JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.12.159

65.111.12.159 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.12.159

Whois 65.111.12.159

IP Abuse Reports for 65.111.12.159:

This IP address has been reported a total of 37 times from 20 distinct sources. 65.111.12.159 was first reported on June 27th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-25 10:29:29 (2 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 12:06:15 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2026-01-25 13:24:56 (4 months ago)	Forum/form spam	Web Spam
🇫🇷 tilellit.pro	2026-01-23 06:55:47 (4 months ago)	Fail2Ban banned 65.111.12.159 for security violations in jail wp-armour. Log: 2026/01/23 06:55:46 [e ... show more Fail2Ban banned 65.111.12.159 for security violations in jail wp-armour. Log: 2026/01/23 06:55:46 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 65.111.12.159 \| Target: wplogin" , client: 65.111.12.159, server: [REDACTED], request: "POST /wp-login.php HTTP/2.0", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇦🇺 MAGIC	2025-12-07 00:04:38 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇨🇭 backslash	2025-12-06 21:50:02 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-25 03:51:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:51:04.389012 2025] [security2:error] [pid 751658:tid 751658] [client 65.111.12.159:16817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.aholsniffsglue.com"] [uri "/.svn/wc.db"] [unique_id "aSUnqA008X_ARTj_g-I7WgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:07:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:07:04.717047 2025] [security2:error] [pid 20626:tid 20626] [client 65.111.12.159:18359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sendera.imerka.com.mx"] [uri "/.git/HEAD"] [unique_id "aSUPSMhqck0Kt4aGee89IwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:20:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:20:01.048399 2025] [security2:error] [pid 14486:tid 14486] [client 65.111.12.159:43375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.ageiron.com"] [uri "/.env"] [unique_id "aSUEQRXFEO1ojoZGI_bligAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 MM-bot	2025-11-25 01:17:26 (6 months ago)	URL-probe: HTTP/1.1 GET request on /.git/HEAD (2025-11-25 02:17:26 UTC+1)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:33:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:23:36.498306 2025] [security2:error] [pid 32260:tid 32260] [client 65.111.12.159:37567] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.questionnairehints.com"] [uri "/.env"] [unique_id "aST3COkuDQqmkNI-cuDIRgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:15:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:15:05.371657 2025] [security2:error] [pid 27799:tid 27799] [client 65.111.12.159:44905] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.bigholegolf.com"] [uri "/.svn/wc.db"] [unique_id "aST1CRSqJltQ7oDe1BM5DAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-21 19:26:24 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.21 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 08:46:19 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.14 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.14 is noted in report timestamp show less	Hacking Brute-Force
🇦🇺 oncord	2025-11-07 07:51:34 (7 months ago)	Form spam	Web Spam

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.171

🇹🇿 102.214.44.117

🇲🇽 46.250.171.15

🇨🇳 218.25.89.208

🇩🇪 194.88.98.116

🇮🇩 103.110.34.131

🇩🇪 87.106.2.140

🇧🇪 35.205.15.227

🇬🇧 35.203.210.26

🇷🇺 5.3.146.57

🇳🇱 178.62.254.89

🇺🇸 136.117.203.151

🇷🇺 109.195.29.57

🇳🇱 92.64.230.254

🇺🇸 66.55.64.204

🇲🇾 49.124.151.63

🇩🇪 217.154.1.156

🇷🇼 197.243.14.52

🇺🇸 195.184.76.204

🇩🇪 151.243.11.248