JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 3.239.96.10

3.239.96.10 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 4%: ?

ISP	Amazon Data Services Northern Virginia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-3-239-96-10.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 3.239.96.10

Whois 3.239.96.10

IP Abuse Reports for 3.239.96.10:

This IP address has been reported a total of 15 times from 14 distinct sources. 3.239.96.10 was first reported on March 21st 2023, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-27 21:14:11 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 3.239.96.10 (ec2-3-239-96-10.compute-1.amazonaw ... show more (mod_security) mod_security (id:210492) triggered by 3.239.96.10 (ec2-3-239-96-10.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 17:14:07.064051 2026] [security2:error] [pid 24911:tid 24911] [client 3.239.96.10:45624] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.countylockup.org"] [uri "/.git/HEAD"] [unique_id "akA9H7l9LF57vpj7C14oJwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-12-02 12:39:55 (2 years ago)	SSHD unauthorised connection attempt	Brute-Force SSH
🇩🇪 ghostwarriors	2023-12-01 16:50:03 (2 years ago)	Attempts against non-existent wp-login	Brute-Force Web App Attack
Anonymous	2023-11-29 07:01:24 (2 years ago)	Scanning	Port Scan
Anonymous	2023-11-29 05:05:28 (2 years ago)	[29/Nov/2023:16:05:27 +1100] "GET /%25 HTTP/1.1" 404 196 [29/Nov/2023:16:05:27 +1100] "GET /Res/logi ... show more [29/Nov/2023:16:05:27 +1100] "GET /%25 HTTP/1.1" 404 196 [29/Nov/2023:16:05:27 +1100] "GET /Res/login.html HTTP/1.1" 404 196 show less	Hacking Web App Attack
🇫🇷 Franck MEYER	2023-03-27 04:02:09 (3 years ago)	SSH login attempts with user root.	Brute-Force SSH
Anonymous	2023-03-25 12:27:03 (3 years ago)		Port Scan SSH
🇸🇬 itachi1706	2023-03-25 12:14:36 (3 years ago)	Mar 25 20:14:30 vmi996132 sshd[2849864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 ... show more Mar 25 20:14:30 vmi996132 sshd[2849864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.239.96.10 Mar 25 20:14:32 vmi996132 sshd[2849864]: Failed password for invalid user username from 3.239.96.10 port 59374 ssh2 Mar 25 20:14:35 vmi996132 sshd[2849864]: Connection closed by invalid user username 3.239.96.10 port 59374 [preauth] ... show less	Brute-Force SSH
Anonymous	2023-03-24 13:50:36 (3 years ago)	Mar 24 14:50:32 deb sshd[28078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 ... show more Mar 24 14:50:32 deb sshd[28078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.239.96.10 Mar 24 14:50:34 deb sshd[28078]: Failed password for invalid user username from 3.239.96.10 port 60028 ssh2 ... show less	Brute-Force SSH
🇫🇷 security.rdmc.fr	2023-03-24 10:23:09 (3 years ago)	VoIP Attack proto:TCP src:36530 dst:5060	Fraud VoIP Port Scan
🇩🇪 niceshops.com	2023-03-24 07:47:49 (3 years ago)	Web Attack ([24/Mar/2023:08:47:48.606] GET /99vu)	Web App Attack
🇨🇭 abdullah	2023-03-24 03:02:08 (3 years ago)	Unauthorized connection attempt detected from IP address 3.239.96.10 to port 8080 (maple)	Port Scan
🇨🇳 ThreatBook.io	2023-03-21 23:12:34 (3 years ago)	ThreatBook Intelligence: Info more details on http://threatbook.io/ip/3.239.96.10	Brute-Force
🇫🇷 security.rdmc.fr	2023-03-21 21:49:39 (3 years ago)	VoIP Attack proto:TCP src:60774 dst:5060	Fraud VoIP Port Scan
🇫🇷 dsl	2023-03-21 20:03:47 (3 years ago)	Mar 21 20:03:43 dgserver sshd[4238]: Invalid user username from 3.239.96.10 port 60250 Mar 21 20:03: ... show more Mar 21 20:03:43 dgserver sshd[4238]: Invalid user username from 3.239.96.10 port 60250 Mar 21 20:03:43 dgserver sshd[4238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.239.96.10 Mar 21 20:03:46 dgserver sshd[4238]: Failed password for invalid user username from 3.239.96.10 port 60250 ssh2 ... show less	Brute-Force SSH

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.62.75.15

🇳🇱 45.148.10.121

🇩🇪 185.220.101.189

🇬🇧 45.133.173.72

🇺🇸 44.205.74.196

🇺🇸 40.112.183.29

🇺🇸 20.168.122.61

🇳🇱 204.76.203.81

🇩🇪 167.94.146.42

🇮🇩 103.253.245.96

🇮🇩 103.183.75.228

🇳🇱 78.142.18.172

🇧🇬 45.95.170.45

🇬🇧 23.161.169.127

🇺🇸 195.184.76.56

🇮🇩 182.253.156.184

🇨🇳 175.22.36.168

🇻🇳 160.22.171.138

🇳🇱 158.94.210.203

🇮🇱 147.235.199.134