JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.12.135

65.111.12.135 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.12.135

Whois 65.111.12.135

IP Abuse Reports for 65.111.12.135:

This IP address has been reported a total of 30 times from 16 distinct sources. 65.111.12.135 was first reported on June 27th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-05-30 14:33:08 (2 weeks ago)	2.741 requests with url.path //xmlrpc.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-02 21:54:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 02 16:53:46.108962 2026] [security2:error] [pid 30317:tid 30317] [client 65.111.12.135:60211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.modeltdr.com"] [uri "/.svn/wc.db"] [unique_id "aaYG6jRpEzlvONFJCs6NcgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-01 07:01:28 (3 months ago)	"GET /.svn/wc.db HTTP/1.1"	Hacking Web App Attack
🇺🇸 LARL-Stompro-2024	2026-01-23 00:32:48 (4 months ago)	Evergreen ILS - Mylist Bot Abuse - HTTP Port 443 - Fake UserAgent. Requests:1	Bad Web Bot
🇪🇸 10dencehispahard SL	2026-01-13 06:57:10 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-01-11 07:58:19 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 11 02:58:13.365492 2026] [security2:error] [pid 9088:tid 9088] [client 65.111.12.135:59221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "santafe.jbaydeliveries.com"] [uri "/.git/config"] [unique_id "aWNYFQhHkdU-gEIf9qOY1AAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 08:15:11 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 03:15:05.592330 2025] [security2:error] [pid 24842:tid 24842] [client 65.111.12.135:54415] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aTksCRIFPdU7A_68iWH2pgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-04 03:21:08 (6 months ago)	2025-12-04T05:21:08.227428+02:00 zanati wp(www.sahpa.co.za)[382896]: Blocked authentication attempt ... show more 2025-12-04T05:21:08.227428+02:00 zanati wp(www.sahpa.co.za)[382896]: Blocked authentication attempt for [email protected] from 65.111.12.135 ... show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:16:19 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:16:08.488817 2025] [security2:error] [pid 24020:tid 24020] [client 65.111.12.135:31323] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bitcoinpornhub.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoinpornhub.com"] [uri "/.svn/wc.db"] [unique_id "aSQiWMH59vg1IQBgh8r58gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:51:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:51:33.907364 2025] [security2:error] [pid 4683:tid 4683] [client 65.111.12.135:33119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.solas3.com"] [uri "/.env"] [unique_id "aSQOhWvx1o6s_Zu_dh91NAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:43:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:43:39.142697 2025] [security2:error] [pid 11598:tid 11598] [client 65.111.12.135:52607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.marshvineyards.com"] [uri "/.svn/wc.db"] [unique_id "aSP-m7IiClPYtdnLLakgiQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:28:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:28:20.005322 2025] [security2:error] [pid 3721:tid 3721] [client 65.111.12.135:14267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "w360.elpais.mx"] [uri "/.git/HEAD"] [unique_id "aSPs9Gwffnc0IMZDCu2cGAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:47:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:47:47.121791 2025] [security2:error] [pid 3965261:tid 3965311] [client 65.111.12.135:59481] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.accreditedfinancialanalyst.org"] [uri "/.env"] [unique_id "aSPjcx7XGNzpCBYjvUvnjgAAAk0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:32:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:32:02.965424 2025] [security2:error] [pid 5101:tid 5101] [client 65.111.12.135:22375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.interior-cosmetics.com"] [uri "/.svn/wc.db"] [unique_id "aSPfwqSx6gTZGMSHeLDO2gAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 fbarela	2025-11-19 03:00:43 (6 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.154.135.165

🇺🇸 162.216.149.13

🇺🇸 129.146.181.168

🇨🇳 120.48.175.69

🇷🇺 92.255.196.185

🇯🇵 52.196.139.25

🇬🇧 35.203.211.75

🇺🇸 192.178.115.217

🇷🇺 178.65.206.24

🇳🇱 91.92.42.120

🇸🇦 79.72.3.119

🇵🇰 72.255.3.40

🇨🇦 51.222.95.131

🇬🇧 35.203.210.188

🇩🇪 31.70.67.141

🇮🇳 202.88.209.51

🇭🇰 116.48.143.166

🇨🇳 49.64.85.138

🇹🇷 5.11.141.74

🇮🇷 2.185.228.25