JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.12.161

65.111.12.161 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.12.161

Whois 65.111.12.161

IP Abuse Reports for 65.111.12.161:

This IP address has been reported a total of 34 times from 16 distinct sources. 65.111.12.161 was first reported on July 2nd 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-05-06 11:44:47 (4 weeks ago)	Port Scan detected from 65.111.12.161 (US/United States/-). 11 hits in the last 281 seconds (0-197 ... show more Port Scan detected from 65.111.12.161 (US/United States/-). 11 hits in the last 281 seconds (0-197) show less	Port Scan
🇫🇷 masterguru	2026-04-01 19:03:08 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.161 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.161 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇱🇻 garmtech.com	2026-03-13 00:04:12 (2 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇱🇹 NotACaptcha	2026-02-26 01:31:58 (3 months ago)	webserver:80 [26/Feb/2026] "GET /.env HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x ... show more webserver:80 [26/Feb/2026] "GET /.env HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/120.0.0.0" show less	Web App Attack
🇮🇹 VHosting	2025-12-24 07:55:20 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-25 06:23:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.161 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:23:27.451411 2025] [security2:error] [pid 10617:tid 10665] [client 65.111.12.161:55595] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.honorac.com"] [uri "/.env"] [unique_id "aSVLX86TJsC6P66-MR5XuQAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-24 23:03:39 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-24	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 09:32:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.161 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:32:15.948404 2025] [security2:error] [pid 4431:tid 4431] [client 65.111.12.161:40731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.agapeaccountingllc.com"] [uri "/.git/HEAD"] [unique_id "aSQmH2Joh_2J4jnxob01UAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:17:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.161 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:17:14.579059 2025] [security2:error] [pid 22552:tid 22552] [client 65.111.12.161:56125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.lakesideshelving.com"] [uri "/.git/HEAD"] [unique_id "aSQUitDKk0yoCjG8IJrhFwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 13:56:32 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇪🇸 10dencehispahard SL	2025-11-11 07:23:53 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-10-27 18:53:31 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.27 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.27 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-22 22:58:29 (7 months ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.10.22 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.10.22 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-18 07:26:20 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2025-10-17 01:34:45 (7 months ago)	GlobalProtect login attempts with user chriskam.	VPN IP Brute-Force

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 194.187.176.216

🇺🇸 74.82.47.42

🇳🇱 45.148.10.183

🇺🇸 2604:a880:400:d1:0:4:6c7e:9001

🇨🇦 212.104.215.79

🇬🇧 209.42.22.206

🇨🇦 198.44.157.147

🇮🇹 172.253.12.208

🇻🇳 125.212.221.88

🇵🇹 89.153.125.230

🇺🇸 65.49.1.31

🇺🇸 64.62.156.81

🇵🇰 58.27.240.122

🇵🇱 57.128.225.99

🇰🇷 14.47.3.221

🇷🇴 2.57.121.25

🇰🇷 1.250.67.114

🇩🇪 181.41.194.250

🇫🇷 176.191.43.176

🇻🇳 113.160.51.49