JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.23.228

65.111.23.228 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.23.228

Whois 65.111.23.228

IP Abuse Reports for 65.111.23.228:

This IP address has been reported a total of 19 times from 10 distinct sources. 65.111.23.228 was first reported on October 12th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-08 06:42:33 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇫🇮 Shaik Sai Meera	2025-12-28 01:30:13 (5 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 jkhorvath.com	2025-12-27 20:24:37 (5 months ago)	Request for URL /.svn/wc.db	Phishing Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 16:58:11 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.228 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 11:58:05.793339 2025] [security2:error] [pid 7516:tid 7516] [client 65.111.23.228:33349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airdeluxemusic.com"] [uri "/.svn/wc.db"] [unique_id "aVAQHe_U2PAKwsDgpQAOIgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 16:30:07 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.228 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 11:30:04.555310 2025] [security2:error] [pid 31135:tid 31135] [client 65.111.23.228:57565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "804websolutions.com"] [uri "/.env"] [unique_id "aVAJjARU6JYuiL2SIHDQSwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 16:11:24 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.228 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 11:11:17.833881 2025] [security2:error] [pid 10074:tid 10074] [client 65.111.23.228:57921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yakski.com"] [uri "/.git/HEAD"] [unique_id "aVAFJb1LWYLmhw5SCSwQuQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-27 13:18:12 (5 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇮🇹 LTM	2025-12-26 07:20:02 (5 months ago)	WebServer - Attempts to exploit	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:00:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.228 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:00:19.020977 2025] [security2:error] [pid 17918:tid 17918] [client 65.111.23.228:30301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.partybusdaytonabeach.com"] [uri "/.svn/wc.db"] [unique_id "aSQCg-L6931NJGhDSyGHswAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:57:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.228 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:57:18.390162 2025] [security2:error] [pid 18191:tid 18222] [client 65.111.23.228:26011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.credit-protector.com"] [uri "/.svn/wc.db"] [unique_id "aSPzvvZQzvcLISeGO1EddAAAARM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-03 20:01:52 (8 months ago)	wordpress-trap	Web App Attack
🇺🇸 inspectorgdgt	2025-04-18 00:11:58 (1 year ago)	Failed login for non existing user sslvpn	DDoS Attack
🇺🇸 PulseServers	2024-11-09 03:28:47 (1 year ago)	Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com ... show more Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com - ISUS1 ... show less	DDoS Attack Exploited Host
🇺🇸 PulseServers	2024-11-08 00:46:12 (1 year ago)	Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com ... show more Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com - ISUS1 ... show less	DDoS Attack Exploited Host
🇺🇸 PulseServers	2024-11-04 05:02:44 (1 year ago)	Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com ... show more Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com - ISUS2 ... show less	DDoS Attack Exploited Host

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 188.240.59.11

🇭🇰 185.227.153.56

🇺🇸 165.154.173.169

🇮🇳 122.187.219.78

🇹🇼 110.25.109.54

🇧🇬 91.148.190.150

🇸🇪 83.233.149.204

🇺🇸 65.49.1.41

🇲🇾 49.124.142.130

🇪🇸 45.14.84.14

🇭🇰 43.161.246.189

🇨🇳 39.89.13.232

🇯🇵 20.190.166.133

🇩🇪 5.83.135.102

🇨🇳 202.111.35.234

🇭🇰 103.103.245.7

🇮🇷 89.42.209.10

🇳🇱 81.19.216.113

🇻🇳 45.117.179.232

🇩🇪 43.228.157.220