JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.25.194

65.111.25.194 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.25.194

Whois 65.111.25.194

IP Abuse Reports for 65.111.25.194:

This IP address has been reported a total of 22 times from 10 distinct sources. 65.111.25.194 was first reported on July 4th 2024, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-22 15:00:30 (13 hours ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇦🇺 oncord	2026-03-02 19:24:49 (3 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-24 00:13:46 (3 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-23 15:56:02 (3 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-20 23:41:17 (4 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-11 10:19:37 (4 months ago)	Form spam	Web Spam
🇬🇧 oncord	2026-02-10 00:59:46 (4 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-06 01:41:22 (4 months ago)	Form spam	Web Spam
Anonymous	2025-12-04 03:19:05 (6 months ago)	2025-12-04T05:19:05.660689+02:00 zanati wp(www.sahpa.co.za)[382700]: Blocked authentication attempt ... show more 2025-12-04T05:19:05.660689+02:00 zanati wp(www.sahpa.co.za)[382700]: Blocked authentication attempt for [email protected] from 65.111.25.194 ... show less	Web App Attack
🇧🇪 madeit	2025-11-27 12:26:24 (6 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:33:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.194 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:33:02.695407 2025] [security2:error] [pid 132008:tid 132013] [client 65.111.25.194:60015] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bbpuertadelsol.com"] [uri "/.env"] [unique_id "aSQYPgH-XN5lTt6cMbeBDgAAAEA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:46:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.194 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:46:04.481039 2025] [security2:error] [pid 2825:tid 2825] [client 65.111.25.194:14331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "auguststoten.com"] [uri "/.env"] [unique_id "aSQNPOKPXcboH6iyuSzGqgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:37:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.194 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:37:50.632880 2025] [security2:error] [pid 24167:tid 24167] [client 65.111.25.194:18369] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anenchantingevening.com"] [uri "/.git/HEAD"] [unique_id "aSP9PvRYZdz8mNzhs5IS2QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:50:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.194 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:50:40.056414 2025] [security2:error] [pid 20120:tid 20120] [client 65.111.25.194:47207] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.fatparrots.org"] [uri "/.git/HEAD"] [unique_id "aSPkIGSYVjy8chEJSYQxzwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 13:45:01 (7 months ago)	suspicious request in access.log	Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.249

🇸🇬 47.236.104.125

🇳🇱 45.148.10.121

🇨🇳 222.88.225.195

🇺🇸 216.25.89.156

🇨🇭 209.99.190.200

🇻🇪 190.97.245.43

🇳🇱 178.16.54.22

🇮🇳 135.13.17.137

🇨🇳 118.81.205.181

🇩🇪 69.5.169.179

🇺🇸 66.132.172.225

🇺🇸 207.90.244.18

🇺🇸 162.216.150.141

🇺🇸 162.216.149.88

🇺🇸 100.51.6.16

🇵🇱 95.214.53.157

🇺🇿 84.54.72.44

🇩🇪 69.5.169.154

🇬🇧 35.203.210.52