JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.30.47

65.111.30.47 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.30.47

Whois 65.111.30.47

IP Abuse Reports for 65.111.30.47:

This IP address has been reported a total of 25 times from 16 distinct sources. 65.111.30.47 was first reported on June 26th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-04 19:08:43 (5 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇲🇹 Malta	2026-05-20 03:46:16 (3 weeks ago)	65.111.30.47 - - [20/May/2026:05:46:16 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux ... show more 65.111.30.47 - - [20/May/2026:05:46:16 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" show less	Hacking Web App Attack VPN IP
🇬🇧 PeravixGroup	2026-05-06 19:11:49 (1 month ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇫🇷 masterguru	2026-03-28 10:24:28 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.30.47 (FR/France/-): 1 in the last 3600 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.30.47 (FR/France/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇺🇸 TPI-Abuse	2025-11-26 00:43:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.47 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:43:05.360131 2025] [security2:error] [pid 10712:tid 10712] [client 65.111.30.47:12737] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.arcdesign.me"] [uri "/.git/HEAD"] [unique_id "aSZNGb2RqqTnLph6FDCvigAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 flws	2025-11-25 05:52:11 (6 months ago)	Using APIs to sign up a huge number of fake users	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:39:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.47 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:39:28.613395 2025] [security2:error] [pid 21893:tid 21893] [client 65.111.30.47:58355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.timezonespro.com"] [uri "/.git/HEAD"] [unique_id "aSQn0EpdCybTCz_v9haQwwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:10:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.47 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:10:41.725703 2025] [security2:error] [pid 15650:tid 15650] [client 65.111.30.47:35237] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.digitaltom.net"] [uri "/.svn/wc.db"] [unique_id "aSQTAR7oTsmjJYxP-6sQJgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:48:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.47 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:48:37.326989 2025] [security2:error] [pid 7376:tid 7376] [client 65.111.30.47:46385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.ianmagarzo.com"] [uri "/.svn/wc.db"] [unique_id "aSP_xcH2v0rsm5Eon1_hVAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 applemooz	2025-11-01 12:18:33 (7 months ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇩🇪 Marc	2025-10-29 18:06:43 (7 months ago)		Brute-Force Web App Attack
🇦🇺 AWW-Admin	2025-10-29 13:37:09 (7 months ago)	(wordpress) Failed wordpress login from 65.111.30.47 (FR/France/-)	Brute-Force
Anonymous	2025-10-08 10:57:45 (8 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-10-07 20:37:02 (8 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-10-03 15:11:35 (8 months ago)	wordpress-trap	Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.42

🇵🇰 175.107.233.182

🇧🇼 168.167.228.74

🇻🇳 152.32.250.188

🇺🇸 107.167.34.125

🇨🇳 58.18.80.18

🇵🇱 57.128.200.130

🇮🇩 43.157.240.204

🇦🇺 34.129.24.118

🇨🇳 14.103.118.136

🇺🇸 13.86.117.6

🇷🇺 5.101.64.7

🇳🇱 5.83.143.123

🇺🇸 2607:f8b0:4004:1002::123

🇺🇸 172.185.24.228

🇮🇳 143.110.181.31

🇩🇪 95.91.234.74

🇷🇺 81.30.212.94

🇺🇸 66.132.186.228

🇮🇪 54.247.39.1