JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.14.104

65.111.14.104 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 30%: ?

30%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.14.104

Whois 65.111.14.104

IP Abuse Reports for 65.111.14.104:

This IP address has been reported a total of 31 times from 12 distinct sources. 65.111.14.104 was first reported on July 9th 2024, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-16 20:45:13 (6 hours ago)	65.111.14.104 - - [16/Jun/2026:14:45:13 -0600] "POST /xmlrpc.php HTTP/1.1" 200 413 "https://www.bing ... show more 65.111.14.104 - - [16/Jun/2026:14:45:13 -0600] "POST /xmlrpc.php HTTP/1.1" 200 413 "https://www.bing.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" ... show less	Web App Attack
🇬🇷 setupgr	2026-06-14 12:33:27 (2 days ago)	(mod_security) mod_security (id:900001) triggered by 65.111.14.104: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 65.111.14.104: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sun Jun 14 15:33:25.412990 2026] [security2:error] [pid 921889:tid 922067] [client 65.111.14.104:38387] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.babis.photo"] [severity "CRITICAL"] [tag "security"] [hostname "mail.babis.photo"] [uri "/wp-login.php"] [unique_id "ai6flSykT1eM1OfD7bvyQwAAAUw"], referer: https://mail.babis.photo/wp-login.php show less	Port Scan
🇩🇪 iNetWorker	2026-06-13 07:13:04 (3 days ago)	trolling for resource vulnerabilities	Web App Attack
🇬🇷 setupgr	2026-06-12 07:15:17 (4 days ago)	(mod_security) mod_security (id:900001) triggered by 65.111.14.104: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 65.111.14.104: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 10:15:16.655890 2026] [security2:error] [pid 106844:tid 106905] [client 65.111.14.104:17417] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: gyrosplace.gr"] [severity "CRITICAL"] [tag "security"] [hostname "gyrosplace.gr"] [uri "/wp-login.php"] [unique_id "aiuyBBQ56N2K21xh2KiPLgAAAVQ"], referer: https://gyrosplace.gr/wp-login.php show less	Port Scan
🇲🇹 Malta	2026-06-10 11:20:46 (6 days ago)	65.111.14.104 - - [10/Jun/2026:13:20:46 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubun ... show more 65.111.14.104 - - [10/Jun/2026:13:20:46 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇫🇮 inlink.ltd	2026-05-15 06:36:11 (1 month ago)	Known malicious PHP file or CMS probe	Web App Attack
🇩🇪 Mr-Money	2026-02-19 02:16:45 (3 months ago)	scenario: crowdsecurity/http-sensitive-files - events: 5	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-02-19 00:58:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:58:13.013567 2026] [security2:error] [pid 13875:tid 13875] [client 65.111.14.104:45361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wallawallafirearmstraining.com"] [uri "/backend/.env"] [unique_id "aZZgJeDrrg28OJxUj_irZQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 00:32:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:32:11.275517 2026] [security2:error] [pid 1654726:tid 1654777] [client 65.111.14.104:18663] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vote4joegardner.com"] [uri "/test/.git/config"] [unique_id "aZZaC7WHIn3YLd80vhgM0gAAAcg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:51:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:51:15.512242 2026] [security2:error] [pid 27791:tid 27791] [client 65.111.14.104:10533] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thresholddigital.com"] [uri "/test/.git/config"] [unique_id "aZYKI8Tps-eaM7nHdo8DNQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:27:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:27:35.388529 2026] [security2:error] [pid 18100:tid 18100] [client 65.111.14.104:60413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thetribehouse.com"] [uri "/backup/.git/config"] [unique_id "aZYEl72nXXOoqcTtOVAMlQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 13:34:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 08:34:15.162289 2026] [security2:error] [pid 2095571:tid 2095571] [client 65.111.14.104:20031] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wisewerks.com"] [uri "/.env.local"] [unique_id "aZW_1zRD3wnmHHWsGW6Y6AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:18:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:18:17.710773 2025] [security2:error] [pid 27581:tid 27581] [client 65.111.14.104:11685] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bluemarineboats.com"] [uri "/.env"] [unique_id "aSUf-b6ghuu1c2ufmjhS6AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:02:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:01:59.309516 2025] [security2:error] [pid 24290:tid 24290] [client 65.111.14.104:26067] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.gun-laws-by-state.com"] [uri "/.git/HEAD"] [unique_id "aSUAB5K2xOe6TOM0m4rn8wAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:53:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:53:11.255370 2025] [security2:error] [pid 17135:tid 17135] [client 65.111.14.104:59185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.chateau-saleza-bruges.com.cayman-islands-real-estate.com"] [uri "/.env"] [unique_id "aSQrB26pvm9la-BmJLqk8wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.46.125.221

🇨🇦 24.207.66.154

🇨🇳 222.138.196.52

🇧🇷 205.210.31.251

🇳🇱 185.224.128.16

🇮🇳 182.95.60.146

🇺🇸 172.255.80.26

🇺🇸 149.34.251.246

🇨🇳 113.220.124.135

🇧🇪 104.199.76.230

🇲🇾 47.250.129.199

🇨🇦 45.3.41.93

🇺🇸 20.55.29.197

🇰🇪 197.248.159.62

🇺🇸 192.186.191.88

🇦🇷 191.83.220.146

🇯🇵 185.184.223.23

🇨🇳 180.184.98.12

🇧🇷 144.22.171.87

🇺🇸 104.207.39.165