JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.0.18

65.111.0.18 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.0.18

Whois 65.111.0.18

IP Abuse Reports for 65.111.0.18:

This IP address has been reported a total of 34 times from 14 distinct sources. 65.111.0.18 was first reported on July 9th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-18 03:49:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 22:49:31.347981 2026] [security2:error] [pid 16090:tid 16090] [client 65.111.0.18:24723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robertprowse.net"] [uri "/backend/.env"] [unique_id "aZU2y6LfU0Z69bdyUN6FMQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 02:24:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 21:23:54.396083 2026] [security2:error] [pid 27327:tid 27327] [client 65.111.0.18:10845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "reneehill.net"] [uri "/v2/.git/config"] [unique_id "aZUiusCoY1Y5tcfrEIGwegAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 02:04:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 21:04:22.814160 2026] [security2:error] [pid 19285:tid 19285] [client 65.111.0.18:36517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "register-yacht-gibraltar.com"] [uri "/.env"] [unique_id "aZUeJiH746_TIB70nPwcTQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 00:55:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 19:55:00.652371 2026] [security2:error] [pid 2935696:tid 2935696] [client 65.111.0.18:35883] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paxbrewing.com"] [uri "/.git/config"] [unique_id "aZUN5EjIXSP1kwyELdK5XwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:00:32 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:00:27.396235 2026] [security2:error] [pid 2506:tid 2506] [client 65.111.0.18:53205] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cemesur-vision21.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cemesur-vision21.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aY35Gz09tYY9JgGQ_3mgqQAAABI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:00:55 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇫🇮 Shaik Sai Meera	2025-11-25 17:30:08 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 03:04:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:04:10.435509 2025] [security2:error] [pid 15589:tid 15606] [client 65.111.0.18:21257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.inkandthreadllc.com"] [uri "/.git/HEAD"] [unique_id "aSUcqiIjVFKa_KFJ49hyywAAAMI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:47:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:47:38.175471 2025] [security2:error] [pid 4369:tid 4369] [client 65.111.0.18:36991] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.shofarmusic.com"] [uri "/.git/HEAD"] [unique_id "aSUYyhACUdTXFLUefjBPWAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:08:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:08:08.610752 2025] [security2:error] [pid 28483:tid 28483] [client 65.111.0.18:44829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.gnquivers.com"] [uri "/.git/HEAD"] [unique_id "aSUPiFvhu7KNncQP3v6UzQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:20:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:20:27.035021 2025] [security2:error] [pid 2705:tid 2705] [client 65.111.0.18:22637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.janefox.co.uk"] [uri "/.env"] [unique_id "aST2S1MPDOqUVS9ayFi1PQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oncord	2025-11-17 07:12:36 (6 months ago)	Form spam	Web Spam
🇺🇸 nowyouknow	2025-11-08 21:08:35 (6 months ago)	(From [email protected]) SOFTWARE: New AI Cloud-Tool Quietly Turns Simple Ideas Into Passive Royal ... show more (From [email protected]) SOFTWARE: New AI Cloud-Tool Quietly Turns Simple Ideas Into Passive Royalties.... ...No tech. No product. No audience. Just this one AI tool. https://www.novaai.expert/OhanashiGenAI to UNSUBSCRIBE: https://www.novaai.expert/unsubscribe?domain=georgiachiropractic.com Address: 209 West Street Comstock Park, MI 49321 show less	Phishing Web Spam
Anonymous	2025-11-02 20:51:11 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:37:11	Port Scan Brute-Force Exploited Host Web App Attack
🇺🇸 nowyouknow	2025-10-26 05:01:43 (7 months ago)	(From [email protected]) Working hard every day but still barely moving forward? It’s time to ... show more (From [email protected]) Working hard every day but still barely moving forward? It’s time to stop the endless grind. Discover how people are earning real money from trading — no office, no boss, no limits. One simple app could be your ticket to financial freedom: https://youtu.be/VmHYisHHOtU to UNSUBSCRIBE: https://casatemporada.site/unsubscribe?domain=cormier-chiropractic.com Address: 108 West Street Comstock Park, MI 48721 show less	Phishing Web Spam

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 185.91.127.85

🇺🇸 109.105.209.3

🇩🇪 109.71.252.88

🇷🇺 95.106.203.152

🇨🇦 38.49.217.60

🇺🇸 35.224.117.235

🇺🇸 216.180.246.82

🇬🇧 193.176.29.21

🇳🇱 192.42.116.58

🇳🇱 185.242.226.104

🇺🇸 181.214.48.205

🇺🇸 165.227.209.27

🇺🇸 161.0.2.87

🇺🇸 109.105.209.5

🇺🇸 109.105.209.2

🇫🇷 91.231.89.162

🇺🇸 65.49.1.133

🇬🇧 35.203.211.165

🇬🇧 35.203.211.27

🇬🇧 35.203.210.168