JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.25.148

65.111.25.148 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.25.148

Whois 65.111.25.148

IP Abuse Reports for 65.111.25.148:

This IP address has been reported a total of 21 times from 6 distinct sources. 65.111.25.148 was first reported on January 24th 2025, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-10 18:55:37 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:55:32.622090 2026] [security2:error] [pid 7708:tid 7708] [client 65.111.25.148:33035] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.daviddholt.com"] [uri "/.git/HEAD"] [unique_id "aimzJL0_LmrN_iLGz831qwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 14:07:09 (3 months ago)	Too many Status 40X (11) Scanning/Probing (11)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:43:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:43:54.856594 2026] [security2:error] [pid 2503607:tid 2503636] [client 65.111.25.148:42987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leaderoftheopposition.com"] [uri "/test/.git/config"] [unique_id "aY8qmj86x5YlvjXGQoAQswAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:11:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:11:39.943016 2026] [security2:error] [pid 5361:tid 5361] [client 65.111.25.148:11283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mikelynchphoto.com"] [uri "/site/.git/config"] [unique_id "aY8jC4fsl7L8v72aOlBU1AAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:53:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:53:18.944981 2026] [security2:error] [pid 23229:tid 23298] [client 65.111.25.148:58911] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "metalartgate.com"] [uri "/app/.env"] [unique_id "aY7mfhLdtPHrxckGmU3csAAAAYk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:46:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:46:40.920331 2026] [security2:error] [pid 13001:tid 13001] [client 65.111.25.148:17915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medgi.co"] [uri "/api/.git/config"] [unique_id "aY7I0EmTEQXKcKhZyYn8qwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:15:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:15:06.226608 2026] [security2:error] [pid 2427243:tid 2427243] [client 65.111.25.148:55365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matronasoy.com"] [uri "/dev/.git/config"] [unique_id "aY6zWnK-M0qyW3VPxFAbDAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-13 04:32:21 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 65.111.25.148 (DE/Germany/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 65.111.25.148 (DE/Germany/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:01:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:01:31.958852 2026] [security2:error] [pid 9667:tid 9667] [client 65.111.25.148:37507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "manvsfoodlocations.com"] [uri "/.env.save"] [unique_id "aY6UC_NK3TjzBbwaOgBAEgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 00:52:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 19:52:32.284614 2026] [security2:error] [pid 4028:tid 4028] [client 65.111.25.148:43169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "macryder.com"] [uri "/frontend/.env"] [unique_id "aY510AnwfL4fUYigElt9gwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 23:00:50 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-12 20:05:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 15:05:54.365301 2026] [security2:error] [pid 20951:tid 20951] [client 65.111.25.148:9483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iceofparadise.com"] [uri "/.git/config"] [unique_id "aY4yoi6v4JQTXD2TL_9leAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 18:07:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 13:07:21.223441 2026] [security2:error] [pid 8475:tid 8475] [client 65.111.25.148:61045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drlaurengardner.com"] [uri "/.env"] [unique_id "aY4W2WTvX7ZysYsATL46hwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:27:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:27:05.824203 2026] [security2:error] [pid 22612:tid 22612] [client 65.111.25.148:23031] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dryprodrain.com"] [uri "/.git/config"] [unique_id "aY3_WeQW2THJWlgPKf8MIgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-04 16:03:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 11:03:14.882437 2025] [security2:error] [pid 17903:tid 17903] [client 65.111.25.148:57711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "susanoneill.us"] [uri "/.svn/wc.db"] [unique_id "aTGwwvb4RcPc_ZCBVUJo7gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 210.79.142.221

🇲🇲 202.165.90.220

🇲🇴 125.31.2.160

🇮🇳 125.21.53.232

🇮🇳 103.214.61.21

🇩🇪 78.46.211.133

🇳🇱 45.148.10.240

🇮🇹 37.186.141.80

🇫🇷 207.180.248.38

🇺🇸 172.70.176.16

🇭🇰 152.32.215.226

🇰🇷 125.142.37.91

🇨🇳 117.33.242.180

🇺🇸 98.122.215.23

🇫🇷 91.196.152.91

🇧🇬 79.124.40.110

🇵🇷 70.45.152.226

🇺🇸 64.62.156.228

🇳🇱 45.156.128.177

🇩🇪 45.135.194.83