JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.23.75

65.111.23.75 was found in our database!

This IP was reported 64 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.23.75

Whois 65.111.23.75

IP Abuse Reports for 65.111.23.75:

This IP address has been reported a total of 64 times from 15 distinct sources. 65.111.23.75 was first reported on June 28th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-12 03:32:42 (3 weeks ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-02-13 08:19:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.75 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:19:15.855150 2026] [security2:error] [pid 1383:tid 1383] [client 65.111.23.75:45831] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lacasadeterra.com"] [uri "/wp/.git/config"] [unique_id "aY7egwUoIEvzgXE1xUYL6gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:42:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.75 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:42:00.255484 2026] [security2:error] [pid 14848:tid 14848] [client 65.111.23.75:41713] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kwijlen.com"] [uri "/config/.env"] [unique_id "aY7VyKHfKjuDYJxjBBidYAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:16:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.75 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:16:06.490748 2026] [security2:error] [pid 1290422:tid 1290422] [client 65.111.23.75:33681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinkycouple4u.com"] [uri "/frontend/.env"] [unique_id "aY6lhga2Vx1gEIbsy9KfTQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:07:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.23.75 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.23.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:06:55.015768 2026] [security2:error] [pid 12534:tid 12538] [client 65.111.23.75:48215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kd2lst.us"] [uri "/wp/.git/config"] [unique_id "aY6HPzxQLiSCEGPdqgheTwAAAMI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 22:59:59 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH
🇩🇪 fstap	2026-02-12 19:20:28 (3 months ago)	"GET /.git/config HTTP/2.0"	Bad Web Bot Web App Attack
🇩🇪 fstap	2026-02-12 19:20:28 (3 months ago)	"GET /.git/config HTTP/2.0"	Bad Web Bot Web App Attack
🇩🇪 fstap	2026-02-12 19:20:28 (3 months ago)	"GET /.git/config HTTP/2.0"	Bad Web Bot Web App Attack
🇩🇪 fstap	2026-02-12 19:20:28 (3 months ago)	"GET /.git/config HTTP/2.0"	Bad Web Bot Web App Attack
🇩🇪 fstap	2026-02-12 19:20:28 (3 months ago)	"GET /.git/config HTTP/2.0"	Bad Web Bot Web App Attack
🇩🇪 fstap	2026-02-12 19:20:28 (3 months ago)	"GET /.git/config HTTP/2.0"	Bad Web Bot Web App Attack
🇩🇪 fstap	2026-02-12 19:20:28 (3 months ago)	"GET /.git/config HTTP/2.0"	Bad Web Bot Web App Attack
🇩🇪 fstap	2026-02-12 19:20:28 (3 months ago)	"GET /.git/config HTTP/2.0"	Bad Web Bot Web App Attack
🇩🇪 fstap	2026-02-12 19:20:28 (3 months ago)	"GET /.git/config HTTP/2.0"	Bad Web Bot Web App Attack

Showing 1 to 15 of 64 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 45.156.129.92

🇮🇩 41.216.178.119

🇧🇪 35.205.176.164

🇺🇸 216.180.246.9

🇫🇷 173.249.15.130

🇺🇸 172.210.65.47

🇻🇳 160.250.133.162

🇫🇮 147.185.133.252

🇮🇳 103.251.143.14

🇩🇪 102.220.160.136

🇨🇳 81.68.179.56

🇺🇸 68.183.109.200

🇰🇷 59.21.37.60

🇳🇱 45.148.10.151

🇺🇸 40.124.175.233

🇨🇳 1.24.16.219

🇹🇼 220.132.63.164

🇦🇹 213.225.11.15

🇨🇳 101.249.60.200

🇩🇪 91.217.249.199