JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.11.92

65.111.11.92 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 7%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.11.92

Whois 65.111.11.92

IP Abuse Reports for 65.111.11.92:

This IP address has been reported a total of 36 times from 19 distinct sources. 65.111.11.92 was first reported on July 9th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 ThreatBook.io	2026-05-01 00:29:46 (1 month ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/65.111.11.92 2026-04-30 14: ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/65.111.11.92 2026-04-30 14:08:17 / 2026-04-30 14:24:32 / 2026-04-30 14:08:56 / 2026-04-30 14:30:55 / 2026-04-30 14:10:36 / show less	Web App Attack
🇮🇹 [email protected]	2026-04-17 22:30:38 (1 month ago)	[Sat Apr 18 00:30:37.911047 2026] [authz_core:error] [pid 560721:tid 560744] [remote 65.111.11.92:36 ... show more [Sat Apr 18 00:30:37.911047 2026] [authz_core:error] [pid 560721:tid 560744] [remote 65.111.11.92:36901] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php ... show less	Brute-Force Web App Attack
Anonymous	2026-02-15 13:05:54 (3 months ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇳🇱 MM-bot	2026-02-15 12:34:47 (3 months ago)	URL-probe: HTTP/1.1 GET request on /app/.env (2026-02-15 13:34:47 UTC+1)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:01:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:01:27.268189 2026] [security2:error] [pid 1945:tid 1945] [client 65.111.11.92:47485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pamfilyataban.com"] [uri "/.env.local"] [unique_id "aZG1l9wXfzRwr9CXoHUmsQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 11:24:04 (3 months ago)	65.111.11.92 - - [15/Feb/2026:11:23:48 +0000] "GET /api/.env HTTP/1.1" 302 491 "-" "Mozilla/5.0 (Win ... show more 65.111.11.92 - - [15/Feb/2026:11:23:48 +0000] "GET /api/.env HTTP/1.1" 302 491 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:55:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:55:42.939317 2026] [security2:error] [pid 973033:tid 973033] [client 65.111.11.92:53109] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pscc.com"] [uri "/.env.save"] [unique_id "aZFt7mvw8c08IVYvoq1oFAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:31:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:31:14.848465 2026] [security2:error] [pid 8481:tid 8481] [client 65.111.11.92:39815] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "proplanarchitects.com"] [uri "/wp/.git/config"] [unique_id "aZFoMhqACLBEFUw0VLcIGgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 06:07:48 (3 months ago)	Too many Status 40X (13) Scanning/Probing (13)	Brute-Force Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 05:53:31 (3 months ago)	Try to access /config/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:18:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:18:36.205515 2026] [security2:error] [pid 27944:tid 27944] [client 65.111.11.92:23385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "officechristmascards.com"] [uri "/admin/.env"] [unique_id "aZFXLPc6bQQ7L7WGcwyY0AAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-02-15 05:18:21 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇩🇪 BlueWire Hosting	2026-02-15 05:08:45 (3 months ago)	Probing websites for vulnerabilities	SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:33:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:33:43.949627 2026] [security2:error] [pid 31766:tid 31766] [client 65.111.11.92:64033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prcs.biz"] [uri "/.env.staging"] [unique_id "aZFMpw6rXJbEGkbTTjhd8wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:08:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:08:47.107694 2026] [security2:error] [pid 184122:tid 184224] [client 65.111.11.92:42141] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "salvoni.com"] [uri "/site/.git/config"] [unique_id "aZFGzxZxbpqQBAmMeBF91AAAAg0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.202.118.11

🇳🇱 91.92.42.133

🇦🇺 27.124.111.122

🇺🇸 20.65.193.108

🇩🇪 13.140.141.126

🇷🇴 2.57.121.112

🇨🇳 2400:7fc0:82c0:800:5695:6ff1:41f4:d88c

🇧🇷 201.17.146.173

🇩🇪 167.94.145.31

🇳🇬 165.154.11.206

🇮🇳 122.187.229.168

🇺🇸 109.105.209.14

🇮🇹 93.92.73.242

🇷🇴 92.118.39.62

🇳🇱 45.148.10.157

🇦🇷 190.221.50.123

🇸🇾 185.216.134.126

🇺🇦 176.98.31.13

🇨🇳 171.104.143.176

🇰🇷 124.153.239.15