JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.25.254

65.111.25.254 was found in our database!

This IP was reported 56 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.25.254

Whois 65.111.25.254

IP Abuse Reports for 65.111.25.254:

This IP address has been reported a total of 56 times from 23 distinct sources. 65.111.25.254 was first reported on July 4th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-24 21:31:17 (2 days ago)	WordPress Brute Force	Brute-Force
🇩🇪 HandyTreff.de	2026-05-11 13:08:55 (1 month ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -74.701 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -74.701 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: curl/8.7.1 show less	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-13 09:20:21 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:20:15.788072 2026] [security2:error] [pid 7861:tid 7861] [client 65.111.25.254:63639] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lanistandifer.com"] [uri "/backup/.git/config"] [unique_id "aY7szxE7MM9TfdG3aU9CxgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 08:07:20 (4 months ago)	Too many Status 40X (12) Scanning/Probing (13)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:17:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:17:49.759963 2026] [security2:error] [pid 1684:tid 1684] [client 65.111.25.254:55177] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kulprid.com"] [uri "/.git/config"] [unique_id "aY7QHZeB1tSAM8CmLXmBbgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:30:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:30:03.235839 2026] [security2:error] [pid 26291:tid 26291] [client 65.111.25.254:36461] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "krakowski.org"] [uri "/admin/.git/config"] [unique_id "aY7E61G65XmEna477p49zQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:04:21 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:04:15.649537 2026] [security2:error] [pid 29564:tid 29564] [client 65.111.25.254:50791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kln.jp"] [uri "/backend/.env"] [unique_id "aY6wz_ug-KFJUspL7JkqNAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:30:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:30:34.486006 2026] [security2:error] [pid 19344:tid 19344] [client 65.111.25.254:33607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kelting.net"] [uri "/backend/.env"] [unique_id "aY6Mygr0T-K4PwcjUxnmmAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:47:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:47:13.025063 2026] [security2:error] [pid 1783227:tid 1783234] [client 65.111.25.254:34959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kaukabsiddique.net"] [uri "/admin/.git/config"] [unique_id "aY6CoSWC_k-0Ydu5YHabXAAAAIM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 aks4226	2026-02-12 20:08:32 (4 months ago)	Bot search, attacking common web applications.	Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:34:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:34:34.560659 2026] [security2:error] [pid 3766576:tid 3766576] [client 65.111.25.254:40863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "askmedichat.com"] [uri "/.env"] [unique_id "aY4BGrAXzFW3lBUq1m7RBwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 15:56:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:56:44.070602 2026] [security2:error] [pid 6719:tid 6719] [client 65.111.25.254:46329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bkspeck.com"] [uri "/.git/config"] [unique_id "aY34PLH6QthWf6ac33raTAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-11 22:59:58 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-11	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-11 22:06:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 17:06:12.945636 2026] [security2:error] [pid 12332:tid 12332] [client 65.111.25.254:31277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cozydesignae.com"] [uri "/backend/.env"] [unique_id "aYz9VBCx_DtokbGwinSogwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 18:30:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 13:30:21.700855 2026] [security2:error] [pid 11078:tid 11078] [client 65.111.25.254:21793] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "britishfolk.org"] [uri "/api/.git/config"] [unique_id "aYzKvT66rX5rWA_Gkmfy7wAAABo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 56 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.4.202.238

🇨🇳 211.101.232.196

🇮🇳 49.37.9.2

🇷🇺 45.91.64.7

🇧🇪 34.22.146.188

🇺🇸 205.210.31.80

🇩🇿 197.140.142.207

🇬🇧 195.140.214.29

🇲🇽 187.192.86.153

🇺🇸 172.56.233.78

🇺🇸 162.216.149.90

🇨🇳 117.50.211.254

🇳🇱 89.21.67.184

🇫🇷 85.217.140.20

🇹🇷 78.190.234.127

🇮🇶 65.20.237.191

🇭🇰 46.247.61.75

🇳🇱 45.148.10.200

🇻🇳 45.119.81.245

🇺🇸 45.66.211.49