JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 3.95.28.47

3.95.28.47 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 15%: ?

15%

ISP	Amazon Data Services Northern Virginia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-3-95-28-47.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 3.95.28.47

Whois 3.95.28.47

IP Abuse Reports for 3.95.28.47:

This IP address has been reported a total of 5 times from 2 distinct sources. 3.95.28.47 was first reported on June 21st 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-22 22:03:47 (1 day ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-21. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-22 01:40:00 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 3.95.28.47 (ec2-3-95-28-47.compute-1.amazonaws. ... show more (mod_security) mod_security (id:210492) triggered by 3.95.28.47 (ec2-3-95-28-47.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 21:39:55.555460 2026] [security2:error] [pid 10034:tid 10051] [client 3.95.28.47:49602] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.killerrockandroll.com"] [uri "/.git/config"] [unique_id "ajiSa345Qf01-xLBQ-iTVgAAAQ8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 01:18:53 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 3.95.28.47 (ec2-3-95-28-47.compute-1.amazonaws. ... show more (mod_security) mod_security (id:210492) triggered by 3.95.28.47 (ec2-3-95-28-47.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 21:18:49.358160 2026] [security2:error] [pid 11960:tid 11960] [client 3.95.28.47:35392] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.ironsightsarmory.com"] [uri "/.git/config"] [unique_id "ajiNec6_zMUeJiRfEvd50QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 00:07:18 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 3.95.28.47 (ec2-3-95-28-47.compute-1.amazonaws. ... show more (mod_security) mod_security (id:210492) triggered by 3.95.28.47 (ec2-3-95-28-47.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 20:07:11.427566 2026] [security2:error] [pid 5834:tid 5834] [client 3.95.28.47:38236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "illinois-online.org"] [uri "/.git/HEAD"] [unique_id "ajh8r-gM3_un7gkChnu3sgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 20:25:12 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 3.95.28.47 (ec2-3-95-28-47.compute-1.amazonaws. ... show more (mod_security) mod_security (id:210492) triggered by 3.95.28.47 (ec2-3-95-28-47.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 16:25:08.178355 2026] [security2:error] [pid 25532:tid 25578] [client 3.95.28.47:51210] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.goodfridaygolf.com"] [uri "/.git/HEAD"] [unique_id "ajhIpAu3Smj9ZcKUJorjCgAAANc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 109.91.4.177

🇺🇸 104.243.42.167

🇸🇬 103.250.11.176

🇹🇼 60.199.224.2

🇨🇳 36.110.172.218

🇳🇱 2.58.56.155

🇷🇺 213.33.182.183

🇷🇺 193.37.69.113

🇺🇸 91.230.168.2

🇫🇷 51.68.247.200

🇧🇪 34.78.23.28

🇨🇳 14.103.127.233

🇳🇱 5.61.209.43

🇮🇳 223.178.208.153

🇺🇸 172.202.26.119

🇺🇸 172.70.126.44

🇺🇸 156.239.42.225

🇮🇳 103.127.30.137

🇫🇮 37.228.129.128

🇳🇱 194.35.226.231