JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 3.147.103.216

3.147.103.216 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 90%: ?

90%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-3-147-103-216.us-east-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 3.147.103.216

Whois 3.147.103.216

IP Abuse Reports for 3.147.103.216:

This IP address has been reported a total of 29 times from 16 distinct sources. 3.147.103.216 was first reported on June 2nd 2026, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-05 22:02:03 (12 hours ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-04. show less	Web App Attack SSH Hacking
🇳🇱 wlt-blocker	2026-06-05 17:51:02 (16 hours ago)	Unauthorized access to webpage admin	Web App Attack
🇨🇭 backslash	2026-06-05 17:03:00 (17 hours ago)	block ruleset WAF detection and high score on abuseIPDB 149EB1B42C242111FADBBC2EF8F90219570691E1	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-05 13:26:38 (21 hours ago)	(mod_security) mod_security (id:210492) triggered by 3.147.103.216 (ec2-3-147-103-216.us-east-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 3.147.103.216 (ec2-3-147-103-216.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 09:26:30.297279 2026] [security2:error] [pid 20448:tid 20456] [client 3.147.103.216:37832] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bertdecoutere.name"] [uri "/.env"] [unique_id "aiLOhvi24i-jSIQq43YSmAAAAUY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 08:06:22 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 3.147.103.216 (ec2-3-147-103-216.us-east-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 3.147.103.216 (ec2-3-147-103-216.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 04:06:19.632126 2026] [security2:error] [pid 23307:tid 23307] [client 3.147.103.216:52402] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bastardesign.com"] [uri "/.env"] [unique_id "aiKDe1XAXiWOonoH9gt6MQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 07:15:29 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 3.147.103.216 (ec2-3-147-103-216.us-east-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 3.147.103.216 (ec2-3-147-103-216.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 03:15:23.236109 2026] [security2:error] [pid 21305:tid 21305] [client 3.147.103.216:53078] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barnesandbrower.com"] [uri "/.env"] [unique_id "aiJ3iwUS9m4fjYkF1uoU9QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-05 04:17:24 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 02:36:35 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 3.147.103.216 (ec2-3-147-103-216.us-east-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 3.147.103.216 (ec2-3-147-103-216.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 22:36:29.283467 2026] [security2:error] [pid 5099:tid 5099] [client 3.147.103.216:60122] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "backyard-relics.com"] [uri "/.env"] [unique_id "aiI2Lb56X9LlHAjN0nEdFQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-05 01:55:14 (1 day ago)	[FriJun0503:55:08.4285502026][security2:error][pid25526:tid25618][client3.147.103.216:0]ModSecurity: ... show more [FriJun0503:55:08.4285502026][security2:error][pid25526:tid25618][client3.147.103.216:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"b4consulting.ch\"][uri\"/www/.env\"][unique_id\"aiIsfKQ3u7F-81Ju7d7DpQAAAIo\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 23:18:28 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 3.147.103.216 (ec2-3-147-103-216.us-east-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 3.147.103.216 (ec2-3-147-103-216.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 19:18:25.403852 2026] [security2:error] [pid 20837:tid 20837] [client 3.147.103.216:45488] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "avanyupublishing.com"] [uri "/.env"] [unique_id "aiIHwWu2ivIzije6QC_V0QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WellSpring	2026-06-04 22:30:04 (1 day ago)	env exposure on naturologie.com/.env — WellSpr.ing/NetSentinel civic-AI security layer	Web App Attack
🇩🇪 Bedios GmbH	2026-06-04 21:16:58 (1 day ago)	Login credentials theft attempt	Hacking
🇪🇸 Michael McCarthy	2026-06-04 17:59:07 (1 day ago)		Web Spam
🇺🇸 TPI-Abuse	2026-06-04 17:28:53 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 3.147.103.216 (ec2-3-147-103-216.us-east-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 3.147.103.216 (ec2-3-147-103-216.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 13:28:46.322209 2026] [security2:error] [pid 23966:tid 23966] [client 3.147.103.216:50146] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "asburyrobotics.com"] [uri "/.env"] [unique_id "aiG1zqcc7DPZyeIPHHNkggAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-06-04 16:56:11 (1 day ago)	http-sensitive-files - IP: 3.147.103.216 - time="2026-06-04T18:56:10+02:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 3.147.103.216 - time="2026-06-04T18:56:10+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 3.147.103.216 (US/16509) : 4h ban on Ip 3.147.103.216" module=db show less	Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 152.32.132.28

🇻🇳 103.228.36.70

🇹🇳 196.179.222.30

🇱🇧 185.134.178.53

🇺🇸 162.216.149.16

🇺🇸 102.129.223.92

🇫🇷 91.196.152.88

🇺🇸 64.62.156.201

🇸🇬 54.255.170.116

🇫🇷 15.237.72.122

🇯🇵 13.231.157.169

🇺🇸 74.249.178.45

🇺🇸 18.97.14.90

🇬🇧 2a06:4880:6000::72

🇺🇸 216.24.212.30

🇿🇦 197.89.181.73

🇸🇬 148.66.132.204

🇫🇮 147.185.133.53

🇻🇳 125.212.217.143

🇧🇩 120.89.66.17