JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.12.216

65.111.12.216 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.12.216

Whois 65.111.12.216

IP Abuse Reports for 65.111.12.216:

This IP address has been reported a total of 28 times from 12 distinct sources. 65.111.12.216 was first reported on August 17th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-01-23 18:40:04 (4 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
Anonymous	2026-01-22 11:50:18 (4 months ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:12:35 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:12:27.433120 2025] [security2:error] [pid 6876:tid 6876] [client 65.111.12.216:10923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mezensen.com"] [uri "/.svn/wc.db"] [unique_id "aVH_q5t3H65XWO_Alio1uAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-08 17:51:11 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-25 05:40:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:40:27.397417 2025] [security2:error] [pid 14225:tid 14280] [client 65.111.12.216:59091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.velatorioslugo.soluciona.biz"] [uri "/.git/HEAD"] [unique_id "aSVBSwG4GY_wH_FiM6O4dgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:50:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:50:39.008172 2025] [security2:error] [pid 6205:tid 6205] [client 65.111.12.216:39591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.montebiancoltd.com"] [uri "/.svn/wc.db"] [unique_id "aSU1n1lgFDivXUGwapwYkAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:10:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:10:16.534979 2025] [security2:error] [pid 1647140:tid 1647199] [client 65.111.12.216:55935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.flapjacktoys.com"] [uri "/.env"] [unique_id "aSUeGMWdNO_bFaD03ZYyLAAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:10:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:10:25.029337 2025] [security2:error] [pid 7640:tid 7640] [client 65.111.12.216:29133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.islachavarri.chavarri.com"] [uri "/.svn/wc.db"] [unique_id "aSUQEbvylVYdwMcXQ22VCwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:28:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:28:46.516607 2025] [security2:error] [pid 19511:tid 19511] [client 65.111.12.216:17027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.flutetroupeofyakima.org"] [uri "/.git/HEAD"] [unique_id "aSUGTs4BY_s7CL1FIMODiwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:13:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:13:23.191876 2025] [security2:error] [pid 13766:tid 13766] [client 65.111.12.216:40179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.mariannehansen.com"] [uri "/.svn/wc.db"] [unique_id "aSUCsxhKfSi1B5jvZ0WLZAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:39:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:39:35.839957 2025] [security2:error] [pid 17352:tid 17352] [client 65.111.12.216:55427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.volollc.com"] [uri "/.svn/wc.db"] [unique_id "aST6x02FAaQzh0xuRJvoUQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-18 09:39:52 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2025-10-18 09:34:13 (7 months ago)	GlobalProtect login attempts with user xuanlan.	VPN IP Brute-Force
Anonymous	2025-10-17 11:42:21 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇬🇧 Mendip_Defender	2025-10-09 22:07:32 (7 months ago)	65.111.12.216 - - [09/Oct/2025:23:07:24 +0100] "GET /wp-login.php?action=register HTTP/1.0" 404 4644 ... show more 65.111.12.216 - - [09/Oct/2025:23:07:24 +0100] "GET /wp-login.php?action=register HTTP/1.0" 404 46444 "https://4x4response.uk/?u=3907" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 65.111.12.216 - - [09/Oct/2025:23:07:25 +0100] "GET /wp-login.php?action=register HTTP/1.0" 404 46444 "https://4x4response.uk/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 65.111.12.216 - - [09/Oct/2025:23:07:29 +0100] "POST /xmlrpc.php HTTP/1.1" 403 146 "https://4x4response.uk/?u=3907" "PHP/5.2.93" ... show less	Hacking Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇬 197.211.59.181

🇨🇳 110.177.178.54

🇨🇳 106.75.33.247

🇩🇪 94.134.94.180

🇬🇧 31.14.254.119

🇺🇸 142.248.80.72

🇹🇼 140.121.146.176

🇺🇸 124.198.132.115

🇮🇳 122.166.49.42

🇪🇬 41.41.209.197

🇺🇸 216.25.89.104

🇺🇸 147.185.132.38

🇫🇮 144.31.99.198

🇹🇷 88.236.74.153

🇻🇳 58.186.20.143

🇻🇳 14.243.46.219

🇳🇱 51.158.205.203

🇳🇱 45.148.10.152

🇪🇸 37.14.63.15

🇮🇩 36.78.107.60