JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.31.21

65.111.31.21 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.31.21

Whois 65.111.31.21

IP Abuse Reports for 65.111.31.21:

This IP address has been reported a total of 43 times from 21 distinct sources. 65.111.31.21 was first reported on July 19th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-03-29 13:41:20 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.31.21 (FR/France/-): 1 in the last 3600 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.31.21 (FR/France/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇦🇺 oncord	2026-03-25 06:55:11 (2 months ago)	Form spam	Web Spam
🇫🇷 LRob.fr	2026-02-13 08:15:05 (4 months ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 mnsf	2026-02-13 08:06:04 (4 months ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:28:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.21 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:28:33.089608 2026] [security2:error] [pid 25451:tid 25451] [client 65.111.31.21:61115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kraftre.com"] [uri "/frontend/.env"] [unique_id "aY7EkbHBqoSRiB-1CKr9kwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-13 06:00:29 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 65.111.31.21 (FR/France/-): 1 in th ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 65.111.31.21 (FR/France/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:25:48 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.21 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:25:42.409891 2026] [security2:error] [pid 13628:tid 13628] [client 65.111.31.21:20213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "knoxvillelimos.com"] [uri "/api/.env"] [unique_id "aY611r1nLrHeVM8AQBSZnQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-13 05:01:47 (4 months ago)	Try to access /frontend/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:41:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.21 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:41:21.271712 2026] [security2:error] [pid 28669:tid 28674] [client 65.111.31.21:52677] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kiehnefamily.us"] [uri "/site/.git/config"] [unique_id "aY6dYQuLlZn08yv_kWc-GgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-13 02:28:38 (4 months ago)	Blocking for trying to access an exploit file: /.env.save	Hacking
🇺🇸 TPI-Abuse	2026-02-13 02:22:11 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.21 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:22:04.489729 2026] [security2:error] [pid 1148814:tid 1148814] [client 65.111.31.21:14559] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keithgill.com"] [uri "/app/.git/config"] [unique_id "aY6KzCOCpywA9jSy8l054gAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-13 01:13:42 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇬🇧 Axel	2026-02-13 01:04:05 (4 months ago)	Blocked by Fail2Ban. Flagged by jail plesk-modsecurity	Exploited Host
🇺🇸 TPI-Abuse	2026-02-12 19:48:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.21 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 14:48:05.268794 2026] [security2:error] [pid 31498:tid 31498] [client 65.111.31.21:47875] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "braleygroup.com"] [uri "/.env"] [unique_id "aY4udXT1w3JY1Et9nl7iiQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 18:06:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.21 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 13:06:11.508382 2026] [security2:error] [pid 1179541:tid 1179562] [client 65.111.31.21:20661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "echrony.com"] [uri "/.git/config"] [unique_id "aY4WkwvMeIDAwpaY0fuUxgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 124.67.120.106

🇰🇷 112.216.129.27

🇷🇴 80.94.92.182

🇺🇸 35.222.161.219

🇺🇸 8.228.11.18

🇮🇳 2409:40d0:2036:c89:c027:8721:ae2e:90c1

🇫🇷 194.113.235.89

🇳🇱 176.65.139.42

🇧🇷 172.69.39.60

🇺🇸 162.216.150.83

🇦🇺 134.199.175.178

🇷🇺 95.24.146.116

🇺🇸 66.132.172.227

🇳🇱 45.148.10.147

🇮🇳 34.14.214.227

🇺🇸 192.92.97.181

🇺🇸 152.32.182.165

🇺🇸 142.111.245.46

🇨🇦 134.122.45.68

🇨🇳 120.233.73.156