JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.11.180

65.111.11.180 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 42%: ?

42%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.11.180

Whois 65.111.11.180

IP Abuse Reports for 65.111.11.180:

This IP address has been reported a total of 49 times from 27 distinct sources. 65.111.11.180 was first reported on June 27th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-06-14 20:57:55 (2 days ago)	Web password guessing	Brute-Force
Anonymous	2026-06-11 20:25:33 (5 days ago)	Port Scan	Port Scan
🇬🇧 spamverify.com	2026-06-03 15:19:13 (1 week ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇺🇸 Richard Stover	2026-05-31 22:04:38 (2 weeks ago)	User tried to login as "admin."	Web App Attack
🇫🇷 ELYAZ	2026-05-31 09:24:26 (2 weeks ago)	(y4) Failed scan -byebye- from 65.111.11.180 (US/United States/-): (CF_ENABLE)	Hacking
🇩🇪 big-cloud.nl	2026-05-29 03:32:06 (2 weeks ago)	Try to access /xmlrpc.php	Web App Attack
🇲🇽 octageeks.com	2026-05-24 04:09:40 (3 weeks ago)	Wordpress malicious attack:[octawpauthor]	Web App Attack
🇺🇸 lostswordfish.com	2026-05-23 10:42:04 (3 weeks ago)	Wordfence waf block on jestrellafoundation	Web App Attack
🇦🇺 oncord	2026-05-05 20:14:50 (1 month ago)	Form spam	Web Spam
🇳🇱 homeshowdomain.nl	2026-02-13 22:59:06 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-13	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-13 08:49:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.180 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:49:01.311947 2026] [security2:error] [pid 23286:tid 23286] [client 65.111.11.180:43105] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lakesidecountrycloggers.com"] [uri "/test/.git/config"] [unique_id "aY7lfejErR4_sfbRnB36VwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 08:07:28 (4 months ago)	Scanning/Probing (26)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:07:21 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.180 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:07:15.957184 2026] [security2:error] [pid 13547:tid 13547] [client 65.111.11.180:11737] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "koreasesame.com"] [uri "/.git/config"] [unique_id "aY6_k4NAAJy9dtAvyr-qzAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:37:36 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.180 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:37:32.091957 2026] [security2:error] [pid 27277:tid 27277] [client 65.111.11.180:50891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kofcasamblea442.org"] [uri "/api/.git/config"] [unique_id "aY64nNh_EZfTC6zYzJPZIAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:25:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.180 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:25:49.261661 2026] [security2:error] [pid 30385:tid 30385] [client 65.111.11.180:25679] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirklandplumbing.ca"] [uri "/app/.git/config"] [unique_id "aY6nzT9Jl-HLzmIqlCURkwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 194.50.235.150

🇺🇸 193.33.237.163

🇮🇳 152.52.243.30

🇯🇵 152.32.201.217

🇮🇳 147.93.169.105

🇨🇳 124.95.22.94

🇨🇳 117.175.140.121

🇨🇳 116.228.195.251

🇬🇧 109.157.88.242

🇷🇺 109.75.206.59

🇭🇰 103.106.188.32

🇳🇱 91.92.40.66

🇺🇸 66.132.186.220

🇨🇳 58.247.139.54

🇺🇸 50.6.228.111

🇩🇪 213.209.159.11

🇹🇷 213.74.188.92

🇧🇾 194.158.197.86

🇳🇱 192.253.248.169

🇧🇷 179.124.247.206