JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.30.54

65.111.30.54 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.30.54

Whois 65.111.30.54

IP Abuse Reports for 65.111.30.54:

This IP address has been reported a total of 27 times from 8 distinct sources. 65.111.30.54 was first reported on June 27th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TRoden	2026-06-04 19:10:52 (1 day ago)	Geo Block Plugin: Escalation flag(s): rce_attempt	Hacking
🇺🇸 TPI-Abuse	2025-12-29 06:45:42 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:45:39.403605 2025] [security2:error] [pid 26130:tid 26130] [client 65.111.30.54:58959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "napaautopartskeokuk.com"] [uri "/.git/HEAD"] [unique_id "aVIjk2USLZ_3ZIOn9ptkfQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:44:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:44:31.977903 2025] [security2:error] [pid 12499:tid 12499] [client 65.111.30.54:23795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nerdwizards.toyz.net"] [uri "/.git/HEAD"] [unique_id "aSahz3RV2dHr3Nimn-rUswAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:26:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:26:44.949332 2025] [security2:error] [pid 30564:tid 30564] [client 65.111.30.54:42575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.e-ntourage.com"] [uri "/.git/HEAD"] [unique_id "aSaPlMRIfrENk6edkb812wAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:00:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:00:42.427152 2025] [security2:error] [pid 16482:tid 16482] [client 65.111.30.54:40861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.fatcavemedia.com"] [uri "/.git/HEAD"] [unique_id "aSZDKnh8sx7LinZlp7DlgwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:54:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:50:29.617245 2025] [security2:error] [pid 134161:tid 134184] [client 65.111.30.54:27627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.planillas.net"] [uri "/.env"] [unique_id "aSQORRfbvyHppNR9RqJ3QgAAAII"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:42:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:42:03.380231 2025] [security2:error] [pid 24368:tid 24368] [client 65.111.30.54:29239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.sawmat.com"] [uri "/.git/HEAD"] [unique_id "aSP-O2oFAHm0fugwh_YWUgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:26:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:26:44.658360 2025] [security2:error] [pid 6925:tid 6925] [client 65.111.30.54:11781] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.conversationtalentnetwork.com"] [uri "/.git/HEAD"] [unique_id "aSP6pCo5kc-VGxfhyA7iXQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 00:23:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 19:18:18.128845 2025] [security2:error] [pid 13367:tid 13367] [client 65.111.30.54:25581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.iliketoruntoo.com"] [uri "/.env"] [unique_id "aSOkSh5rqRkC2V-yFXSwyAAAADg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 20:58:26 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:21:09	Port Scan Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-10-25 03:27:25 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 24 23:27:20.573245 2025] [security2:error] [pid 29887:tid 29887] [client 65.111.30.54:17219] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|barriebrown.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "barriebrown.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aPxDmIDfTbGFotB1lTXMeAAAAAw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-25 02:20:11 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 24 22:20:07.302658 2025] [security2:error] [pid 3280:tid 3280] [client 65.111.30.54:48575] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jmgrigg.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jmgrigg.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aPwz17_jSLDCN9PabfnoHgAAACc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-25 01:57:19 (7 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇫🇮 [email protected]	2025-10-25 01:54:44 (7 months ago)	Attack attempt against Interwebbi servers; (WPNINJA) Ninja Firewall attack on exlibrisband.com (User ... show more Attack attempt against Interwebbi servers; (WPNINJA) Ninja Firewall attack on exlibrisband.com (User enumeration scan (WP REST API)) 65.111.30.54 (FR/France/-): 1 in the last 3600 secs (CF_ENABLE); IP: 65.111.30.54; Ports: *; Direction: 0; Trigger: LF_CUSTOMTRIGGER; show less	Web App Attack
🇺🇸 TPI-Abuse	2025-10-25 01:24:45 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 65.111.30.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 24 21:24:40.313852 2025] [security2:error] [pid 14425:tid 14425] [client 65.111.30.54:53547] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|pseudospace.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pseudospace.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aPwm2BsJM3nJx3Da6MnQBgAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.242.226.91

🇺🇸 147.185.132.30

🇩🇪 141.11.107.166

🇺🇸 137.184.228.138

🇰🇷 1.245.74.10

🇧🇷 187.72.128.177

🇷🇴 185.53.196.238

🇨🇳 120.231.227.199

🇿🇦 102.254.13.18

🇷🇺 80.78.245.233

🇺🇸 74.125.186.89

🇬🇧 35.203.210.157

🇹🇼 198.235.24.22

🇷🇺 195.239.47.189

🇫🇮 147.185.133.254

🇱🇹 81.30.98.142

🇧🇷 45.205.1.36

🇩🇪 213.209.159.158

🇧🇪 198.235.24.165

🇺🇸 162.216.149.241