JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.12.84

65.111.12.84 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.12.84

Whois 65.111.12.84

IP Abuse Reports for 65.111.12.84:

This IP address has been reported a total of 39 times from 20 distinct sources. 65.111.12.84 was first reported on July 8th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 IRISIO	2026-06-15 06:36:32 (5 days ago)	scans/SQL injection/spam posts : 1 queries	Web App Attack SQL Injection
🇺🇸 mnsf	2026-06-04 19:09:11 (2 weeks ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇪🇸 librebit	2026-05-17 05:00:38 (1 month ago)	Brute force	Brute-Force
🇫🇷 masterguru	2026-04-02 06:36:40 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.84 (US/United States/-): 1 in the la ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.84 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇱🇻 garmtech.com	2026-03-31 12:14:37 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇫🇷 masterguru	2026-03-29 16:28:17 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.84 (US/United States/-): 1 in the la ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.84 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇺🇸 myagent.site	2026-01-15 08:39:05 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:58:27 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇳🇱 i-turnradio.nl	2025-12-28 09:51:54 (5 months ago)	2025-12-28 @ 10:51:54 (CET) ~ Blocked based on risk assessment and prior abuse reports	Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 23:23:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 18:23:26.592564 2025] [security2:error] [pid 22752:tid 22752] [client 65.111.12.84:51295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ancientleather.com"] [uri "/.git/HEAD"] [unique_id "aS907oE6wgt92Nl6KnxoywAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 18:28:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 13:28:36.235385 2025] [security2:error] [pid 7738:tid 7768] [client 65.111.12.84:19613] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brydansales.com"] [uri "/.env"] [unique_id "aS8v1E5h6ba00aENyJTRewAAANE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:51:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:50:53.713630 2025] [security2:error] [pid 18046:tid 18046] [client 65.111.12.84:39147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mitnikarch.com"] [uri "/.env"] [unique_id "aS5-PfEa5h1se7xEGeFcZQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:08:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:08:24.176379 2025] [security2:error] [pid 10453:tid 10453] [client 65.111.12.84:43239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bigislandhawaiirealestate.com"] [uri "/.env"] [unique_id "aSQgiPvTrRCY1QjuuKi01wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:36:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:36:36.492589 2025] [security2:error] [pid 30492:tid 30492] [client 65.111.12.84:10787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.reachpoint.com"] [uri "/.git/HEAD"] [unique_id "aSQZFHzlnbZQUVmE6qQMlAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:44:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.12.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.12.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:44:22.702856 2025] [security2:error] [pid 27655:tid 27655] [client 65.111.12.84:57105] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.bkspeck.com"] [uri "/.svn/wc.db"] [unique_id "aSPwtuJLWUtgk4lfAPLz9gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 217.146.80.126

🇭🇰 199.45.155.107

🇧🇪 198.235.24.237

🇨🇭 179.43.146.227

🇱🇾 165.16.88.197

🇺🇸 151.243.243.14

🇨🇳 117.40.114.154

🇫🇮 77.83.25.35

🇩🇪 69.5.169.30

🇩🇪 69.5.169.26

🇺🇸 66.132.186.235

🇬🇧 35.203.211.72

🇨🇳 8.138.108.179

🇳🇱 2a06:a880:5:e3e1::1

🇺🇸 2607:740:56:0:3ffd:7dfe:4863:cf6f

🇺🇸 2600:3c03::f03c:93ff:fe80:6c16

🇹🇼 198.235.24.49

🇩🇪 157.230.127.244

🇺🇸 152.36.157.145

🇺🇸 147.185.132.105