JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.91.3.90

54.91.3.90 was found in our database!

This IP was reported 114 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Data Services Northern Virginia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-54-91-3-90.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.91.3.90

Whois 54.91.3.90

IP Abuse Reports for 54.91.3.90:

This IP address has been reported a total of 114 times from 84 distinct sources. 54.91.3.90 was first reported on May 28th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 Threat.live	2026-06-10 09:15:03 (3 days ago)	Suspicious Connection Attempts	Brute-Force
🇺🇸 donarev419	2026-06-10 05:08:14 (3 days ago)	Connection to port 9200 with data transfer. Data preview:	Port Scan Hacking
🇺🇸 bulkvm.com	2026-06-10 02:36:35 (3 days ago)	[bulkvm.com/honeypot] SSH connection. Port: 38414, client: SSH-2.0-Go, Time: 2026-06-10 02:36:26 UTC	Brute-Force SSH
🇫🇷 Elysium Security	2026-06-09 22:40:24 (4 days ago)	Mass port scanning on a whole network	Port Scan
🇫🇮 6kilowatti	2026-06-09 20:34:32 (4 days ago)	2026-06-09T23:34:31.400828+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00: ... show more 2026-06-09T23:34:31.400828+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00:00:5e:00:01:58:08:00 SRC=54.91.3.90 DST=83.148.240.21 LEN=60 TOS=0x00 PREC=0x00 TTL=115 ID=35554 DF PROTO=TCP SPT=43798 DPT=8443 WINDOW=62727 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇬🇧 ISPLtd	2026-06-09 20:11:54 (4 days ago)	Jun 9 17:11:50 54.91.3.90 TCP SPT=61490 DPT=7547 SYN Jun 9 17:11:51 54.91.3.90 TCP SPT=61490 DPT=7 ... show more Jun 9 17:11:50 54.91.3.90 TCP SPT=61490 DPT=7547 SYN Jun 9 17:11:51 54.91.3.90 TCP SPT=61490 DPT=7547 SYN Jun 9 17:11:53 54.91.3.90 TCP SPT=61490 DPT=7547 ... show less	Port Scan
Anonymous	2026-06-09 17:24:04 (4 days ago)	2026-06-09T18:24:02.922315+01:00 vps kernel: [42766004.184424] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-06-09T18:24:02.922315+01:00 vps kernel: [42766004.184424] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=54.91.3.90 DST=54.37.14.118 LEN=60 TOS=0x00 PREC=0x00 TTL=112 ID=29534 DF PROTO=TCP SPT=30552 DPT=50050 WINDOW=62727 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇩🇪 cloudmax	2026-06-09 08:19:25 (4 days ago)	Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnera ... show more Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnerability probing show less	Port Scan
🇬🇧 Andrew	2026-06-09 08:09:56 (4 days ago)	Blocked by UFW (TCP on port 8443). Source port: 12514 TTL: 115 Packet length: 60 TOS: 0x00 This rep ... show more Blocked by UFW (TCP on port 8443). Source port: 12514 TTL: 115 Packet length: 60 TOS: 0x00 This report (for 54.91.3.90) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 bescared	2026-06-09 04:16:26 (4 days ago)	F2B - Malicious activity detected. Excessive port scans. -151302cd-	Port Scan
Anonymous	2026-06-09 03:51:54 (4 days ago)	Portscan: TCP/1245 (37x)	Port Scan
🇩🇪 dispaisyenterprises	2026-06-09 03:36:33 (4 days ago)	Honeypot [fra-de-honeypot]: Unauthorized connection attempt detected on 22/SSH • Client: SSH-2.0-Go ... show more Honeypot [fra-de-honeypot]: Unauthorized connection attempt detected on 22/SSH • Client: SSH-2.0-Go Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	SSH Port Scan
🇨🇭 pingusurmars	2026-06-09 03:34:29 (4 days ago)	Blocked by UFW on amperetwo [11443/tcp] Source port: 52416 TTL: 118 Packet length: 60 TOS: 0x00 Thi ... show more Blocked by UFW on amperetwo [11443/tcp] Source port: 52416 TTL: 118 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇦🇺 Telemetry2U.com	2026-06-09 03:22:54 (4 days ago)	Unauthorized connection attempt to port 8080	Hacking
🇦🇺 LiftUp Hosting	2026-06-08 22:45:56 (5 days ago)	Honeypot hit: Unauthorized traffic (243 bytes of payload); 3232 [1] TCP	Port Scan

Showing 1 to 15 of 114 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 181.41.206.203

🇷🇺 178.178.194.135

🇮🇳 103.15.253.250

🇷🇴 80.94.95.211

🇺🇸 66.132.172.145

🇯🇵 34.97.100.149

🇨🇳 14.103.127.234

🇧🇷 205.210.31.135

🇩🇿 193.194.91.218

🇲🇽 189.203.190.153

🇧🇷 177.174.16.55

🇺🇸 104.21.83.228

🇩🇪 64.89.163.89

🇩🇪 43.228.157.62

🇯🇵 8.209.222.129

🇺🇸 216.25.89.144

🇧🇷 205.210.31.161

🇳🇱 172.235.181.226

🇪🇸 172.110.221.82

🇺🇸 104.206.156.155