JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.25.72

65.111.25.72 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 39%: ?

39%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.25.72

Whois 65.111.25.72

IP Abuse Reports for 65.111.25.72:

This IP address has been reported a total of 41 times from 27 distinct sources. 65.111.25.72 was first reported on July 3rd 2024, and the most recent report was 26 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 solution.it	2026-06-29 20:53:19 (26 minutes ago)	[Mon Jun 29 22:53:18.846020 2026] [php7:error] [pid 3820733:tid 3820733] [client 65.111.25.72:41765] ... show more [Mon Jun 29 22:53:18.846020 2026] [php7:error] [pid 3820733:tid 3820733] [client 65.111.25.72:41765] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat, referer: https://solution.it/wp-login.php show less	Web App Attack
🇫🇷 ELYAZ	2026-06-26 09:27:51 (3 days ago)	(y4) Failed scan -byebye- from 65.111.25.72 (DE/Germany/-): (CF_ENABLE)	Hacking
🇬🇷 setupgr	2026-06-25 03:26:43 (4 days ago)	(mod_security) mod_security (id:900001) triggered by 65.111.25.72 (DE/Germany/State of Berlin/Berlin ... show more (mod_security) mod_security (id:900001) triggered by 65.111.25.72 (DE/Germany/State of Berlin/Berlin/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 25 06:26:41.348375 2026] [security2:error] [pid 358184:tid 358221] [client 65.111.25.72:10949] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: villa-izabela.com"] [severity "CRITICAL"] [tag "security"] [hostname "villa-izabela.com"] [uri "/wp-login.php"] [unique_id "ajyf8aO2mzdLeHxqn3rcrgAAAUU"], referer: https://villa-izabela.com/wp-login.php show less	Port Scan
🇬🇧 spamverify.com	2026-06-25 01:10:42 (4 days ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇳🇿 billyborsht	2026-06-24 21:08:30 (5 days ago)	2026-06-25T09:08:29.864505+12:00 southern wordpress(kate.frykberg.co.nz)[1407245]: Authentication at ... show more 2026-06-25T09:08:29.864505+12:00 southern wordpress(kate.frykberg.co.nz)[1407245]: Authentication attempt for unknown user backupsystems from 65.111.25.72 ... show less	Hacking Web App Attack
🇫🇷 Sklurk	2026-06-23 04:01:00 (6 days ago)	Web App Attack	Web App Attack
🇬🇧 PeravixGroup	2026-05-03 18:23:52 (1 month ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 2375. Severity: HI ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 2375. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 consul.to	2026-02-15 12:49:00 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 11:36:39 (4 months ago)	Try to access /app/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:10:39 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.72 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:10:30.567148 2026] [security2:error] [pid 27916:tid 27916] [client 65.111.25.72:45745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stainedglass.ab.ca"] [uri "/v2/.git/config"] [unique_id "aZE5Jo8uRuALHKnxK0oCGwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:37:31 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.72 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:37:26.164752 2026] [security2:error] [pid 29437:tid 29437] [client 65.111.25.72:21397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "n4ocw.com"] [uri "/.env.local"] [unique_id "aZExZtW3ARdT9NPL5IXINAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:49:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.72 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:49:10.462078 2026] [security2:error] [pid 10103:tid 10103] [client 65.111.25.72:34261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sourcecodeportal.com"] [uri "/.env"] [unique_id "aZEmFn9KBolnWJi59k19XAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 00:56:36 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:39:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.72 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:39:26.345763 2026] [security2:error] [pid 15442:tid 15442] [client 65.111.25.72:45383] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ltscatering.com"] [uri "/admin/.git/config"] [unique_id "aZEVvkQUQ0jDThWWDku78gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 23:09:12 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.72 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:09:06.338893 2026] [security2:error] [pid 18597:tid 18597] [client 65.111.25.72:18517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "littlepeopledelivery.com"] [uri "/.env.staging"] [unique_id "aZEAkuT6ACiO-ThHnqmmwgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 185.216.192.197

🇪🇸 92.57.239.14

🇺🇸 66.132.172.238

🇺🇸 216.73.217.85

🇵🇪 201.218.159.3

🇧🇷 200.189.29.19

🇺🇸 147.185.132.49

🇨🇳 111.21.105.250

🇨🇳 106.75.184.36

🇨🇳 58.216.229.50

🇳🇱 45.148.10.121

🇬🇧 35.203.211.20

🇮🇳 34.14.214.227

🇺🇸 20.84.144.113

🇬🇧 195.206.182.217

🇮🇳 160.187.54.143

🇺🇸 159.223.134.116

🇨🇳 112.86.225.105

🇺🇸 107.173.85.253

🇮🇳 103.161.93.53