JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.12.173

65.111.12.173 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.12.173

Whois 65.111.12.173

IP Abuse Reports for 65.111.12.173:

This IP address has been reported a total of 35 times from 20 distinct sources. 65.111.12.173 was first reported on July 9th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 aglenday	2026-05-14 15:02:16 (1 month ago)	Honeypot hit: MSSQL traffic (on 1433) without login credentials	Port Scan
🇫🇷 masterguru	2026-04-03 10:17:07 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.173 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.173 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇫🇷 masterguru	2026-04-02 06:37:30 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.173 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.173 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇫🇷 masterguru	2026-03-30 06:07:08 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.173 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.173 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇫🇷 masterguru	2026-03-26 13:06:49 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.173 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.173 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇱🇻 garmtech.com	2026-03-24 08:07:27 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
Anonymous	2026-03-09 00:30:11 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-10 19:35:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.173 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 14:35:36.374529 2026] [security2:error] [pid 2802:tid 2802] [client 65.111.12.173:37459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aperturecontrols.com"] [uri "/admin/.git/config"] [unique_id "aYuIiMv6U3RvUczcMG93LAAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:26:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.173 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:26:42.491811 2026] [security2:error] [pid 7120:tid 7146] [client 65.111.12.173:33499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antidote-it.com"] [uri "/.git/config"] [unique_id "aYtOMhxQN2FSnUQKrnB3eAAAAFY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 FaB Property Group	2026-02-10 11:45:39 (4 months ago)	Requested file: images/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:17:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.173 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:17:30.073476 2026] [security2:error] [pid 2363:tid 2363] [client 65.111.12.173:54439] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iamaka.org"] [uri "/.git/config"] [unique_id "aYqjSnbCHK6LW6uHb5-2DgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:00:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.173 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:59:57.416745 2026] [security2:error] [pid 18143:tid 18143] [client 65.111.12.173:22893] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kennythompson.com"] [uri "/api/.git/config"] [unique_id "aYp0_bZwPnM2T01K0UAHHQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 23:38:48 (4 months ago)	Blocking for trying to access an exploit file: /api/.git/config	Hacking
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:58:36 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-11-30 03:20:31 (6 months ago)	botnet	DDoS Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.246.240.162

🇺🇸 69.73.187.130

🇷🇺 62.60.187.138

🇳🇱 51.15.59.186

🇳🇱 45.148.10.151

🇺🇸 20.163.34.54

🇨🇳 223.68.7.235

🇵🇱 194.180.48.34

🇷🇴 193.32.162.92

🇷🇴 80.94.92.187

🇱🇹 77.90.185.80

🇧🇷 45.184.47.88

🇳🇱 45.148.10.157

🇺🇸 20.163.34.41

🇺🇸 20.163.33.220

🇺🇸 216.25.89.77

🇳🇱 152.42.142.128

🇳🇱 77.91.71.11

🇺🇸 20.163.32.79

🇺🇸 20.163.32.78