JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.23.116

65.111.23.116 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.23.116

Whois 65.111.23.116

IP Abuse Reports for 65.111.23.116:

This IP address has been reported a total of 19 times from 10 distinct sources. 65.111.23.116 was first reported on June 28th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-06-01 09:33:37 (6 days ago)	2.185 requests with url.path //xmlrpc.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-13 12:34:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 07:33:57.062050 2026] [security2:error] [pid 3555411:tid 3555472] [client 65.111.23.116:54725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bluetigertees.com"] [uri "/.svn/wc.db"] [unique_id "aWY7tcDTJSHkNbhpvW4qZAAAAU4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-01-13 11:55:24 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-11-26 10:42:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:42:47.350356 2025] [security2:error] [pid 17267:tid 17267] [client 65.111.23.116:60459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.southfloridachoppers.com"] [uri "/.env"] [unique_id "aSbZp_XQ-kVjxQDmoezFcwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:09:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:09:31.222901 2025] [security2:error] [pid 2508:tid 2508] [client 65.111.23.116:58563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.alessiaalessandra.com"] [uri "/.svn/wc.db"] [unique_id "aSanq6h5s7mtQDTlSgMKYgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:32:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:32:37.149415 2025] [security2:error] [pid 538:tid 538] [client 65.111.23.116:23313] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.garrelsms.com"] [uri "/.svn/wc.db"] [unique_id "aSaQ9ZVSv6ze6Fww_o0TFwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:09:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:09:51.921597 2025] [security2:error] [pid 2349:tid 2349] [client 65.111.23.116:58997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.strawusa.com"] [uri "/.env"] [unique_id "aSZTX_2mDfbytij6cp64AwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2025-11-24 11:11:33 (6 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-24 07:31:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:31:31.404937 2025] [security2:error] [pid 1440:tid 1440] [client 65.111.23.116:9091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "astrology7.com"] [uri "/.git/HEAD"] [unique_id "aSQJ03NSq3gUCPDERl0XBwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:12:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:12:33.598052 2025] [security2:error] [pid 13941:tid 13980] [client 65.111.23.116:19815] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.metaphysicalinstitute.com.aafm.us"] [uri "/.git/HEAD"] [unique_id "aSQFYfSSVFm8noxFLWxWTgAAAUI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:29:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:29:04.372762 2025] [security2:error] [pid 3404982:tid 3404982] [client 65.111.23.116:43723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.readyaiminspire.com"] [uri "/.env"] [unique_id "aSP7MBXkY6q2MnCGZTZgVwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 lp	2025-11-13 20:50:27 (6 months ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 65.111.23.116 2025-11-13T21:44:52+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 65.111.23.116 2025-11-13T21:44:52+01:00 vpn Access-Reject 'sotv02' station: 65.111.23.116 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-11-08 07:13:48 (6 months ago)	WP Login Scan Activities	Web App Attack
🇨🇿 lp	2025-10-27 01:21:28 (7 months ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 65.111.23.116 2025-10-27T01:31:24+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 65.111.23.116 2025-10-27T01:31:24+01:00 vpn Access-Reject 'sotv02' station: 65.111.23.116 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇩🇪 Admins@FBN	2025-01-15 18:15:18 (1 year ago)	VPN Logon Failed: AAA user authentication Rejected user = <Admin>	Brute-Force Exploited Host

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇹 196.188.187.85

🇵🇭 131.226.111.190

🇮🇳 103.195.81.146

🇮🇩 210.210.155.71

🇺🇸 157.245.118.253

🇨🇳 110.177.182.120

🇿🇦 105.245.60.49

🇳🇱 45.156.87.13

🇶🇦 37.210.119.245

🇮🇩 36.82.45.61

🇩🇪 213.209.159.241

🇯🇵 207.56.229.243

🇨🇦 178.93.201.138

🇨🇳 112.31.93.229

🇳🇱 91.92.42.158

🇺🇸 64.62.197.79

🇫🇷 62.210.209.225

🇹🇼 58.115.51.246

🇸🇬 8.219.222.66

🇵🇰 223.123.72.104