JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.25.50

65.111.25.50 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.25.50

Whois 65.111.25.50

IP Abuse Reports for 65.111.25.50:

This IP address has been reported a total of 24 times from 12 distinct sources. 65.111.25.50 was first reported on June 28th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-04-24 00:33:48 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇮🇹 VHosting	2026-03-14 02:00:11 (2 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-03-12 07:45:06 (2 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇫🇷 solution.it	2025-12-10 16:56:25 (5 months ago)	[Wed Dec 10 17:56:24.647463 2025] [php7:error] [pid 3172500:tid 3172500] [client 65.111.25.50:28415] ... show more [Wed Dec 10 17:56:24.647463 2025] [php7:error] [pid 3172500:tid 3172500] [client 65.111.25.50:28415] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:55:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:55:51.638160 2025] [security2:error] [pid 16716:tid 16716] [client 65.111.25.50:47497] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.masterpiecemorgans.com"] [uri "/.env"] [unique_id "aSU21-W8IqqCROqo9Qd6-gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:19:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:19:11.420390 2025] [security2:error] [pid 7415:tid 7415] [client 65.111.25.50:43635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.cultiplant.com"] [uri "/.git/HEAD"] [unique_id "aSUuP9mDpnHyjlETuLyHowAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:38:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:37:58.825600 2025] [security2:error] [pid 27810:tid 27810] [client 65.111.25.50:60411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.mmipro.com"] [uri "/.git/HEAD"] [unique_id "aSUklj1Ix4oQJ_YdSRNFsAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:46:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:46:28.826753 2025] [security2:error] [pid 20009:tid 20009] [client 65.111.25.50:22685] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.lspfest.com"] [uri "/.git/HEAD"] [unique_id "aSUYhJDlONs0IKJ84MsszQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:05:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:05:27.615820 2025] [security2:error] [pid 11561:tid 11561] [client 65.111.25.50:26251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.getmypov.com"] [uri "/.env"] [unique_id "aSUA10Iw5x4FHC3zyxYCcQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:15:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:15:48.819562 2025] [security2:error] [pid 19986:tid 19986] [client 65.111.25.50:44809] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.thepianosmith.com"] [uri "/.git/HEAD"] [unique_id "aSQiRJ20JjEr8m2TNQAsNAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:21:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:21:20.073647 2025] [security2:error] [pid 27184:tid 27184] [client 65.111.25.50:11885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.ulrike-petri.de"] [uri "/.svn/wc.db"] [unique_id "aSQHcI9E3CyyB_r2GhTuYgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:43:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:43:39.086140 2025] [security2:error] [pid 11601:tid 11601] [client 65.111.25.50:21729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.tolenaar.com"] [uri "/.svn/wc.db"] [unique_id "aSP-m7wGRQT4Uqhcg89qjgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:29:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:29:45.133015 2025] [security2:error] [pid 6391:tid 6391] [client 65.111.25.50:32903] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.patanthony.com"] [uri "/.git/HEAD"] [unique_id "aSPfObmAsrL3IpvllfaE3QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:45:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:45:48.561522 2025] [security2:error] [pid 3965258:tid 3965293] [client 65.111.25.50:60363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.careofsouls.org"] [uri "/.env"] [unique_id "aSPU7MhgZFlRjqvFbohu0QAAARY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-07 16:27:54 (8 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 119.18.55.118

🇳🇱 5.83.143.117

🇺🇸 209.90.232.26

🇩🇪 185.242.3.226

🇺🇸 173.244.60.155

🇳🇱 158.94.211.16

🇺🇸 154.52.9.55

🇵🇰 137.59.229.148

🇫🇷 62.210.209.225

🇺🇸 47.251.141.39

🇸🇬 43.156.202.34

🇺🇸 34.58.150.211

🇺🇸 198.2.184.57

🇧🇯 154.72.113.233

🇱🇧 141.105.81.218

🇺🇸 66.175.211.52

🇸🇬 52.237.80.79

🇺🇸 45.39.60.82

🇸🇬 34.143.158.76

🇰🇷 1.247.216.26