JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.11.73

65.111.11.73 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.11.73

Whois 65.111.11.73

IP Abuse Reports for 65.111.11.73:

This IP address has been reported a total of 32 times from 17 distinct sources. 65.111.11.73 was first reported on July 3rd 2024, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 fbarela	2026-06-17 22:00:27 (6 hours ago)	FortiGate SSL VPN login failures.	Brute-Force Hacking
🇬🇧 spamverify.com	2026-06-16 08:39:46 (1 day ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇺🇸 gu-alvareza	2026-05-03 07:05:20 (1 month ago)	WordPress.xmlrpc.Pingback.DoS	DDoS Attack
🇩🇪 LRob.fr	2026-02-14 16:51:12 (4 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-21 20:11:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 15:11:50.828442 2026] [security2:error] [pid 28106:tid 28106] [client 65.111.11.73:56727] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alexthepunk.com"] [uri "/.git/HEAD"] [unique_id "aXEzBsdLJIq_eKyNPLNrcwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-21 15:29:34 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 10:29:25.384205 2026] [security2:error] [pid 9722:tid 9722] [client 65.111.11.73:11107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tecnoconce.com"] [uri "/.env"] [unique_id "aXDw1ZYXKUKUGzFybrzGMAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-15 07:43:02 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-04 01:59:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 03 20:59:54.577273 2025] [security2:error] [pid 27994:tid 27994] [client 65.111.11.73:43901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kozzmik.stream"] [uri "/.svn/wc.db"] [unique_id "aTDrGtiCnJJU4MMw-T-jjwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-24 06:40:01 (6 months ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:59:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:59:48.522696 2025] [security2:error] [pid 23156:tid 23156] [client 65.111.11.73:23051] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bienvenueplantation.cathrynn.com"] [uri "/.svn/wc.db"] [unique_id "aSP0VHLERaGq0F71qlXFjAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:36:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:36:15.851716 2025] [security2:error] [pid 3965259:tid 3965326] [client 65.111.11.73:57783] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "asipm.aafm.us"] [uri "/.svn/wc.db"] [unique_id "aSPuz8HsvdKIeQe-cM9CkQAAAUE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:20:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:20:27.034194 2025] [security2:error] [pid 23985:tid 23985] [client 65.111.11.73:59489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.happybookermusic.com"] [uri "/.env"] [unique_id "aSPrG8Iylb-LLyBY4RqSrQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:31:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:31:36.970619 2025] [security2:error] [pid 23487:tid 23487] [client 65.111.11.73:35295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.meierstavern.com"] [uri "/.env"] [unique_id "aSPRmF-xMSLeQy0-Vp5_hQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 weblite	2025-11-06 10:33:45 (7 months ago)	WP_XMLRPC_ABUSE WP_LOGIN_FAIL	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-16 23:42:21 (8 months ago)	GlobalProtect login attempts with user bus.	VPN IP Brute-Force

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 201.77.166.143

🇳🇮 200.30.177.90

🇵🇱 194.180.49.104

🇳🇱 185.107.80.93

🇺🇸 172.236.228.245

🇺🇸 135.237.125.182

🇩🇪 95.85.230.238

🇺🇸 66.228.53.204

🇺🇸 66.132.172.37

🇻🇳 27.79.44.149

🇺🇸 20.64.105.149

🇩🇿 193.194.91.218

🇵🇪 191.98.164.181

🇧🇷 179.107.50.202

🇨🇷 179.60.165.23

🇩🇪 172.217.33.215

🇳🇱 86.54.31.40

🇧🇬 79.124.62.230

🇩🇪 69.5.169.157

🇺🇸 65.49.20.84