JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.31.213

65.111.31.213 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.31.213

Whois 65.111.31.213

IP Abuse Reports for 65.111.31.213:

This IP address has been reported a total of 30 times from 15 distinct sources. 65.111.31.213 was first reported on July 9th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 05:07:16 (4 days ago)	Web App Attack	Web App Attack
🇩🇪 paissangroup	2026-04-18 09:49:43 (2 months ago)	Multiple WAF Violations	Web App Attack
Anonymous	2025-12-30 01:38:26 (5 months ago)	2025-12-30T03:38:26.306035+02:00 zanati wp(www.sahpa.co.za)[593708]: Blocked authentication attempt ... show more 2025-12-30T03:38:26.306035+02:00 zanati wp(www.sahpa.co.za)[593708]: Blocked authentication attempt for [email protected] from 65.111.31.213 ... show less	Web App Attack
🇺🇸 oncord	2025-12-26 18:50:17 (6 months ago)	Form spam	Web Spam
🇺🇸 nowyouknow	2025-12-23 13:40:42 (6 months ago)	(From [email protected]) Hi, it’s Jayrn. If your site already uses — or is preparing to u ... show more (From [email protected]) Hi, it’s Jayrn. If your site already uses — or is preparing to use — affiliate links, this will be relevant. One issue I see constantly is that monetization is treated as something you “add later,” instead of something that’s designed into the site from the beginning. That usually leads to: random placement of links unclear visitor intent unpredictable income It works, but never consistently. I put together a short explanation of why this happens and what changes once monetization is structured properly: https://marketersmentor.com/recurring-income-system.php?refer=adelphiachiropracticcenter.net You’ll know quickly whether this applies to your situation. Jayrn PS: And one quick note so you’re not wondering why you’re hearing from me: I only reach out to website owners because they’re the ones actively building something online. I’m not blasting random emails. I’m simply sharing a resource that has been helping a lot of people create predict show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2025-11-26 08:50:53 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:50:48.983824 2025] [security2:error] [pid 8471:tid 8471] [client 65.111.31.213:17187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.barigby.com"] [uri "/.env"] [unique_id "aSa_aM7lfNd3G0Z-ltbsDgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:05:16 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:05:11.603662 2025] [security2:error] [pid 30992:tid 31072] [client 65.111.31.213:22451] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.windowtailors.com"] [uri "/.git/HEAD"] [unique_id "aSVVJwiHdlTmqu0bsgsuqAAAAIY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:02:11 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:02:04.509404 2025] [security2:error] [pid 8188:tid 8188] [client 65.111.31.213:9977] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.iktonline.org"] [uri "/.env"] [unique_id "aSVGXIRHabMFUM7I5rgesgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:44:26 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:44:20.929053 2025] [security2:error] [pid 32508:tid 32508] [client 65.111.31.213:25221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.tigerpathteam.org"] [uri "/.svn/wc.db"] [unique_id "aSVCNDCldgdIsJ0KgG-zJgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:15:16 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:15:07.918143 2025] [security2:error] [pid 19911:tid 19911] [client 65.111.31.213:48709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.artocratic.com"] [uri "/.env"] [unique_id "aSU7WxjaEJT4nUUbnbmnMAAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:28:21 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:28:14.880511 2025] [security2:error] [pid 20775:tid 20775] [client 65.111.31.213:37839] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.4115thewestford.com"] [uri "/.svn/wc.db"] [unique_id "aSUwXrGuLeVMY5Tyhbf1qwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:39:02 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:38:59.509115 2025] [security2:error] [pid 24131:tid 24131] [client 65.111.31.213:39989] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.gmacguffin.com"] [uri "/.git/HEAD"] [unique_id "aSUk09O4v6qgLsinVAjOpAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:55:18 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:55:06.232391 2025] [security2:error] [pid 1647076:tid 1647095] [client 65.111.31.213:32285] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "certifiedpoliticalscientist.com.aafm.us"] [uri "/.git/HEAD"] [unique_id "aSUMeuH4DuV7HFq4iAkA9AAAAQ8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:05:07 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:04:58.870349 2025] [security2:error] [pid 5529:tid 5529] [client 65.111.31.213:44785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.dianamead.com"] [uri "/.env"] [unique_id "aSUAupuxg7bQqTBxlIk_OQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:49:38 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.31.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:49:32.715234 2025] [security2:error] [pid 12248:tid 12248] [client 65.111.31.213:60715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.jonvaltmusic.com"] [uri "/.svn/wc.db"] [unique_id "aSQqLE7Hrqx1n5JCmB2v7wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 2a01:4f8:c015:5dc3::1

🇺🇸 198.46.137.97

🇧🇷 187.111.158.228

🇸🇬 162.158.108.24

🇫🇮 147.185.133.193

🇸🇬 104.233.38.208

🇩🇪 92.208.104.210

🇸🇪 81.25.159.170

🇺🇸 64.62.156.142

🇮🇱 46.210.106.153

🇧🇷 45.205.1.80

🇳🇱 45.148.10.152

🇹🇼 198.235.24.67

🇺🇸 192.178.115.218

🇺🇸 162.216.149.25

🇫🇮 147.185.133.135

🇺🇸 91.230.168.115

🇩🇪 64.89.163.196

🇹🇿 41.59.200.166

🇨🇳 36.138.44.211