JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.12.127

65.111.12.127 was found in our database!

This IP was reported 50 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.12.127

Whois 65.111.12.127

IP Abuse Reports for 65.111.12.127:

This IP address has been reported a total of 50 times from 20 distinct sources. 65.111.12.127 was first reported on August 19th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-04 19:06:59 (6 days ago)	Abuse Detected (2)	Brute-Force Web App Attack
Anonymous	2026-02-15 13:05:46 (3 months ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:27:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:27:25.044656 2026] [security2:error] [pid 30210:tid 30210] [client 65.111.12.127:24655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sfpantry.com"] [uri "/api/.env"] [unique_id "aZG7rUYMYwqnnphnbCxWygAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:37:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:37:07.489343 2026] [security2:error] [pid 919:tid 919] [client 65.111.12.127:26425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paardekooper.info"] [uri "/app/.git/config"] [unique_id "aZGv4xBxkDhFt-QP7JEV4wAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:17:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:17:24.305747 2026] [security2:error] [pid 26520:tid 26535] [client 65.111.12.127:11209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sellarsmail.com"] [uri "/admin/.env"] [unique_id "aZGrRHdTUu5CSgVEsnXL-AAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:53:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:53:28.250955 2026] [security2:error] [pid 936:tid 936] [client 65.111.12.127:49869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seacor.us"] [uri "/.git/config"] [unique_id "aZFtaBmE2pP8XuE4vYUbRwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 06:22:34 (3 months ago)	Multiple WAF Violations	Web App Attack
🇧🇪 voormedia	2026-02-15 05:58:34 (3 months ago)	Accessed trap at '/.env'	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:58:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:58:20.047021 2026] [security2:error] [pid 18716:tid 18716] [client 65.111.12.127:27843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "omnitractors.com"] [uri "/config/.env"] [unique_id "aZFgfM234OUqx_nSVeOUTwAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:37:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:37:26.107979 2026] [security2:error] [pid 29929:tid 29929] [client 65.111.12.127:43231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sbxyz.net"] [uri "/.env.staging"] [unique_id "aZFblsR7kxULOJyKpmGBPgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-15 04:28:01 (3 months ago)	Blocking for trying to access an exploit file: /.env.staging	Hacking
🇺🇸 TPI-Abuse	2026-02-15 04:10:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:10:42.731962 2026] [security2:error] [pid 2457882:tid 2457882] [client 65.111.12.127:26327] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "powerlinemagazine.com"] [uri "/backup/.git/config"] [unique_id "aZFHQi1c3cYkYSpKVSp7XwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:10:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:10:10.913067 2026] [security2:error] [pid 4296:tid 4296] [client 65.111.12.127:36203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "poland-yacht-registration.com"] [uri "/api/.git/config"] [unique_id "aZE5Et3ecZJHqQSDpuzD7gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:17:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:17:20.900760 2026] [security2:error] [pid 16971:tid 16971] [client 65.111.12.127:33847] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "platinumcapitalpartners.net"] [uri "/.env.staging"] [unique_id "aZEssCVmJ-_ex2I-GGxO0QAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2026-02-15 01:58:59 (3 months ago)	C1: Web Attack GET /admin/.git/config	Web Spam Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 50 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 206.42.8.243

🇨🇳 106.115.115.7

🇳🇵 103.163.182.142

🇳🇱 85.11.167.232

🇮🇩 69.5.20.232

🇨🇳 61.151.249.194

🇯🇵 58.98.197.137

🇺🇸 47.251.5.136

🇳🇱 45.148.10.121

🇳🇱 45.142.193.10

🇫🇮 34.88.74.41

🇧🇪 104.155.29.73

🇺🇸 104.131.69.242

🇮🇳 103.108.5.219

🇧🇬 78.128.114.58

🇸🇦 66.118.148.238

🇨🇳 60.16.210.240

🇭🇰 45.192.97.6

🇻🇳 14.183.237.63

🇦🇷 186.122.177.140