JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.1.107

65.111.1.107 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 47%: ?

47%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.1.107

Whois 65.111.1.107

IP Abuse Reports for 65.111.1.107:

This IP address has been reported a total of 30 times from 20 distinct sources. 65.111.1.107 was first reported on June 28th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-14 17:30:25 (1 day ago)	(y4) Failed scan -byebye- from 65.111.1.107 (US/United States/-): (CF_ENABLE)	Hacking
Anonymous	2026-06-14 12:18:38 (1 day ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 lostswordfish.com	2026-06-13 08:14:06 (3 days ago)	Wordfence waf block on parsol	Web App Attack
🇩🇪 FeG Deutschland	2026-06-12 10:33:06 (3 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇬🇷 setupgr	2026-06-12 07:18:52 (4 days ago)	(mod_security) mod_security (id:900001) triggered by 65.111.1.107: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 65.111.1.107: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 10:18:50.073834 2026] [security2:error] [pid 104034:tid 104107] [client 65.111.1.107:43763] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: gyrosplace.gr"] [severity "CRITICAL"] [tag "security"] [hostname "gyrosplace.gr"] [uri "/wp-login.php"] [unique_id "aiuy2labcBA3ZH61lLfw2gAAABA"], referer: https://gyrosplace.gr/wp-login.php show less	Port Scan
🇲🇽 octageeks.com	2026-06-12 04:23:52 (4 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 dtorrer	2026-06-11 22:22:11 (4 days ago)	Brute-force general attack.	Brute-Force
🇺🇸 koinkash.org	2026-06-10 20:10:13 (5 days ago)	They are fraudulent. Malicious threat actor requesting php file /wp-login.php	Web App Attack
🇫🇷 ELYAZ	2026-06-10 15:58:23 (5 days ago)	(y4) Failed scan -byebye- from 65.111.1.107 (US/United States/-): (CF_ENABLE)	Hacking
🇦🇺 MAGIC	2025-12-20 02:03:02 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-12-12 00:32:58 (6 months ago)	wordpress-trap	Web App Attack
🇩🇪 conseilgouz	2025-11-29 14:30:23 (6 months ago)	lae-12 : Block return, carriage return, ... characters=>/component/weblinks/weblink/11-la-perle-des- ... show more lae-12 : Block return, carriage return, ... characters=>/component/weblinks/weblink/11-la-perle-des-crepes?Itemid=135&Itemid=%27&catid=19&task=w...(') show less	Hacking
🇺🇸 TPI-Abuse	2025-11-26 11:00:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.107 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:00:38.925108 2025] [security2:error] [pid 895:tid 895] [client 65.111.1.107:45257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cbrtestsite.com"] [uri "/.env"] [unique_id "aSbd1vZ_ABqr4CpjqrrnQAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:07:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.107 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:07:15.948414 2025] [security2:error] [pid 3697898:tid 3697911] [client 65.111.1.107:59227] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.eafm.org"] [uri "/.env"] [unique_id "aSanIxXsw-P_EAMOaarl5gAAAIs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:49:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.107 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:49:18.664834 2025] [security2:error] [pid 18620:tid 18620] [client 65.111.1.107:37883] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.limegreenvinyl.com"] [uri "/.git/HEAD"] [unique_id "aSZ4vg3Xj9UvQZGqki-bIAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇷 186.177.88.78

🇮🇳 182.95.167.138

🇨🇳 124.226.212.169

🇨🇳 115.231.78.11

🇨🇳 111.26.62.39

🇨🇳 58.33.97.119

🇹🇷 31.145.131.202

🇹🇭 223.206.140.230

🇷🇴 193.46.255.93

🇧🇷 191.6.25.239

🇱🇹 188.69.225.188

🇻🇳 171.224.71.221

🇷🇴 141.98.83.240

🇮🇳 103.181.81.150

🇫🇷 91.196.152.216

🇩🇪 69.5.169.152

🇲🇾 49.124.153.42

🇺🇸 48.214.53.183

🇳🇱 45.153.34.112

🇮🇩 36.91.147.71