

🇰🇷 211.46.188.16

🇸🇬 103.189.235.176

🇺🇸 98.80.4.99

🇰🇿 37.150.87.223

🇬🇧 35.203.210.191

🇸🇬 35.187.231.181

🇸🇪 20.240.51.74

🇮🇪 20.13.164.162

🇨🇳 223.88.77.26

🇮🇳 143.110.241.64

🇨🇳 111.32.153.180

🇫🇷 91.231.89.84

🇸🇬 68.183.178.130

🇺🇸 66.132.172.103