IP address 3.130.96.91 has been flagged in 992 abuse reports across 21 independent threat intelligence sources, resulting in a threat score of 100.0/100 (critical risk). The primary activity associated with this IP is aggregated threat, along with attacks, brute force, database attack, email abuse, malicious, malware c2, persistent attacker, proxy abuse, rdp bruteforce, repeated offender, scanning, severe abuse, spam, ssh brute force, ssh bruteforce, telnet bruteforce, unknown, voip attack, web attack, web brute force.
This IP is geolocated in United States (Columbus) and belongs to the network Amazon.com, Inc. (AS16509). Reports span from 2025-06-05 to 2026-02-04.
Assessment: With 992 abuse reports, 3.130.96.91 shows persistent malicious activity that has been flagged by multiple threat intelligence feeds. The IP has been observed conducting automated SSH login attempts against internet-facing servers, a technique commonly used to gain unauthorized access to systems. This IP belongs to Amazon.com, Inc., a major cloud/hosting provider — the malicious activity likely originates from a compromised or rented virtual server rather than the provider's own infrastructure.