JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 3.139.95.210

3.139.95.210 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-3-139-95-210.us-east-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 3.139.95.210

Whois 3.139.95.210

IP Abuse Reports for 3.139.95.210:

This IP address has been reported a total of 27 times from 22 distinct sources. 3.139.95.210 was first reported on June 18th 2026, and the most recent report was 4 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 Inartis	2026-06-18 18:48:31 (4 minutes ago)	3.139.95.210 - - [18/Jun/2026:20:48:22 +0200] "GET /.git/config HTTP/1.1" 404 4042 "-" "Mozilla/5.0 ... show more 3.139.95.210 - - [18/Jun/2026:20:48:22 +0200] "GET /.git/config HTTP/1.1" 404 4042 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 3.139.95.210 - - [18/Jun/2026:20:48:29 +0200] "GET /.env HTTP/1.1" 404 4042 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 3.139.95.210 - - [18/Jun/2026:20:48:30 +0200] "GET /.env.local HTTP/1.1" 404 4042 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 18:24:07 (29 minutes ago)	(mod_security) mod_security (id:210492) triggered by 3.139.95.210 (ec2-3-139-95-210.us-east-2.comput ... show more (mod_security) mod_security (id:210492) triggered by 3.139.95.210 (ec2-3-139-95-210.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 14:24:01.710679 2026] [security2:error] [pid 17900:tid 17900] [client 3.139.95.210:60450] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.88"] [uri "/.git/refs/heads/main"] [unique_id "ajQ3wRpf5lwLlZtlgJIGgAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2026-06-18 17:37:31 (1 hour ago)	tcp port scan (18 or more attempts)	Port Scan
🇺🇸 masterguru	2026-06-18 17:33:19 (1 hour ago)	Host header is a numeric IP address. Pattern match "^ (920350-164)	Hacking Bad Web Bot
🇺🇸 wteiken	2026-06-18 16:59:06 (1 hour ago)	rocinante.teiken.net:443 3.139.95.210:45168 - - [18/Jun/2026:12:58:54 -0400] "GET /.git/HEAD HTTP/1. ... show more rocinante.teiken.net:443 3.139.95.210:45168 - - [18/Jun/2026:12:58:54 -0400] "GET /.git/HEAD HTTP/1.1" 404 4197 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" rocinante.teiken.net:443 3.139.95.210:38724 - - [18/Jun/2026:12:59:01 -0400] "GET /.git/index HTTP/1.1" 404 4196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" rocinante.teiken.net:443 3.139.95.210:38732 - - [18/Jun/2026:12:59:01 -0400] "GET /.env HTTP/1.1" 404 4197 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" rocinante.teiken.net:80 3.139.95.210:51770 - - [18/Jun/2026:12:59:03 -0400] "GET /.env.local HTTP/1.1" 301 591 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" rocinante.teiken.net:443 3.139.95.210:38766 - - [18/Jun/2026:12:59:03 -0400] "GET /.env.production HTTP/ ... show less	Web App Attack
🇨🇦 smithoo4	2026-06-18 16:28:51 (2 hours ago)	3.139.95.210 - - [18/Jun/2026:12:28:50 -0400] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (comp ... show more 3.139.95.210 - - [18/Jun/2026:12:28:50 -0400] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 3.139.95.210 - - [18/Jun/2026:12:28:50 -0400] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Port Scan Bad Web Bot
🇻🇳 trung.fun	2026-06-18 16:22:33 (2 hours ago)	DDoS, Hack, Brute Force, Web Attack ...	DDoS Attack Web Spam Hacking Brute-Force Web App Attack
🇺🇸 MPL	2026-06-18 16:16:43 (2 hours ago)	tcp port scan (9 or more attempts)	Port Scan
🇮🇪 AutosOnShow	2026-06-18 16:03:04 (2 hours ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-18 16:02:15.506 \|	Web App Attack
🇫🇷 Duggy_Tuxy🧱	2026-06-18 15:52:29 (3 hours ago)	[HP02-SRV02-FR] Blocked by SysWarden Firewall (Port Scan / Probing)	Port Scan
🇩🇪 SCHAPPY	2026-06-18 15:31:42 (3 hours ago)	Malicious activity from IP detected: crowdsecurity/http-sensitive-files.	Web App Attack Hacking
🇺🇸 pixiekat	2026-06-18 15:16:18 (3 hours ago)	[Thu Jun 18 15:16:17.842049 2026] [authz_core:error] [pid 190921:tid 190924] [client 3.139.95.210:46 ... show more [Thu Jun 18 15:16:17.842049 2026] [authz_core:error] [pid 190921:tid 190924] [client 3.139.95.210:46860] AH01630: client denied by server configuration: /var/www/html/.env [Thu Jun 18 15:16:17.901263 2026] [authz_core:error] [pid 190942:tid 190966] [client 3.139.95.210:46872] AH01630: client denied by server configuration: /var/www/html/.env.local [Thu Jun 18 15:16:17.970838 2026] [authz_core:error] [pid 190942:tid 190974] [client 3.139.95.210:46880] AH01630: client denied by server configuration: /var/www/html/.env.production [Thu Jun 18 15:16:18.132645 2026] [authz_core:error] [pid 190921:tid 190936] [client 3.139.95.210:46886] AH01630: client denied by server configuration: /var/www/html/.env.backup [Thu Jun 18 15:16:18.311053 2026] [authz_core:error] [pid 190921:tid 190928] [client 3.139.95.210:46902] AH01630: client denied by server configuration: /var/www/html/.env.save ... show less	Brute-Force
🇫🇷 vincent_EUDIER	2026-06-18 14:00:00 (4 hours ago)	SURICATA HTTP unable to match response to request	Hacking
🇺🇸 TPI-Abuse	2026-06-18 13:42:37 (5 hours ago)	(mod_security) mod_security (id:210492) triggered by 3.139.95.210 (ec2-3-139-95-210.us-east-2.comput ... show more (mod_security) mod_security (id:210492) triggered by 3.139.95.210 (ec2-3-139-95-210.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 09:42:31.043834 2026] [security2:error] [pid 32049:tid 32049] [client 3.139.95.210:50188] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.20"] [uri "/.git/HEAD"] [unique_id "ajP1x_pzdjaiX8giKOsI5wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 13:16:51 (5 hours ago)	(mod_security) mod_security (id:210492) triggered by 3.139.95.210 (ec2-3-139-95-210.us-east-2.comput ... show more (mod_security) mod_security (id:210492) triggered by 3.139.95.210 (ec2-3-139-95-210.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 09:16:44.451510 2026] [security2:error] [pid 14386:tid 14386] [client 3.139.95.210:44416] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.93"] [uri "/.git/config"] [unique_id "ajPvvBVEaqp2WWKBsOi9egAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 217.107.199.226

🇺🇸 209.85.210.195

🇺🇸 172.174.211.122

🇺🇸 108.62.60.142

🇵🇱 82.29.227.213

🇨🇳 58.34.152.146

🇺🇸 34.181.173.177

🇹🇭 14.207.141.115

🇨🇦 4.204.204.10

🇺🇸 205.210.31.95

🇧🇷 170.244.70.189

🇭🇰 114.111.52.109

🇮🇩 103.188.170.9

🇨🇦 20.104.203.253

🇹🇼 198.235.24.102

🇳🇱 173.194.169.91

🇺🇸 172.236.228.222

🇺🇸 165.154.134.19

🇺🇸 162.216.150.212

🇵🇭 150.228.187.196