AbuseIPDB » 3.98.138.59
3.98.138.59 was found in our database!
This IP was reported 8 times. Confidence of
Abuse
is 31% : ?
ISP
Amazon Data Services Canada
Usage Type
Data Center/Web Hosting/Transit
ASN
AS16509
Hostname(s)
ec2-3-98-138-59.ca-central-1.compute.amazonaws.com
Domain Name
amazon.com
Country
π¨π¦
Canada
City
Montreal, Quebec
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 3.98.138.59 :
This IP address has been reported a total of
8
times from
4 distinct
sources.
3.98.138.59 was first reported on
July 16th 2026 , and the most recent report was
11 hours ago .
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
π³π±
Site.eu
2026-07-18 08:03:35
(11 hours ago)
Excessive 404/403 errors
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-18 04:44:35
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 3.98.138.59 (ec2-3-98-138-59.ca-central-1.compu ...
show more
(mod_security) mod_security (id:210492) triggered by 3.98.138.59 (ec2-3-98-138-59.ca-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 00:44:27.661416 2026] [security2:error] [pid 1701232:tid 1701232] [client 3.98.138.59:56996] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whiterhinogroup.net"] [uri "/.git/config"] [unique_id "alsEq8XE1jfnRPRSN18WhgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-07-17 22:00:08
(21 hours ago)
Auto-ban: >3000 req/min op 2026-07-17
Web App Attack
SSH
Hacking
Anonymous
2026-07-17 08:59:14
(1 day ago)
(caddyscan) Scanner path probe from 3.98.138.59 (CA/Canada/ec2-3-98-138-59.ca-central-1.compute.amaz ...
show more
(caddyscan) Scanner path probe from 3.98.138.59 (CA/Canada/ec2-3-98-138-59.ca-central-1.compute.amazonaws.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 3.98.138.59 - - [17/Jul/2026:08:59:09 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 3.98.138.59 - - [17/Jul/2026:08:59:09 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 3.98.138.59 - - [17/Jul/2026:08:59:09 +0000] "GET /.env.local HTTP/1.1"
[REDACTED] 200 2627 3.98.138.59 - - [17/Jul/2026:08:59:09 +0000] "GET /.env.production HTTP/1.1"
[REDACTED] 200 2627 3.98.138.59 - - [17/Jul/2026:08:59:09 +0000] "GET /.env.staging HTTP/1.1"
show less
Port Scan
πΊπΈ
TPI-Abuse
2026-07-17 01:50:53
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 3.98.138.59 (ec2-3-98-138-59.ca-central-1.compu ...
show more
(mod_security) mod_security (id:210492) triggered by 3.98.138.59 (ec2-3-98-138-59.ca-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 21:50:48.534441 2026] [security2:error] [pid 152953:tid 152953] [client 3.98.138.59:59334] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.copierscharlotte.computersraleigh.com"] [uri "/.git/config"] [unique_id "almKeNPJ4uox1TXP73iTLAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-17 00:47:11
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 3.98.138.59 (ec2-3-98-138-59.ca-central-1.compu ...
show more
(mod_security) mod_security (id:210492) triggered by 3.98.138.59 (ec2-3-98-138-59.ca-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 20:47:05.722927 2026] [security2:error] [pid 30005:tid 30009] [client 3.98.138.59:53566] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.thebiglies.com"] [uri "/.git/config"] [unique_id "all7iZ9U2f6FPrEAGxDSXAAAAEI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-07-16 13:12:58
(2 days ago)
Excessive 404/403 errors
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-16 12:41:17
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 3.98.138.59 (ec2-3-98-138-59.ca-central-1.compu ...
show more
(mod_security) mod_security (id:210492) triggered by 3.98.138.59 (ec2-3-98-138-59.ca-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 08:41:10.316299 2026] [security2:error] [pid 17371:tid 17371] [client 3.98.138.59:60538] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jazziiafoundation.jazziientertainment.com"] [uri "/.git/config"] [unique_id "aljRZgH3nrxB0a8A6nWN3AAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
8
of 8 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: