JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.30.151

65.111.30.151 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.30.151

Whois 65.111.30.151

IP Abuse Reports for 65.111.30.151:

This IP address has been reported a total of 15 times from 9 distinct sources. 65.111.30.151 was first reported on July 8th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-05-23 05:12:06 (2 weeks ago)		Bad Web Bot
🇮🇹 LTM	2026-05-11 06:20:01 (3 weeks ago)	DNS - Multiple recursive query request denied	DNS Poisoning Hacking
🇬🇧 PeravixGroup	2026-05-06 19:10:00 (4 weeks ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:10 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (5 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇺🇸 TPI-Abuse	2025-11-28 16:51:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.151 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 11:51:15.774236 2025] [security2:error] [pid 6453:tid 6453] [client 65.111.30.151:44193] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "10bestrestaurants.com"] [uri "/wp-config.txt"] [unique_id "aSnTA275c8xad1DBxvW9uwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 07:04:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.151 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 02:04:21.855546 2025] [security2:error] [pid 27705:tid 27705] [client 65.111.30.151:59673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "954glass.com"] [uri "/wp-config.php.bak"] [unique_id "aSlJdXnmNNYh-50zTbhvRgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 16:22:55 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:01:25	Port Scan Brute-Force Exploited Host Web App Attack
🇫🇷 applemooz	2025-11-01 12:17:49 (7 months ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-10-07 16:52:17 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 65.111.30.151 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 65.111.30.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 07 12:52:12.302477 2025] [security2:error] [pid 13098:tid 13098] [client 65.111.30.151:37749] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|donnysimonton.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "donnysimonton.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aOVFPOZPIuMjTpWs_ALwxQAAABA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-02-01 17:00:15 (1 year ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
Anonymous	2024-10-18 09:44:23 (1 year ago)	Automatic report - Vulnerability scan /RDWeb/Pages/en-US/login.aspx	Web App Attack
Anonymous	2024-07-13 00:02:11 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-07-10 00:45:26 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-07-08 09:23:24 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 172.98.168.253

🇺🇸 71.6.199.87

🇺🇸 47.253.205.161

🇨🇳 203.56.198.45

🇧🇪 198.235.24.255

🇬🇧 193.176.29.27

🇬🇧 193.176.29.22

🇨🇳 182.42.93.139

🇩🇪 167.94.146.48

🇫🇮 147.185.133.192

🇫🇮 147.185.133.165

🇨🇳 117.146.110.78

🇷🇴 80.94.92.182

🇺🇸 47.42.131.93

🇳🇱 45.148.10.183

🇬🇧 35.203.210.75

🇬🇧 31.14.254.115

🇨🇳 27.153.157.138

🇩🇪 213.209.159.236

🇩🇪 213.209.159.231