JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.23.217

65.111.23.217 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.23.217

Whois 65.111.23.217

IP Abuse Reports for 65.111.23.217:

This IP address has been reported a total of 18 times from 8 distinct sources. 65.111.23.217 was first reported on July 11th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-28 18:47:18 (1 week ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-03-05 08:27:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 03:27:01.254377 2026] [security2:error] [pid 5953:tid 6045] [client 65.111.23.217:32225] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.howardhallis.com"] [uri "/.git/objects/17/735d713b778d0caed5e453f3f8e88ab7aa4baf"] [unique_id "aak-Ve9_LUubsM0EwzySewAAAdU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:50 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (5 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇺🇸 TPI-Abuse	2025-11-26 05:57:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:57:41.345133 2025] [security2:error] [pid 24567:tid 24567] [client 65.111.23.217:39883] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.questiondezyn.com"] [uri "/.env"] [unique_id "aSaW1c6xvLgKbou--sqbAQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:18:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:18:42.101418 2025] [security2:error] [pid 1771:tid 1771] [client 65.111.23.217:33959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.openmolecules.org"] [uri "/.git/HEAD"] [unique_id "aSZVckL9gBP9pjxNo1jWRwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:29:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:29:30.440844 2025] [security2:error] [pid 2156286:tid 2156286] [client 65.111.23.217:29503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.central-wi-coal-sales.hemihauling.com"] [uri "/.git/HEAD"] [unique_id "aSZJ6h0c2PitPDqpaGBa7AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:31:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:31:10.200216 2025] [security2:error] [pid 18522:tid 18522] [client 65.111.23.217:20289] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.islanublarproperties.com"] [uri "/.git/HEAD"] [unique_id "aSQXzmrp-xxtP-57w6OhWwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:03:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:03:05.070498 2025] [security2:error] [pid 12103:tid 12141] [client 65.111.23.217:30857] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tahart1.plumeraproductions.com"] [uri "/.svn/wc.db"] [unique_id "aSQDKed3pxroRSWDTtpeBQAAAMg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:43:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:43:40.098106 2025] [security2:error] [pid 27699:tid 27699] [client 65.111.23.217:48189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.ink2wear.com"] [uri "/.git/HEAD"] [unique_id "aSP-nIM_SqBrFniQxmK0rQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:26:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:26:46.525072 2025] [security2:error] [pid 15360:tid 15360] [client 65.111.23.217:44265] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.aroilcontrolsystem.com"] [uri "/.svn/wc.db"] [unique_id "aSP6pqCbtgiweHfL0hIa3QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 00:46:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 19:46:42.113454 2025] [security2:error] [pid 12506:tid 12506] [client 65.111.23.217:50949] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.americaismyhome.com"] [uri "/.svn/wc.db"] [unique_id "aSOq8kt4YrhTeWhkWtiHZwAAAGM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-16 09:16:19 (7 months ago)	WordPress Brute Force	Brute-Force
🇦🇺 oncord	2025-10-09 01:50:39 (7 months ago)	Form spam	Web Spam

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 20.64.106.117

🇺🇸 198.98.62.211

🇻🇪 190.97.236.222

🇫🇷 94.176.161.167

🇱🇺 64.89.160.167

🇺🇸 2620:171:fd:f0::236

🇴🇲 206.167.33.157

🇧🇪 198.235.24.205

🇺🇸 173.255.242.196

🇨🇳 115.190.171.196

🇨🇳 111.39.206.23

🇳🇱 88.151.33.24

🇬🇧 81.19.219.224

🇷🇺 46.188.119.26

🇺🇸 2603:3026:20b:7500:7dab:2a7c:f5d4:6319

🇨🇳 222.176.201.45

🇺🇸 172.202.118.72

🇨🇳 115.195.215.222

🇳🇱 85.121.127.24

🇳🇱 85.11.167.30