JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.30.237

65.111.30.237 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.30.237

Whois 65.111.30.237

IP Abuse Reports for 65.111.30.237:

This IP address has been reported a total of 22 times from 7 distinct sources. 65.111.30.237 was first reported on June 26th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-02-20 05:45:35 (3 months ago)	Failed Wordpress login	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:48:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:48:36.130939 2025] [security2:error] [pid 2757901:tid 2757901] [client 65.111.30.237:13363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.ipostsocialmedia.com"] [uri "/.git/HEAD"] [unique_id "aSbbBCLJymatyXOlZ8cX5AAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:42:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:42:25.171291 2025] [security2:error] [pid 14975:tid 14975] [client 65.111.30.237:26243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.antoniocobo.net"] [uri "/.svn/wc.db"] [unique_id "aSa9cc3jkm5OUdbjueg0IwAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:43:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:42:58.040511 2025] [security2:error] [pid 21896:tid 21896] [client 65.111.30.237:37687] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jmarkcapital.com"] [uri "/.env"] [unique_id "aSZNEiXXswQ4dk1QbgNw3gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:07:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:07:03.482793 2025] [security2:error] [pid 21350:tid 21350] [client 65.111.30.237:38899] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.aufflammen.com"] [uri "/.git/HEAD"] [unique_id "aSZEp3wgKyPynf7Nhed0JgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:25:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:25:45.107043 2025] [security2:error] [pid 243844:tid 243889] [client 65.111.30.237:38421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.jtjservices.com"] [uri "/.env"] [unique_id "aSQkmTXOrmUtG4L3PF5RygAAAM8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:39:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:39:44.436349 2025] [security2:error] [pid 32678:tid 32678] [client 65.111.30.237:42565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.shiner.org"] [uri "/.git/HEAD"] [unique_id "aSP9sGJty5eAhNfFWOdxVAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 00:28:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 19:28:45.302125 2025] [security2:error] [pid 8184:tid 8184] [client 65.111.30.237:11649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.solmedsolicitors.com"] [uri "/.svn/wc.db"] [unique_id "aSOmvRNCWsCcOo3xZlpn4wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 05:51:17 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 00:51:10.040685 2025] [security2:error] [pid 7109:tid 7109] [client 65.111.30.237:27225] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.n4ocw.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.n4ocw.com"] [uri "/s3cmd.ini"] [unique_id "aRVxzi9exx4uc2qlTl8nLQAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-09 21:45:25 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 09 16:45:19.536806 2025] [security2:error] [pid 15847:tid 15900] [client 65.111.30.237:52969] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.heworeblack.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aRELb3ucS_q4a-Jf1o0qlwAAAZM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2025-10-18 12:31:47 (7 months ago)	MYH: Web Attack POST /wp-login.php	Web Spam Hacking Bad Web Bot Web App Attack
🇫🇮 bittiguru.fi	2025-10-05 03:31:14 (8 months ago)	Brute Force	Brute-Force SSH
🇮🇹 Rosh	2025-09-29 03:39:10 (8 months ago)	[09/29/25 05:39:10] SSH: illegal login attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-04-08 08:38:06 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 65.111.30.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 08 04:38:00.047581 2025] [security2:error] [pid 1098313:tid 1098313] [client 65.111.30.237:27555] [client 65.111.30.237] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|myuscpa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "myuscpa.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_TgaHo7LA8lHXcucORqcgAAAAI"], referer: https://myuscpa.com show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 lp	2024-11-25 10:35:19 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 65.111.30.237 2024-11-25T10:57:39+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 65.111.30.237 2024-11-25T10:57:39+01:00 vpn Access-Reject 'bnikp02' station: 65.111.30.237 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 200.68.173.159

🇰🇷 59.24.28.114

🇬🇧 35.203.211.107

🇬🇧 35.203.210.135

🇳🇱 5.255.104.83

🇺🇸 3.134.216.108

🇩🇪 185.242.3.173

🇩🇪 167.94.146.62

🇨🇳 139.170.72.5

🇮🇳 128.185.253.98

🇺🇸 66.132.186.194

🇺🇸 20.65.193.233

🇰🇷 14.206.12.13

🇨🇳 8.138.163.188

🇨🇳 218.106.33.54

🇧🇷 186.195.238.0

🇺🇸 184.105.247.244

🇳🇱 176.65.139.58

🇯🇵 168.138.46.207

🇯🇵 154.12.186.149