JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.12.40

65.111.12.40 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 42%: ?

42%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.12.40

Whois 65.111.12.40

IP Abuse Reports for 65.111.12.40:

This IP address has been reported a total of 30 times from 17 distinct sources. 65.111.12.40 was first reported on July 16th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-03 05:20:20 (1 day ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 65.111.12.40 (US/United States/-): 1 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 65.111.12.40 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 oncord	2026-05-28 13:21:52 (1 week ago)	Form spam	Web Spam
🇨🇭 backslash	2026-05-27 05:06:00 (1 week ago)		Web Spam
Anonymous	2026-05-23 11:37:57 (1 week ago)	2026-05-23 13:37:56 ERROR util.AccessViolations - 65.111.12.40 report to fail2ban - action: block .. ... show more 2026-05-23 13:37:56 ERROR util.AccessViolations - 65.111.12.40 report to fail2ban - action: block ... show less	Hacking Brute-Force Bad Web Bot
🇺🇸 LotPhantom	2026-05-21 10:44:43 (2 weeks ago)	2026/05/21 10:44:43 [error] 2972647#2972647: 43817 connect() failed (111: Connection refused) while ... show more 2026/05/21 10:44:43 [error] 2972647#2972647: 43817 connect() failed (111: Connection refused) while connecting to upstream, client: 65.111.12.40, server: wynnesmiles.com, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:4001/", host: "wynnesmiles.com" ... show less	Web App Attack
Anonymous	2026-05-21 08:52:30 (2 weeks ago)	SOHODE WEBFORM SPAM 65.111.12.40 (65.111.12.40)	Web Spam
🇪🇸 librebit	2026-05-17 04:41:26 (2 weeks ago)	Brute force	Brute-Force
🇦🇺 oncord	2026-05-10 11:51:13 (3 weeks ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-01-13 10:33:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.40 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 05:33:03.693533 2026] [security2:error] [pid 28938:tid 29051] [client 65.111.12.40:34915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "particulierlb.com"] [uri "/.svn/wc.db"] [unique_id "aWYfX-HmMatqLqUjBQEu8AAAAkI"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-23 19:50:07 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 07:48:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.40 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:48:44.586568 2025] [security2:error] [pid 12005:tid 12039] [client 65.111.12.40:48145] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.managementlaw.com"] [uri "/.svn/wc.db"] [unique_id "aSQN3DBPFl6aUrWWAmctpQAAAUE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:18:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.40 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:18:51.944112 2025] [security2:error] [pid 30850:tid 30850] [client 65.111.12.40:24829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.jpastorphotographics.com"] [uri "/.svn/wc.db"] [unique_id "aSQG29npX596JkJqHp1AiwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:09:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.40 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:09:39.794472 2025] [security2:error] [pid 16239:tid 16239] [client 65.111.12.40:39795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.i-med.com"] [uri "/.svn/wc.db"] [unique_id "aSP2o-W6usP4pnZOsZd6_AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:40:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.40 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:40:36.125178 2025] [security2:error] [pid 3361215:tid 3361215] [client 65.111.12.40:59429] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.heatherweathers.com"] [uri "/.svn/wc.db"] [unique_id "aSPv1Ev0TL9AAYoo-zJwhwAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 14:56:33 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 203.212.9.248

🇺🇸 173.252.87.39

🇨🇳 115.190.127.7

🇮🇹 93.92.76.239

🇷🇴 80.94.92.164

🇫🇷 51.68.247.214

🇺🇸 45.79.2.187

🇩🇪 45.3.54.86

🇨🇳 39.105.36.71

🇰🇿 2.134.15.12

🇨🇳 223.241.214.127

🇮🇩 202.169.232.194

🇺🇸 173.252.87.113

🇺🇸 136.49.53.226

🇯🇵 124.155.125.131

🇻🇳 113.173.23.122

🇺🇸 98.84.155.13

🇫🇷 91.231.89.49

🇨🇳 61.176.199.59

🇳🇱 45.142.193.53