JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.4.112

65.111.4.112 was found in our database!

This IP was reported 62 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.4.112

Whois 65.111.4.112

IP Abuse Reports for 65.111.4.112:

This IP address has been reported a total of 62 times from 21 distinct sources. 65.111.4.112 was first reported on June 27th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Bedios GmbH	2026-06-14 14:28:57 (2 days ago)	SQL backup theft attempt	Hacking
🇩🇪 FeG Deutschland	2026-06-11 11:36:26 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇩🇪 bescared	2026-04-19 08:06:00 (1 month ago)	Malicious activity detected: URL probing.	Bad Web Bot Web App Attack Hacking
Anonymous	2026-03-25 14:44:04 (2 months ago)	Forum/form spam	Web Spam
🇦🇺 MAGIC	2026-02-23 00:45:57 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-13 13:51:23 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:51:15.459003 2026] [security2:error] [pid 2983559:tid 2983559] [client 65.111.4.112:45889] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leagueloch.com"] [uri "/frontend/.env"] [unique_id "aY8sUx8GQE4BB73Pq7nj8gAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 09:10:00 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:09:52.804947 2026] [security2:error] [pid 7200:tid 7332] [client 65.111.4.112:44669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "metropaint.net"] [uri "/backend/.env"] [unique_id "aY7qYHLNZktt2VIeVivBIAAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:50:44 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:50:38.927499 2026] [security2:error] [pid 23185:tid 23197] [client 65.111.4.112:46761] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "metabotic.com"] [uri "/.env.local"] [unique_id "aY7l3kKMgqDnCKBKPq-WRAAAAMk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:44:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:44:39.212023 2026] [security2:error] [pid 8128:tid 8128] [client 65.111.4.112:15757] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medcoarabia.com"] [uri "/api/.git/config"] [unique_id "aY7IVy8JZTNlKEwYa6kzEgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:06:51 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:06:45.134243 2026] [security2:error] [pid 6379:tid 6379] [client 65.111.4.112:12201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mccachren.org"] [uri "/app/.env"] [unique_id "aY6_dfvhvlsKiRt5znfoogAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:58:31 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:58:27.235450 2026] [security2:error] [pid 10456:tid 10456] [client 65.111.4.112:62665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mastersonsmotel.ca"] [uri "/frontend/.env"] [unique_id "aY6vczgTEgqKrYTGDaF1cwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:24:11 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:24:08.699482 2026] [security2:error] [pid 14424:tid 14424] [client 65.111.4.112:39759] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mardensmith.com"] [uri "/site/.git/config"] [unique_id "aY6ZWCOYKTLVQr-ClifnxAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 03:06:40 (4 months ago)	Scanning/Probing (26)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:33:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:33:07.907406 2026] [security2:error] [pid 1783227:tid 1783242] [client 65.111.4.112:23375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "managementconsultantcertification.com"] [uri "/api/.env"] [unique_id "aY6NYyWC_k-0Ydu5YHbZNQAAAIs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:55:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:55:30.905311 2026] [security2:error] [pid 2471444:tid 2471444] [client 65.111.4.112:29523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "majersigns.com"] [uri "/admin/.env"] [unique_id "aY6EksuRwggZeSS0vU13sQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 62 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 176.91.149.52

🇺🇸 156.232.13.161

🇰🇷 120.29.140.188

🇸🇬 118.194.234.8

🇰🇷 116.125.120.27

🇺🇸 2607:f8b0:4001:c32::121

🇰🇷 218.148.128.100

🇬🇧 193.8.186.31

🇷🇴 92.118.39.62

🇫🇷 91.196.152.91

🇫🇷 85.217.140.11

🇳🇱 80.82.77.139

🇺🇸 74.82.47.27

🇺🇸 66.45.236.66

🇩🇪 43.228.157.10

🇬🇧 2a06:4880:6000::7a

🇸🇻 179.5.178.94

🇹🇷 176.55.138.246

🇮🇳 162.216.140.5

🇨🇳 124.90.54.88