JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.14.212

65.111.14.212 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 33%: ?

33%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.14.212

Whois 65.111.14.212

IP Abuse Reports for 65.111.14.212:

This IP address has been reported a total of 28 times from 18 distinct sources. 65.111.14.212 was first reported on July 10th 2024, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-10 02:45:59 (15 hours ago)	[server.tmg.gr] httpd-login-spray-site: sites=tmg.gr.forms; logs=/var/log/httpd/domains/tmg.gr.forms ... show more [server.tmg.gr] httpd-login-spray-site: sites=tmg.gr.forms; logs=/var/log/httpd/domains/tmg.gr.forms.log; samples=site_wide=true \| distinct_ips=36 \| /wp-login.php show less	Hacking Web App Attack
🇨🇭 4server	2026-06-06 19:37:26 (3 days ago)	[SatJun0621:37:16.7978412026][security2:error][pid3609234:tid3609508][client65.111.14.212:0]ModSecur ... show more [SatJun0621:37:16.7978412026][security2:error][pid3609234:tid3609508][client65.111.14.212:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"www.4server.ch\"][uri\"/.aws/credentials\"][unique_id\"aiR27HJHrS2gEgLGf1mY5gAAARE\"] show less	Hacking Web App Attack
🇫🇷 ELYAZ	2026-05-31 04:12:51 (1 week ago)	(y4) Failed scan -byebye- from 65.111.14.212 (US/United States/-): (CF_ENABLE)	Hacking
🇩🇪 iNetWorker	2026-05-30 11:11:15 (1 week ago)	trolling for resource vulnerabilities	Web App Attack
🇩🇪 FeG Deutschland	2026-05-29 12:59:53 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
Anonymous	2026-05-28 19:40:58 (1 week ago)	[server.tmg.gr] httpd-login-spray-site: sites=aidshep2019.gr; logs=/var/log/httpd/domains/aidshep201 ... show more [server.tmg.gr] httpd-login-spray-site: sites=aidshep2019.gr; logs=/var/log/httpd/domains/aidshep2019.gr.log; samples=site_wide=true \| distinct_ips=33 \| /wp-login.php show less	Hacking Web App Attack
🇺🇸 fbarela	2026-01-25 03:00:09 (4 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-01-08 11:44:33 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.212 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 08 06:44:27.542283 2026] [security2:error] [pid 29336:tid 29336] [client 65.111.14.212:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sistememail.com"] [uri "/.git/HEAD"] [unique_id "aV-Ym6kzZDwd9ibdSSyCdAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-30 18:31:01 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.212 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 13:30:36.549237 2025] [security2:error] [pid 4644:tid 4644] [client 65.111.14.212:53355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.patrickodougherty.com"] [uri "/.env"] [unique_id "aVQaTLrZElBoGgVVTDFpWwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 LTM	2025-12-30 07:20:01 (5 months ago)	WebServer - Attempts to exploit	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:53:34 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.212 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:53:31.394595 2025] [security2:error] [pid 12628:tid 12628] [client 65.111.14.212:12267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "openheartwellness.com"] [uri "/.git/HEAD"] [unique_id "aVIJSyfUd2AC3mNsbodHOQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:16:08 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.212 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:16:03.487847 2025] [security2:error] [pid 22836:tid 22836] [client 65.111.14.212:31467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "modmove.com"] [uri "/.git/HEAD"] [unique_id "aVIAg98rU2f6Y4f4mQ7wHQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-23 10:48:30 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-26 03:46:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.212 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:45:58.159075 2025] [security2:error] [pid 3030:tid 3030] [client 65.111.14.212:40019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chapa.net"] [uri "/.env"] [unique_id "aSZ39kn4GgEUDZ7kekO6kwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 19:01:24 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:02:13	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇿 178.90.249.140

🇺🇸 150.107.38.181

🇮🇳 116.73.240.134

🇧🇷 35.247.236.41

🇧🇷 205.210.31.232

🇺🇸 195.184.76.135

🇺🇸 192.241.165.245

🇮🇶 185.166.25.150

🇩🇪 139.59.208.49

🇫🇷 84.247.128.250

🇫🇷 79.143.178.15

🇯🇵 20.243.208.191

🇺🇿 5.133.121.104

🇵🇰 223.123.41.69

🇺🇸 205.210.31.69

🇺🇸 136.118.141.62

🇬🇧 94.5.176.133

🇷🇴 92.118.39.236

🇫🇷 83.171.226.124

🇩🇪 64.188.83.134