JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.30.71

65.111.30.71 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.30.71

Whois 65.111.30.71

IP Abuse Reports for 65.111.30.71:

This IP address has been reported a total of 14 times from 9 distinct sources. 65.111.30.71 was first reported on June 27th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-05-30 04:15:03 (6 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇨🇭 backslash	2026-05-23 05:12:08 (1 week ago)		Bad Web Bot
🇬🇧 PeravixGroup	2026-05-09 09:35:42 (3 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇧🇪 madeit	2025-11-30 04:30:12 (6 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 19:49:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.71 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 14:49:42.429023 2025] [security2:error] [pid 26723:tid 26723] [client 65.111.30.71:32927] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aandsmetal.com"] [uri "/.env.local"] [unique_id "aSn81nl6b2Rl0Sg5Ahgh8wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 05:11:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.30.71 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.30.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 00:11:43.202971 2025] [security2:error] [pid 14800:tid 14800] [client 65.111.30.71:37457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alsdepot.com"] [uri "/wp-config.txt"] [unique_id "aSkvD9QsB6INXO3xFKEJ6AAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-12-15 06:36:33 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 65.111.30.71 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 65.111.30.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 15 01:36:27.024625 2024] [security2:error] [pid 9259:tid 9259] [client 65.111.30.71:5311] [client 65.111.30.71] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|siczewicz.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "siczewicz.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z15460NSCxWWXhc17mYpTgAAAAg"], referer: https://siczewicz.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 Progetto1	2024-12-03 09:49:03 (1 year ago)	Mail - Multiple failed login attempts	Brute-Force Exploited Host
🇨🇿 lp	2024-10-03 17:25:01 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 65.111.30.71 2024-10-03T14:27:37+02:0 ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 65.111.30.71 2024-10-03T14:27:37+02:00 vpn Access-Reject 'pilo00' station: 65.111.30.71 auth-type: PAP realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
Anonymous	2024-07-09 07:16:28 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-07-08 00:29:53 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-07-03 04:54:51 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-06-27 00:03:05 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.244

🇮🇳 223.184.234.173

🇮🇶 212.237.122.232

🇵🇰 203.81.236.11

🇺🇿 188.113.251.38

🇨🇳 182.37.91.129

🇷🇺 176.125.125.115

🇰🇿 176.64.12.133

🇧🇩 161.248.118.29

🇨🇳 117.183.192.159

🇻🇳 113.183.83.139

🇨🇳 112.97.192.67

🇭🇰 103.229.125.106

🇨🇦 85.217.149.1

🇰🇿 67.209.128.44

🇺🇸 64.62.156.129

🇺🇸 64.62.156.127

🇺🇸 43.162.99.8

🇰🇿 37.150.142.38

🇺🇸 8.228.16.58