JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.209.199.125

185.209.199.125 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 59%: ?

59%

ISP	31173 Services AB infrastructure in Gothenburg, SE.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS39351
Domain Name	31173.se
Country	🇸🇪 Sweden
City	Gothenburg, Vastra Gotaland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.209.199.125

Whois 185.209.199.125

IP Abuse Reports for 185.209.199.125:

This IP address has been reported a total of 25 times from 19 distinct sources. 185.209.199.125 was first reported on May 30th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-11 21:00:23 (1 week ago)	"GET /.git/index HTTP/1.1"	Hacking Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-11 13:09:02 (1 week ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,mx01,mx02,mx03,wa ... show more Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,mx01,mx02,mx03,wa01,wa02] show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 10:48:17 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 185.209.199.125 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.209.199.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 06:48:14.319307 2026] [security2:error] [pid 1994:tid 2020] [client 185.209.199.125:38064] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bullfrogspond.com"] [uri "/.git/index"] [unique_id "aiqSbjryi-W6UENFoVXAyAAAARc"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-11 10:39:19 (1 week ago)	127 requests with url.path .git/	Brute-Force Bad Web Bot
🇩🇪 big-cloud.nl	2026-06-11 10:33:56 (1 week ago)	Try to access /.git/index	Web App Attack
Anonymous	2026-06-11 10:30:02 (1 week ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 10:13:22 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 185.209.199.125 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.209.199.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 06:13:14.442098 2026] [security2:error] [pid 20262:tid 20262] [client 185.209.199.125:55926] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "briannalls.com"] [uri "/.git/index"] [unique_id "aiqKOvLv0qWwd18hVzTzTgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 SilverZippo	2026-06-11 09:55:38 (1 week ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 09:52:21 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 185.209.199.125 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.209.199.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 05:52:14.011074 2026] [security2:error] [pid 16643:tid 16643] [client 185.209.199.125:57504] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bowerwood.com"] [uri "/.git/index"] [unique_id "aiqFTpArpZp4GRymzDvwmwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 inlink.ltd	2026-06-11 09:32:47 (1 week ago)	dot file probe	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 09:14:29 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 185.209.199.125 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.209.199.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 05:14:22.145275 2026] [security2:error] [pid 2608:tid 2608] [client 185.209.199.125:40622] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bmbb1.com"] [uri "/.git/index"] [unique_id "aip8btr00Prs8NVUBDFXnQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 08:42:51 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 185.209.199.125 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.209.199.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 04:42:43.728802 2026] [security2:error] [pid 23064:tid 23064] [client 185.209.199.125:56474] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blackballprojects.com"] [uri "/.git/index"] [unique_id "aip1Aw4pTF5Vo081Gp2WmgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 _tom	2026-06-11 08:15:37 (1 week ago)	Automated report (2026-06-11T10:15:37+02:00). Caught probing for exposed Git data.	Hacking Web App Attack Open Proxy VPN IP
🇺🇸 TPI-Abuse	2026-06-11 08:11:31 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 185.209.199.125 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.209.199.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 04:11:24.724776 2026] [security2:error] [pid 28642:tid 28642] [client 185.209.199.125:43438] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bigredgraphicdesign.com"] [uri "/.git/index"] [unique_id "aiptrF3pZe8I2S0cIZAFIgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-11 08:05:44 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 170.187.165.218

🇮🇩 103.154.231.122

🇳🇱 45.148.10.230

🇲🇽 187.191.48.23

🇺🇸 172.191.157.64

🇺🇸 137.184.133.235

🇫🇷 91.231.89.140

🇨🇳 223.241.247.227

🇺🇸 205.210.31.25

🇺🇸 162.216.149.244

🇺🇸 147.185.132.179

🇳🇱 91.92.40.231

🇳🇱 45.148.10.152

🇺🇸 45.55.151.3

🇻🇳 42.96.19.37

🇧🇪 198.235.24.181

🇳🇱 176.65.148.228

🇫🇷 85.217.140.42

🇮🇷 85.198.19.251

🇩🇪 209.50.186.219