JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.12.231

65.111.12.231 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.12.231

Whois 65.111.12.231

IP Abuse Reports for 65.111.12.231:

This IP address has been reported a total of 41 times from 20 distinct sources. 65.111.12.231 was first reported on July 3rd 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-08 19:44:18 (1 month ago)	Forum/form spam	Web Spam
🇱🇻 garmtech.com	2026-03-30 06:07:22 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇱🇻 garmtech.com	2026-03-24 08:08:05 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇱🇻 garmtech.com	2026-03-14 23:51:09 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇬🇧 relianoid.com	2026-03-09 01:06:05 (2 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
Anonymous	2026-02-19 01:11:48 (3 months ago)	Forum/form spam	Web Spam
🇩🇪 Lino Project	2026-01-26 05:30:12 (4 months ago)	65.111.12.231 - - [26/Jan/2026:06:30:09 +0100] "GET /wp-admin/edit.php?post_type=shop_order HTTP/1.1 ... show more 65.111.12.231 - - [26/Jan/2026:06:30:09 +0100] "GET /wp-admin/edit.php?post_type=shop_order HTTP/1.1" 403 6767 "-" "curl/8.6.0" 65.111.12.231 - - [26/Jan/2026:06:30:10 +0100] "GET /wp-admin/edit.php?post_type=shop_order HTTP/1.1" 403 6537 "https://www.primobio.it/wp-admin/admin.php?page=wc-orders" "curl/8.6.0" 65.111.12.231 - - [26/Jan/2026:06:30:11 +0100] "GET /wp-admin/admin.php?page=wc-reports&range=year HTTP/1.1" 403 6537 "-" "Wget/1.21.4" ... show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-13 07:10:11 (4 months ago)	Forum/form spam	Web Spam
🇮🇹 VHosting	2025-12-24 00:01:27 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-02 22:27:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.231 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:27:01.658876 2025] [security2:error] [pid 8892:tid 8892] [client 65.111.12.231:20031] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kendylcelina.com"] [uri "/.env"] [unique_id "aS9ntTlooNEyYSJGfgoSFgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 20:35:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.231 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:35:06.024253 2025] [security2:error] [pid 18048:tid 18048] [client 65.111.12.231:50637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aoklandco.com"] [uri "/.git/HEAD"] [unique_id "aS9NeqzXX_JoOMV2Xqfl8wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 17:27:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.231 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 12:27:22.951242 2025] [security2:error] [pid 26600:tid 26600] [client 65.111.12.231:10499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "traditionalvaluesbooks.com"] [uri "/.env"] [unique_id "aS8heqBiN488ZHQZ59k4dQAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:31:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.231 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:31:07.861468 2025] [security2:error] [pid 15884:tid 15906] [client 65.111.12.231:36245] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "citydentalclinic.com"] [uri "/.git/HEAD"] [unique_id "aS8GO4QyZxProIl9msFY5QAAAJE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 10:54:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.231 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 05:54:32.049746 2025] [security2:error] [pid 31801:tid 31801] [client 65.111.12.231:51575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cosplayculture.com"] [uri "/.svn/wc.db"] [unique_id "aS7FaI-4Z3Pe0Nn8PjiVUQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 173.194.170.121

🇭🇰 165.154.60.76

🇨🇳 223.199.162.61

🇨🇳 220.202.112.18

🇮🇩 202.51.214.99

🇨🇳 180.95.238.174

🇮🇩 157.15.67.253

🇨🇳 139.170.73.183

🇳🇱 89.21.67.167

🇳🇱 45.198.224.138

🇻🇪 38.61.171.93

🇺🇸 20.169.106.201

🇮🇳 4.213.224.194

🇨🇭 179.43.163.234

🇺🇸 162.216.150.32

🇺🇸 162.144.121.110

🇭🇰 152.32.128.204

🇹🇼 104.199.176.250

🇳🇱 45.148.10.151

🇬🇧 31.77.156.62