JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 3.25.227.213

3.25.227.213 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 63%: ?

63%

ISP	Amazon Corporate Services Pty Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-3-25-227-213.ap-southeast-2.compute.amazonaws.com
Domain Name	amazon.com.au
Country	🇦🇺 Australia
City	Sydney, New South Wales

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 3.25.227.213

Whois 3.25.227.213

IP Abuse Reports for 3.25.227.213:

This IP address has been reported a total of 34 times from 10 distinct sources. 3.25.227.213 was first reported on June 3rd 2026, and the most recent report was 14 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-08 01:21:40 (14 minutes ago)	(mod_security) mod_security (id:210492) triggered by 3.25.227.213 (ec2-3-25-227-213.ap-southeast-2.c ... show more (mod_security) mod_security (id:210492) triggered by 3.25.227.213 (ec2-3-25-227-213.ap-southeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:21:37.499385 2026] [security2:error] [pid 29314:tid 29314] [client 3.25.227.213:52167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bkspeck.com"] [uri "/.env"] [unique_id "aiYZIZzemuM3d_lI6eEgzAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 [email protected]	2026-06-05 06:22:02 (2 days ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-06-05T06:22:02Z	Brute-Force
🇺🇸 [email protected]	2026-06-05 06:00:05 (2 days ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-06-05T06:00:05Z	Brute-Force
🇺🇸 [email protected]	2026-06-05 02:49:17 (2 days ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-06-05T02:49:17Z	Brute-Force
🇳🇱 homeshowdomain.nl	2026-06-04 21:59:45 (3 days ago)	Auto-ban: >3000 req/min op 2026-06-04	Web App Attack SSH Hacking
🇺🇸 jkhorvath.com	2026-06-04 18:26:13 (3 days ago)	Request for URL /.env	Phishing Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-04 17:52:50 (3 days ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-197)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 15:37:36 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 3.25.227.213 (ec2-3-25-227-213.ap-southeast-2.c ... show more (mod_security) mod_security (id:210492) triggered by 3.25.227.213 (ec2-3-25-227-213.ap-southeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 11:37:30.032742 2026] [security2:error] [pid 4605:tid 4605] [client 3.25.227.213:49321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alanbeckwith.com"] [uri "/.env"] [unique_id "aiGbuun-JkoRiLf3gfhIDgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 15:19:13 (3 days ago)	(mod_security) mod_security (id:949110) triggered by 3.25.227.213 (ec2-3-25-227-213.ap-southeast-2.c ... show more (mod_security) mod_security (id:949110) triggered by 3.25.227.213 (ec2-3-25-227-213.ap-southeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 11:19:05.836458 2026] [security2:error] [pid 23768:tid 23768] [client 3.25.227.213:60801] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "akistech.com"] [uri "/.env"] [unique_id "aiGXacbfvxbzJivO7NSbrgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 14:57:53 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 3.25.227.213 (ec2-3-25-227-213.ap-southeast-2.c ... show more (mod_security) mod_security (id:210492) triggered by 3.25.227.213 (ec2-3-25-227-213.ap-southeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 10:57:48.267699 2026] [security2:error] [pid 27468:tid 27468] [client 3.25.227.213:62515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aivosminerals.com"] [uri "/.env"] [unique_id "aiGSbOcN_mIWdHnweHUVHgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 14:21:27 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 3.25.227.213 (ec2-3-25-227-213.ap-southeast-2.c ... show more (mod_security) mod_security (id:210492) triggered by 3.25.227.213 (ec2-3-25-227-213.ap-southeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 10:21:21.853291 2026] [security2:error] [pid 14942:tid 14942] [client 3.25.227.213:55642] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aim-controls.com"] [uri "/.env"] [unique_id "aiGJ4bz_ba6h1FuOsfHRhAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-04 14:05:05 (3 days ago)	[ThuJun0416:05:00.2786182026][security2:error][pid299923:tid300776][client3.25.227.213:0]ModSecurity ... show more [ThuJun0416:05:00.2786182026][security2:error][pid299923:tid300776][client3.25.227.213:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"aid-consultancy.com\"][uri\"/.env\"][unique_id\"aiGGDNEeFWSfy0EdWbzfBwAAAQk\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 13:45:35 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 3.25.227.213 (ec2-3-25-227-213.ap-southeast-2.c ... show more (mod_security) mod_security (id:210492) triggered by 3.25.227.213 (ec2-3-25-227-213.ap-southeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 09:45:29.869012 2026] [security2:error] [pid 28501:tid 28501] [client 3.25.227.213:62236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ahsigns.com"] [uri "/.env"] [unique_id "aiGBeVxSiONyPpsUDAMntgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 13:29:48 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 3.25.227.213 (ec2-3-25-227-213.ap-southeast-2.c ... show more (mod_security) mod_security (id:210492) triggered by 3.25.227.213 (ec2-3-25-227-213.ap-southeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 09:29:41.751109 2026] [security2:error] [pid 24036:tid 24036] [client 3.25.227.213:49883] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ags-ga.com"] [uri "/.env"] [unique_id "aiF9xaB_d8IXEruFvMbXRQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇬 securejdprop	2026-06-04 13:29:27 (3 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing	Hacking Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 37.10.113.220

🇺🇸 216.25.89.110

🇸🇮 172.216.15.118

🇮🇳 154.84.242.115

🇺🇸 138.2.235.174

🇺🇸 137.184.38.115

🇨🇳 58.42.204.29

🇬🇧 35.203.211.170

🇺🇸 34.162.12.20

🇬🇧 2a06:4880:8000::9e

🇳🇱 193.176.31.233

🇮🇩 180.252.240.228

🇵🇰 153.117.13.174

🇮🇳 117.202.186.24

🇷🇺 82.202.141.164

🇱🇹 77.90.185.80

🇺🇸 64.62.156.142

🇮🇳 34.14.209.155

🇺🇸 207.90.244.2

🇬🇧 193.163.125.123