JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.30.120

65.111.30.120 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.30.120

Whois 65.111.30.120

IP Abuse Reports for 65.111.30.120:

This IP address has been reported a total of 16 times from 9 distinct sources. 65.111.30.120 was first reported on July 9th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-04-03 01:17:50 (2 months ago)	Excessive 404/403 errors	Brute-Force
🇳🇱 homeshowdomain.nl	2026-01-02 22:59:05 (5 months ago)	Auto-ban: >3000 req/min op 2026-01-02	Hacking Web App Attack SSH
Anonymous	2025-12-11 08:46:28 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (5 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇧🇪 madeit	2025-11-30 04:37:03 (6 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:16:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:16:03.038469 2025] [security2:error] [pid 20634:tid 20634] [client 65.111.30.120:38737] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.calsha.me"] [uri "/.git/HEAD"] [unique_id "aSbhc0rS2bfaeDbUwNgSEQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:28:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:28:32.639140 2025] [security2:error] [pid 16933:tid 16945] [client 65.111.30.120:52621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.alred.net"] [uri "/.svn/wc.db"] [unique_id "aSbWUG__nRv550N5ZrmV1gAAAUg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:01:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:01:51.946627 2025] [security2:error] [pid 26185:tid 26185] [client 65.111.30.120:19767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "proyectos.gabosoftware.com"] [uri "/.git/HEAD"] [unique_id "aSaXzzLJWZfp7vJPuVuG_gAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:09:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:09:16.623541 2025] [security2:error] [pid 1587:tid 1587] [client 65.111.30.120:51227] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nmposters.vabq.com"] [uri "/.git/HEAD"] [unique_id "aSaLfCHZBrHbQB64xBSLVAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:09:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:08:56.460847 2025] [security2:error] [pid 18903:tid 18903] [client 65.111.30.120:35161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.prodigypartners.com"] [uri "/.git/HEAD"] [unique_id "aSZTKIgbrQsaaSN9u7QQkwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:50:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:50:42.619889 2025] [security2:error] [pid 5674:tid 5674] [client 65.111.30.120:38409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magento.fritsknuf.com"] [uri "/.env"] [unique_id "aSPkIqLxcIBsx8K-59wcTgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 15:09:44 (6 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/14 09:06:49	Port Scan Brute-Force Exploited Host Web App Attack
🇮🇹 Rosh	2025-10-27 10:06:16 (7 months ago)	[10/27/25 11:06:16] SSH: authentication failure	Brute-Force SSH
🇳🇱 EGP Abuse Dept	2024-10-09 01:12:15 (1 year ago)	Unauthorized connection to RDP port 3389	Port Scan Hacking
Anonymous	2024-07-11 08:51:13 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 194.5.82.104

🇧🇷 186.194.88.180

🇫🇷 161.97.135.223

🇺🇸 70.175.141.116

🇺🇸 66.132.172.35

🇨🇳 58.47.107.119

🇻🇳 42.118.191.10

🇰🇷 1.234.27.159

🇺🇸 162.216.149.41

🇷🇴 86.124.34.93

🇲🇦 81.192.46.29

🇨🇦 51.161.65.133

🇳🇱 45.148.10.141

🇺🇸 209.85.160.195

🇭🇰 199.45.154.180

🇫🇮 178.20.210.152

🇺🇸 164.92.78.51

🇸🇬 152.42.221.98

🇮🇳 103.146.110.204

🇿🇦 102.129.52.89