JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.25.145

65.111.25.145 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.25.145

Whois 65.111.25.145

IP Abuse Reports for 65.111.25.145:

This IP address has been reported a total of 18 times from 7 distinct sources. 65.111.25.145 was first reported on July 9th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (3 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇪🇸 10dencehispahard SL	2026-01-12 07:23:30 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2026-01-05 20:38:51 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-09 10:42:33 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 05:42:24.791573 2025] [security2:error] [pid 20181:tid 20181] [client 65.111.25.145:41651] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|primacomm.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "primacomm.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aTf9EE9s0SQH-1R8ozz_kAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 SSH-Admin	2025-11-30 12:41:58 (6 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:15:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:15:15.195752 2025] [security2:error] [pid 6904:tid 6904] [client 65.111.25.145:23019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.grayowl.com"] [uri "/.svn/wc.db"] [unique_id "aSapA4cYIduIFt7vDWLRGAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:00:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:00:53.079267 2025] [security2:error] [pid 18703:tid 18703] [client 65.111.25.145:58885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.petesplaza.com"] [uri "/.svn/wc.db"] [unique_id "aSaXlX3Ykll9WMGMATytegAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:11:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:11:23.786457 2025] [security2:error] [pid 5714:tid 5754] [client 65.111.25.145:58495] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.promc.xyz"] [uri "/.git/HEAD"] [unique_id "aSZTu51DbV1MPBadQiJShwAAAFM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:42:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:42:31.133782 2025] [security2:error] [pid 24271:tid 24271] [client 65.111.25.145:30487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.dougscomputers.com"] [uri "/.svn/wc.db"] [unique_id "aSZM94HiUROpCPquahU5NQAAACs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:11:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:11:05.932045 2025] [security2:error] [pid 18296:tid 18296] [client 65.111.25.145:56009] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.thestillwatergroup.com"] [uri "/.env"] [unique_id "aSZFmd4-IAw4dLTBIHQ5qwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 22:48:30 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-24 07:29:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:29:10.163407 2025] [security2:error] [pid 11162:tid 11162] [client 65.111.25.145:26449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.3n1ent.com"] [uri "/.svn/wc.db"] [unique_id "aSQJRhd3NiQRYYAoFkTg7wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-16 01:36:40 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 15 20:36:35.828217 2025] [security2:error] [pid 30034:tid 30034] [client 65.111.25.145:29541] [client 65.111.25.145] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|americancryonics.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "americancryonics.org"] [uri "/wp-json/wp/v2/users"] [unique_id "Z7FBI9TlYmImxkbze48xkwAAAAA"], referer: https://americancryonics.org show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-13 05:53:23 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 65.111.25.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 13 00:53:17.481878 2025] [security2:error] [pid 2921518:tid 2921528] [client 65.111.25.145:36167] [client 65.111.25.145] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|richardleeweatherman.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "richardleeweatherman.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4SqTcnu4FWk7XIA3BMtbAAAAAY"], referer: https://richardleeweatherman.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 192.95.10.204

🇷🇺 178.64.115.9

🇺🇸 147.185.132.65

🇻🇳 116.110.156.108

🇺🇸 64.207.225.55

🇭🇰 47.243.58.151

🇮🇳 223.225.111.105

🇺🇸 162.216.150.14

🇸🇬 129.212.237.224

🇭🇰 118.26.37.26

🇮🇩 114.79.21.136

🇫🇷 91.231.89.170

🇭🇰 38.76.163.44

🇮🇩 36.64.190.82

🇨🇭 209.99.186.68

🇬🇧 195.96.139.24

🇧🇷 179.234.110.83

🇺🇸 172.203.207.197

🇵🇪 161.132.37.31

🇺🇸 147.185.132.52