JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.25.84

65.111.25.84 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 14%: ?

14%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.25.84

Whois 65.111.25.84

IP Abuse Reports for 65.111.25.84:

This IP address has been reported a total of 34 times from 15 distinct sources. 65.111.25.84 was first reported on June 27th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-21 21:59:55 (2 weeks ago)	Auto-ban: >3000 req/min op 2026-05-21	Web App Attack SSH Hacking
🇳🇱 oisecnet	2026-05-03 21:02:35 (1 month ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-05-03. 1 requests from this I ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-05-03. 1 requests from this IP. show less	Brute-Force Web App Attack SSH
🇺🇸 xserverx.ru	2026-04-27 10:52:51 (1 month ago)	Honeypot triggered: IP: 65.111.25.84 Request to: https://xserverx.ru//static.cloudflareinsights.com/ ... show more Honeypot triggered: IP: 65.111.25.84 Request to: https://xserverx.ru//static.cloudflareinsights.com/beacon.min.js Method: GET Host: xserverx.ru User-Agent: Mozilla/5.0 (SymbianOS/9.2; U; Series60/3.1 NokiaE90-1/07.24.0.3; Profile/MIDP-2.0 Configuration/CLDC-1.1 ) AppleWebKit/413 (KHTML, like Gecko) Safari/413 UP.Link/6.2.3.18.0 Referer: Direct Country: DE ASN: Unknown Triggered rules: /beacon\.min\.js Timestamp: 2026-04-27T10:52:51.217Z show less	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:14:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:14:32.759395 2026] [security2:error] [pid 4387:tid 4387] [client 65.111.25.84:52639] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pappakotis.net"] [uri "/admin/.git/config"] [unique_id "aZG4qNWYBTqEy7G0qJhYcwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:27:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:27:38.845564 2026] [security2:error] [pid 18449:tid 18449] [client 65.111.25.84:64277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oxygenfarm.com"] [uri "/.env.staging"] [unique_id "aZGtqmlteaN85C-kNMLTigAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 10:52:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 05:52:52.143526 2026] [security2:error] [pid 24623:tid 24623] [client 65.111.25.84:61477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oruguitas.org"] [uri "/admin/.git/config"] [unique_id "aZGlhARfuZhk_XjwXkBx9QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 06:45:32 (3 months ago)	Try to access /app/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:59:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:59:00.224644 2026] [security2:error] [pid 28814:tid 28814] [client 65.111.25.84:55377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "schlegelcreative.com"] [uri "/backup/.git/config"] [unique_id "aZFgpC1bAViNu3jN9wvTvAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:39:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:39:42.991094 2026] [security2:error] [pid 2971:tid 2971] [client 65.111.25.84:15607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scala-global.com"] [uri "/v2/.git/config"] [unique_id "aZFcHp3_IJApVH4lob3eBQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:17:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:17:45.064297 2026] [security2:error] [pid 28090:tid 28090] [client 65.111.25.84:39483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "primestatepainting.com"] [uri "/app/.git/config"] [unique_id "aZFW-UWM5UU3vUl36lDEvgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:31:37 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:31:30.696067 2026] [security2:error] [pid 1326089:tid 1326089] [client 65.111.25.84:29627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nutandboltguy.com"] [uri "/.env"] [unique_id "aZFMIp_vX996KVoHCdr-_QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:59:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:59:09.685506 2026] [security2:error] [pid 31310:tid 31310] [client 65.111.25.84:41027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "notepromd.com"] [uri "/backup/.git/config"] [unique_id "aZFEjThKk-IopUttuCme5AAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:54:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:54:20.034024 2026] [security2:error] [pid 2297:tid 2297] [client 65.111.25.84:32449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nihlabs.org"] [uri "/app/.env"] [unique_id "aZE1XEC3W7P5BGPaiJGltgAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:19:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:19:17.855115 2026] [security2:error] [pid 29752:tid 29752] [client 65.111.25.84:63947] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "platinumkissband.com"] [uri "/site/.git/config"] [unique_id "aZEtJcfcmJ6X42utRiFXOgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:34:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.25.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:34:17.359447 2026] [security2:error] [pid 23591:tid 23591] [client 65.111.25.84:36235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "needtoorder.us"] [uri "/app/.git/config"] [unique_id "aZEimXE3ANV8WfZSHIKQiwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 185.226.93.242

🇨🇳 115.151.72.155

🇸🇬 47.128.121.154

🇭🇰 43.154.138.234

🇨🇦 15.235.96.191

🇺🇸 5.181.219.63

🇨🇳 218.26.204.42

🇳🇱 195.178.110.30

🇱🇹 194.165.16.166

🇬🇧 188.240.59.36

🇧🇷 179.185.1.97

🇪🇨 177.53.215.134

🇺🇸 162.216.150.65

🇦🇺 158.178.141.16

🇺🇦 128.0.104.39

🇮🇷 84.47.205.84

🇭🇰 47.82.124.98

🇺🇸 23.23.137.202

🇰🇷 8.220.208.26

🇸🇬 8.219.149.201