JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.12.212

65.111.12.212 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.12.212

Whois 65.111.12.212

IP Abuse Reports for 65.111.12.212:

This IP address has been reported a total of 41 times from 20 distinct sources. 65.111.12.212 was first reported on June 27th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 kranem	2026-02-25 06:00:53 (3 months ago)	Triggered Cloudflare WAF from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/ ... show more Triggered Cloudflare WAF from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/2 (GET method) Endpoint: /login Timestamp: 2026-02-25T04:54:29Z User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 show less	Bad Web Bot
🇱🇻 garmtech.com	2026-02-13 04:22:42 (4 months ago)	IM360 WAF: Attempt to upload malware	Hacking
Anonymous	2026-02-11 09:01:00 (4 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2026-02-04 05:18:34 (4 months ago)	2026-02-04 06:18:34 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇮🇹 VHosting	2025-12-22 22:54:45 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇱🇻 garmtech.com	2025-12-04 19:54:15 (6 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-54.65.111.12.212.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-54.65.111.12.212.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 23:08:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.212 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 18:08:11.716682 2025] [security2:error] [pid 4439:tid 4439] [client 65.111.12.212:59173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mardensmith.com"] [uri "/.git/HEAD"] [unique_id "aS9xW86tjGPNxUgk_LmdHwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:15:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.212 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:15:12.287811 2025] [security2:error] [pid 29888:tid 29888] [client 65.111.12.212:45127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darkhorseyachting.com"] [uri "/.svn/wc.db"] [unique_id "aS86wM8BIYiTj1ku6AeL_AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:54:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.212 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:54:05.575000 2025] [security2:error] [pid 723:tid 723] [client 65.111.12.212:42157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "earlyeditionsbooks.com"] [uri "/.git/HEAD"] [unique_id "aS6bHaqnKAWdCCHG71iqfgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 06:31:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.212 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 01:31:45.247172 2025] [security2:error] [pid 25628:tid 25628] [client 65.111.12.212:29411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "generationedm.com"] [uri "/.env"] [unique_id "aS6H0X-O11V8uHglUyF_cQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:14:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.212 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:14:18.008607 2025] [security2:error] [pid 32336:tid 32336] [client 65.111.12.212:23191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paulshorrock.com"] [uri "/.env"] [unique_id "aS51qif8thRD96GDycSpXQAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:58:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.212 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:58:05.055879 2025] [security2:error] [pid 30329:tid 30329] [client 65.111.12.212:60919] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lisagilinger.com"] [uri "/.env"] [unique_id "aS5x3UIWTh0iU4khDS7LhgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 03:55:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.212 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 22:55:47.687649 2025] [security2:error] [pid 18993:tid 18993] [client 65.111.12.212:11053] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotpay.co"] [uri "/.env"] [unique_id "aS5jQz_2lRaupFnZEwbfkQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oncord	2025-11-20 15:51:01 (6 months ago)	Form spam	Web Spam
Anonymous	2025-11-02 22:19:32 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:33:48	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.167.75.95

🇨🇳 223.93.164.218

🇺🇸 172.184.210.170

🇺🇸 134.122.21.135

🇬🇧 109.158.147.192

🇺🇸 76.240.112.214

🇺🇸 74.213.230.9

🇺🇸 66.132.224.29

🇨🇦 51.222.168.227

🇺🇸 45.148.125.145

🇳🇱 45.142.193.105

🇺🇸 35.212.168.171

🇦🇺 20.227.136.34

🇺🇸 2602:fb54:1a00::1ab

🇬🇧 217.146.80.111

🇺🇸 209.38.134.181

🇲🇽 189.169.114.248

🇭🇰 185.227.153.56

🇯🇵 140.83.86.196

🇧🇬 78.128.114.102