JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.23.2

65.111.23.2 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.23.2

Whois 65.111.23.2

IP Abuse Reports for 65.111.23.2:

This IP address has been reported a total of 35 times from 19 distinct sources. 65.111.23.2 was first reported on July 3rd 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-05-15 00:36:52 (1 month ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 65.111.23.2 (GB/United Kingdom/-): 1 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 65.111.23.2 (GB/United Kingdom/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇧🇬 pa4080	2026-05-14 20:28:57 (1 month ago)	Detected by ModSecurity. Request URI: /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-setti ... show more Detected by ModSecurity. Request URI: /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings show less	Web App Attack
🇳🇱 cybertailor	2026-05-11 18:58:59 (1 month ago)	65.111.23.2 - - [11/May/2026:23:58:54 +0500] "GET /wp-json/gravitysmtp/v1/tests/mock-data?page=gravi ... show more 65.111.23.2 - - [11/May/2026:23:58:54 +0500] "GET /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings HTTP/1.1" 404 1982 "-" "curl/8.7.1" 65.111.23.2 - - [11/May/2026:23:58:55 +0500] "GET /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings HTTP/1.1" 404 1979 "-" "curl/8.7.1" 65.111.23.2 - - [11/May/2026:23:58:55 +0500] "GET /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings HTTP/1.1" 404 1978 "-" "curl/8.7.1" 65.111.23.2 - - [11/May/2026:23:58:56 +0500] "GET /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings HTTP/1.1" 404 1980 "-" "curl/8.7.1" 65.111.23.2 - - [11/May/2026:23:58:56 +0500] "GET /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings HTTP/1.1" 404 1980 "-" "curl/8.7.1" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 05:19:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 00:19:07.738727 2026] [security2:error] [pid 5134:tid 5134] [client 65.111.23.2:45249] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artisticheadstones.com"] [uri "/config/.env"] [unique_id "aY1iywjJV44YNSvAxfLTsAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2026-02-11 04:53:07 (4 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /dev/.git/config (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 23:00:40 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-30 19:32:36 (5 months ago)	WP Login Scan Activities	Web App Attack
🇨🇦 SSH-Admin	2025-12-27 22:05:38 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-23 15:15:32 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-11-30 00:46:14 (6 months ago)	WP Login Scan Activities	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 12:27:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 07:27:19.411385 2025] [security2:error] [pid 14367:tid 14367] [client 65.111.23.2:11815] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.customprintedweddingnapkins.com"] [uri "/.env"] [unique_id "aSbyJ6eCiA-M2mQ4sEaUxgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:55:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:55:12.493806 2025] [security2:error] [pid 20781:tid 20781] [client 65.111.23.2:10537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.idledog.com"] [uri "/.svn/wc.db"] [unique_id "aSbOgAU_G_Q-qsDpt5wCNgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:53:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:53:45.314461 2025] [security2:error] [pid 16824:tid 16859] [client 65.111.23.2:13773] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.cargosanibel.com"] [uri "/.svn/wc.db"] [unique_id "aSayCc97VZ-sS76jFmx-XwAAAEM"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-26 06:05:33 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.110.147.58

🇬🇧 213.166.84.59

🇬🇧 193.163.125.218

🇩🇪 193.46.232.244

🇮🇳 139.59.6.237

🇨🇳 118.196.30.45

🇰🇷 111.171.125.94

🇮🇳 103.175.18.134

🇹🇼 101.13.4.124

🇨🇳 82.156.141.83

🇸🇬 43.156.109.78

🇬🇧 2a06:4880::14

🇺🇸 135.237.127.225

🇻🇳 103.1.210.25

🇭🇰 101.36.124.127

🇹🇼 101.13.5.195

🇫🇷 91.231.89.231

🇮🇷 89.41.245.249

🇱🇹 45.227.254.170

🇫🇷 2001:41d0:33d:9200::40f