JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.24.23

65.111.24.23 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.24.23

Whois 65.111.24.23

IP Abuse Reports for 65.111.24.23:

This IP address has been reported a total of 28 times from 13 distinct sources. 65.111.24.23 was first reported on June 27th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-05 17:05:42 (2 days ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 mnsf	2026-06-01 13:08:03 (6 days ago)	Scanning/Probing (34)	Brute-Force Web App Attack
🇨🇳 ThreatBook.io	2026-05-10 22:40:38 (4 weeks ago)	ThreatBook Intelligence: Scanner,Gateway more details on https://threatbook.io/ip/65.111.24.23 2026- ... show more ThreatBook Intelligence: Scanner,Gateway more details on https://threatbook.io/ip/65.111.24.23 2026-05-10 17:46:54 /api/swagger.json 2026-05-10 17:46:51 /v2/api-docs 2026-05-10 17:46:52 /swagger/v1/swagger.json 2026-05-10 17:46:54 /v3/api-docs 2026-05-10 17:46:51 /prod-api/v2/api-docs 2026-05-10 17:46:53 /swagger/docs/v1 show less	Web App Attack
🇩🇪 Lino Project	2026-05-06 02:08:35 (1 month ago)	65.111.24.23 - - [06/May/2026:04:08:34 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6488 "https: ... show more 65.111.24.23 - - [06/May/2026:04:08:34 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6488 "https://www.primobio.it/mio-account/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-22 00:33:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.24.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.24.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 21 19:32:53.815460 2026] [security2:error] [pid 24524:tid 24524] [client 65.111.24.23:9507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "10besthotels.com"] [uri "/.git/config"] [unique_id "aZpOtW2Mdp6SSjsy9SqRvAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 nzhost.co.nz	2026-02-19 13:01:23 (3 months ago)	$f2bV_matches	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-02-18 02:20:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.24.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.24.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 21:20:44.864067 2026] [security2:error] [pid 30615:tid 30615] [client 65.111.24.23:54429] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "renardpoche.com"] [uri "/app/.env"] [unique_id "aZUh_JqpHeTRQ3mkOAOUSAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 nzhost.co.nz	2026-02-15 12:25:45 (3 months ago)	$f2bV_matches	Hacking Brute-Force
🇺🇸 myagent.site	2026-02-15 12:13:57 (3 months ago)	Blocking for trying to access an exploit file: /dev/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-15 12:05:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.24.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.24.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:05:35.005531 2026] [security2:error] [pid 19790:tid 19846] [client 65.111.24.23:37531] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tigerresource.com"] [uri "/app/.git/config"] [unique_id "aZG2j6ueBSr7dToNCHWTwwAAANc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 12:05:19 (3 months ago)	Too many Status 40X (12) Scanning/Probing (16)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:30:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.24.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.24.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:30:20.493325 2026] [security2:error] [pid 16493:tid 16493] [client 65.111.24.23:23501] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spiralingmedia.com"] [uri "/admin/.env"] [unique_id "aZEvvJidn6LRvRH3ldnUrgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Paulus Leunufna	2026-02-15 00:52:31 (3 months ago)	Fail2Ban auto-ban: Security Violation detected. Jail: ghost-protocol, Attempts: 1. Server: LumaChat ... show more Fail2Ban auto-ban: Security Violation detected. Jail: ghost-protocol, Attempts: 1. Server: LumaChat (lumachat.xyz) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-02-15 00:50:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.24.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.24.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:49:58.246904 2026] [security2:error] [pid 29424:tid 29424] [client 65.111.24.23:56973] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrbss.com"] [uri "/app/.env"] [unique_id "aZEYNu_GsavysbpZA8OB7AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-15 00:23:48 (3 months ago)	Blocking for trying to access an exploit file: /.env.staging	Hacking

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 81.30.98.49

🇩🇪 213.209.159.231

🇩🇪 167.94.145.30

🇺🇸 153.66.28.132

🇺🇸 136.107.129.133

🇰🇷 112.216.108.62

🇮🇩 103.154.231.122

🇨🇦 85.217.149.74

🇱🇹 45.227.254.170

🇯🇵 34.97.171.45

🇷🇴 2.57.121.112

🇮🇳 2a02:4780:11:2302:0:2c87:6a01:1

🇳🇱 192.42.116.102

🇩🇪 116.203.138.135

🇷🇺 95.108.213.237

🇫🇷 92.113.30.179

🇱🇹 81.30.98.158

🇸🇬 47.84.134.210

🇮🇳 47.15.222.205

🇫🇷 45.94.209.196