JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.14.84

65.111.14.84 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.14.84

Whois 65.111.14.84

IP Abuse Reports for 65.111.14.84:

This IP address has been reported a total of 23 times from 13 distinct sources. 65.111.14.84 was first reported on July 3rd 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 debestelapp	2026-05-18 11:16:45 (3 weeks ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-02-24 06:18:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 01:18:19.782478 2026] [security2:error] [pid 32755:tid 32755] [client 65.111.14.84:63387] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "professionalpianomoversinc.com.anthonyanimalclinic.net"] [uri "/.git/config"] [unique_id "aZ1Cq7sk_6IpYzQaddksdgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-24 01:17:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 20:17:22.927411 2026] [security2:error] [pid 15448:tid 15484] [client 65.111.14.84:47505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deathbyaudiostore.killerrockandroll.com"] [uri "/.git/config"] [unique_id "aZz8IsgHPOXsGaJnhuCVJgAAAYI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 10:26:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 05:26:16.034922 2026] [security2:error] [pid 19782:tid 19782] [client 65.111.14.84:45357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "support.alitcogroup.com"] [uri "/.git/config"] [unique_id "aZwrSOJ_6rDkzVKE9FiCwQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (5 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇮🇳 Mcshield.org	2025-12-01 07:32:08 (6 months ago)	POST /HNAP1/ or /shell login attempt - Mirai	Port Scan Web App Attack SSH
Anonymous	2025-11-30 19:52:42 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-25 07:25:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:25:13.849138 2025] [security2:error] [pid 27082:tid 27082] [client 65.111.14.84:52535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.flavornet.org"] [uri "/.git/HEAD"] [unique_id "aSVZ2dKy_OwqObck3rlMcQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:28:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:28:26.201941 2025] [security2:error] [pid 25036:tid 25036] [client 65.111.14.84:17039] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.staben.com"] [uri "/.git/HEAD"] [unique_id "aSVMivjdrgeoNUgy-9UpnwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2025-11-24 00:36:01 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 fbarela	2025-11-07 07:00:47 (7 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇩🇪 ISPLtd	2025-10-25 04:25:07 (7 months ago)	Oct 25 01:25:06 65.111.14.84 TCP SPT=37319 DPT=22 SYN ...	Port Scan SSH
Anonymous	2025-10-18 08:56:41 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2025-10-16 09:30:52 (7 months ago)	GlobalProtect login attempts with user christiandali.	VPN IP Brute-Force
Anonymous	2025-10-16 09:10:51 (7 months ago)	[redacted] 65.111.14.84 - - [16/Oct/2025:11:10:16 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mo ... show more [redacted] 65.111.14.84 - - [16/Oct/2025:11:10:16 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (iPad; CPU OS 12_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1" [redacted] 65.111.14.84 - - [16/Oct/2025:11:10:18 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_5; en-us) AppleWebKit/533.19.4 (KHTML, like Gecko) Version/5.0.3 Safari/533.19.4" [redacted] 65.111.14.84 - - [16/Oct/2025:11:10:18 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Linux x86_64) AppleWebKit/538.19 (KHTML, like Gecko) JavaFX/8.0 Safari/538.19" [redacted] 65.111.14.84 - - [16/Oct/2025:11:10:37 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0" [redacted] 65.111.14.84 - - [16/Oct/2025:11:10:39 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "- ... show less	Hacking Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 123.30.50.154

🇹🇷 212.87.199.64

🇨🇳 157.18.14.15

🇧🇩 103.143.0.35

🇨🇳 101.126.85.58

🇺🇸 69.175.92.29

🇺🇸 66.132.172.189

🇺🇸 64.225.126.190

🇭🇰 43.132.227.251

🇧🇷 205.210.31.246

🇺🇸 205.210.31.35

🇹🇼 198.235.24.79

🇳🇱 185.223.235.48

🇨🇳 183.197.177.149

🇸🇬 172.253.211.25

🇩🇪 167.94.146.54

🇨🇱 148.227.115.175

🇩🇪 102.220.160.160

🇸🇬 101.47.158.137

🇫🇷 91.231.89.169