JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.12.205

65.111.12.205 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.12.205

Whois 65.111.12.205

IP Abuse Reports for 65.111.12.205:

This IP address has been reported a total of 34 times from 18 distinct sources. 65.111.12.205 was first reported on July 11th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-05-13 22:33:27 (1 month ago)		Brute-Force Web App Attack
Anonymous	2026-05-13 21:45:28 (1 month ago)	Fail2Ban triggered	Web App Attack
Anonymous	2026-04-22 15:14:10 (1 month ago)	Attempt to scan vulnerabilities	Hacking
Anonymous	2026-04-12 06:33:47 (2 months ago)	Attempt to scan vulnerabilities	Hacking
Anonymous	2025-12-30 15:04:05 (5 months ago)	IP & Port Scan.	Port Scan Brute-Force SSH
🇺🇸 TPI-Abuse	2025-12-29 06:03:14 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.205 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:03:10.819313 2025] [security2:error] [pid 24006:tid 24006] [client 65.111.12.205:21971] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hydrusdetergents.com"] [uri "/.svn/wc.db"] [unique_id "aVIZntYWM2qNXeTOhnKYyQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:27:30 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.205 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:27:23.179098 2025] [security2:error] [pid 22044:tid 22126] [client 65.111.12.205:30375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kd9uri.com"] [uri "/.svn/wc.db"] [unique_id "aVIDKw2dUHoRkDjmH6S7CgAAAZc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:44:37 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.205 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:44:34.124652 2025] [security2:error] [pid 27136:tid 27136] [client 65.111.12.205:27553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "17thstreetrealty.com"] [uri "/.svn/wc.db"] [unique_id "aVH5Ikop1c9VWI_bBtRxtAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2025-12-26 19:27:53 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇹 VHosting	2025-12-23 18:40:10 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇨🇭 backslash	2025-12-16 08:00:16 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-26 08:51:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.205 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:51:46.546997 2025] [security2:error] [pid 9606:tid 9655] [client 65.111.12.205:28471] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tomithai.plumeraproductions.com"] [uri "/.svn/wc.db"] [unique_id "aSa_oiFyBWeOsnO3zv5q3wAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:00:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.205 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:00:33.603730 2025] [security2:error] [pid 15280:tid 15280] [client 65.111.12.205:46127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.greensandbeans.us"] [uri "/.svn/wc.db"] [unique_id "aSalkf6NTorRMUTgqailBAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:27:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.205 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:27:39.014279 2025] [security2:error] [pid 1647141:tid 1647205] [client 65.111.12.205:25937] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "georgementz.aafm.us"] [uri "/.svn/wc.db"] [unique_id "aSUUG9ffCdpZ5cNrCNduFwAAAUA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:17:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.205 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:17:12.905347 2025] [security2:error] [pid 3459969:tid 3459969] [client 65.111.12.205:41983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.farmersmutualcallaway.com"] [uri "/.svn/wc.db"] [unique_id "aSQGeL3FO5TAK9jawwx-2gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇹 188.251.150.76

🇷🇴 141.98.83.240

🇨🇳 120.236.49.131

🇨🇳 106.12.43.166

🇺🇸 104.21.83.228

🇳🇱 45.156.87.177

🇺🇸 34.182.14.151

🇲🇽 187.230.121.176

🇮🇳 182.95.106.138

🇫🇷 176.186.100.9

🇺🇸 172.236.228.202

🇸🇦 151.254.87.248

🇨🇳 120.211.194.108

🇺🇸 74.125.181.149

🇺🇸 73.88.234.73

🇺🇸 73.44.239.200

🇺🇸 64.252.75.92

🇸🇬 43.160.249.98

🇺🇸 34.125.34.174

🇰🇷 20.214.145.16