JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.12.119

65.111.12.119 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 14%: ?

14%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.12.119

Whois 65.111.12.119

IP Abuse Reports for 65.111.12.119:

This IP address has been reported a total of 31 times from 18 distinct sources. 65.111.12.119 was first reported on July 12th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-20 04:08:06 (2 weeks ago)	Attack Signature Blocked: /wishlist/index/add/product/1412/form_key/vComY4jAag5L4QYE/ (Magento Site) ... show more Attack Signature Blocked: /wishlist/index/add/product/1412/form_key/vComY4jAag5L4QYE/ (Magento Site) (Botnet activity attributed to: Angara Technologies Group / mikhail-smirnov-79830322) show less	Web App Attack Bad Web Bot
🇪🇸 librebit	2026-05-17 03:37:06 (3 weeks ago)	Brute force	Brute-Force
🇺🇸 nowyouknow	2026-04-17 22:36:27 (1 month ago)	(From [email protected]) Hi Pittsburg Chiropractic Center, I’ve built and trained an AI ... show more (From [email protected]) Hi Pittsburg Chiropractic Center, I’ve built and trained an AI employee specifically for Pittsburg Chiropractic Center. It’s already been trained on 6+ hours worth of your publicly available data — your website, Google Business Profile, and more. It knows how to answer customer questions, capture leads, and even follow up — just like a team member would. This isn’t a sales call. It’s a 20-minute demo where you can actually interact with the AI employee and see what it can do. Would today or tomorrow work for a quick walkthrough? Schedule a time on my calendar to meet the agent I trained for you and see what she can do here: getdandy.com/schedule-a-call/ or call me at (949)-755-7782 Talk soon, Thank you, Jennifer O'Brien \| Director of Operations GetDandy getdandy.com/schedule-a-call/ Unsubscribe here: bit.ly/42wnUsa show less	Phishing Web Spam
Anonymous	2026-03-22 19:17:54 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 inspectorgdgt	2025-12-24 22:00:00 (5 months ago)	VPN brute-force login attempts observed (bulk report).	Brute-Force
🇮🇹 VHosting	2025-12-24 03:46:01 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-14 00:55:42 (5 months ago)	botnet	DDoS Attack
🇳🇱 ipoac.nl	2025-12-04 15:55:15 (6 months ago)	-:443 65.111.12.119 - - [04/Dec/2025:16:55:14 +0100] - "GET /wp-login.php?action=register HTTP/1.1" ... show more -:443 65.111.12.119 - - [04/Dec/2025:16:55:14 +0100] - "GET /wp-login.php?action=register HTTP/1.1" 403 4061 "https://-/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-25 06:19:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.119 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:19:41.579732 2025] [security2:error] [pid 17320:tid 17320] [client 65.111.12.119:41105] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.forwardfusion.co"] [uri "/.svn/wc.db"] [unique_id "aSVKfYxuMMh7VFdPy_fb7wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:08:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.119 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:08:23.812095 2025] [security2:error] [pid 28913:tid 28913] [client 65.111.12.119:52009] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.arellasoc.com"] [uri "/.env"] [unique_id "aSU5xyiSo71NLBpYA10DeQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:20:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.119 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:20:15.393053 2025] [security2:error] [pid 22969:tid 22969] [client 65.111.12.119:10515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.inverzona.com"] [uri "/.svn/wc.db"] [unique_id "aSUuf9Fl9QbOPLMZc_9pXAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:03:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.119 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:03:08.057601 2025] [security2:error] [pid 24989:tid 24989] [client 65.111.12.119:10049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.blythewoodanimalhospital.com"] [uri "/.env"] [unique_id "aSUqfIJtPlZ-omqmhQ4phQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 02:05:03 (6 months ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:02:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.119 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:02:51.990629 2025] [security2:error] [pid 30523:tid 30523] [client 65.111.12.119:23863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.1cdn.com"] [uri "/.env"] [unique_id "aSUOS7Znf5n9FJTBNm5GMAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:58:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.119 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:58:10.787553 2025] [security2:error] [pid 1647141:tid 1647224] [client 65.111.12.119:31511] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.aafm.org"] [uri "/.git/HEAD"] [unique_id "aST_ItffCdpZ5cNrCNdFyAAAAVM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 217.24.185.98

🇫🇮 193.138.7.168

🇸🇬 172.217.47.19

🇺🇸 159.26.100.113

🇮🇳 117.254.38.48

🇧🇩 103.213.238.91

🇫🇷 94.183.188.94

🇺🇸 72.216.72.59

🇹🇼 1.162.251.28

🇯🇵 220.156.49.27

🇺🇸 72.196.240.51

🇳🇱 45.148.10.152

🇮🇪 44.155.26.71

🇨🇳 14.153.37.214

🇲🇽 189.173.42.116

🇺🇸 184.105.139.68

🇨🇳 180.184.139.111

🇮🇳 171.61.17.222

🇹🇭 147.50.227.79

🇨🇳 123.188.81.5