JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.14.96

65.111.14.96 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.14.96

Whois 65.111.14.96

IP Abuse Reports for 65.111.14.96:

This IP address has been reported a total of 32 times from 21 distinct sources. 65.111.14.96 was first reported on June 20th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Lino Project	2026-04-02 08:20:57 (2 months ago)	65.111.14.96 - - [02/Apr/2026:10:20:56 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6555 "https: ... show more 65.111.14.96 - - [02/Apr/2026:10:20:56 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6555 "https://www.primobio.it/mio-account/?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-11 17:31:54 (2 months ago)	Forum/form spam	Web Spam
Anonymous	2026-02-07 13:56:06 (3 months ago)	Forum/form spam	Web Spam
Anonymous	2026-01-14 19:26:21 (4 months ago)	Forum/form spam	Web Spam
🇬🇧 openstrike.co.uk	2025-12-18 08:53:47 (5 months ago)	9 packets to port 2083	Port Scan
🇦🇺 MAGIC	2025-12-07 00:09:12 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-25 04:34:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.96 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:34:10.183814 2025] [security2:error] [pid 7020:tid 7020] [client 65.111.14.96:47133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.venegas.info"] [uri "/.svn/wc.db"] [unique_id "aSUxwqr_Ucvxmqe0PlSW2AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:16:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.96 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:16:46.744238 2025] [security2:error] [pid 27207:tid 27207] [client 65.111.14.96:12167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gdg1.bizecomm.com"] [uri "/.git/HEAD"] [unique_id "aSUtrlGtSYpAa7kmZl6BIAAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:58:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.96 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:57:58.954432 2025] [security2:error] [pid 13895:tid 13920] [client 65.111.14.96:23939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.cocoonprojects.com"] [uri "/.env"] [unique_id "aSUpRsqATJ-N2rrGOLZy1QAAAVc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:26:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.14.96 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.14.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:26:29.826629 2025] [security2:error] [pid 659:tid 659] [client 65.111.14.96:54361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.londongroup.info"] [uri "/.git/HEAD"] [unique_id "aSUFxRjSw2DjajBh-PeLzwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 techboy117	2025-11-14 00:11:07 (6 months ago)	Blocking due to password spraying.	Brute-Force
🇫🇮 as211431.net	2025-11-05 16:37:31 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /user/register/ UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-10-29 12:02:01 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-18 08:32:42 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.217

🇹🇼 198.235.24.68

🇹🇼 198.235.24.39

🇹🇼 198.235.24.37

🇨🇳 58.208.84.103

🇺🇸 18.119.209.50

🇧🇪 198.235.24.252

🇧🇪 198.235.24.247

🇧🇪 198.235.24.244

🇸🇪 195.178.191.5

🇸🇬 165.154.236.104

🇺🇸 162.216.150.169

🇺🇸 147.185.132.10

🇧🇩 123.49.38.114

🇳🇱 89.248.168.227

🇨🇦 85.217.149.71

🇳🇱 72.56.83.173

🇺🇸 63.247.70.217

🇸🇬 47.79.51.20

🇹🇭 43.173.249.11