JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.1.237

65.111.1.237 was found in our database!

This IP was reported 45 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.1.237

Whois 65.111.1.237

IP Abuse Reports for 65.111.1.237:

This IP address has been reported a total of 45 times from 19 distinct sources. 65.111.1.237 was first reported on July 9th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-09 11:24:37 (1 month ago)	Forum/form spam	Web Spam
🇨🇭 backslash	2026-02-18 22:45:05 (3 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇳🇱 oisecnet	2026-02-15 22:00:46 (3 months ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-02-15. 24 requests from this ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-02-15. 24 requests from this IP. show less	Brute-Force Web App Attack SSH
Anonymous	2026-02-15 13:05:37 (3 months ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇨🇦 Dunham Support	2026-02-15 12:30:17 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 65.111.1.237 (US/United States/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-15 12:14:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.237 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:14:50.941189 2026] [security2:error] [pid 4370:tid 4370] [client 65.111.1.237:29943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pappakotis.net"] [uri "/test/.git/config"] [unique_id "aZG4uoB-YoykBeea7Z88EAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 11:23:44 (3 months ago)	65.111.1.237 - - [15/Feb/2026:11:23:40 +0000] "GET /.env HTTP/1.1" 302 733 "-" "Mozilla/5.0 (Windows ... show more 65.111.1.237 - - [15/Feb/2026:11:23:40 +0000] "GET /.env HTTP/1.1" 302 733 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 11:05:45 (3 months ago)	Scanning/Probing (22)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 10:56:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.237 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 05:56:31.933595 2026] [security2:error] [pid 963:tid 963] [client 65.111.1.237:17709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seekingthemind.com"] [uri "/.env.save"] [unique_id "aZGmXwSoyx6Iik6lj-ZI7wAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 06:45:21 (3 months ago)	Try to access /api/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:23:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.237 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:23:35.043618 2026] [security2:error] [pid 24013:tid 24013] [client 65.111.1.237:62543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oficinasydespachosmurcia.com"] [uri "/.env.save"] [unique_id "aZFYV9-kT4rWgTuLrakxpgAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:06:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.237 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:06:23.609180 2026] [security2:error] [pid 29691:tid 29691] [client 65.111.1.237:45911] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ocmtx.org"] [uri "/app/.env"] [unique_id "aZFUT_rVFeFNT7gRpF5_3AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:48:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.237 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:48:42.222550 2026] [security2:error] [pid 9440:tid 9440] [client 65.111.1.237:21161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sanvayu.com"] [uri "/.env.save"] [unique_id "aZFQKsW_Z0OJEiSIx3YAzwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:32:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.237 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:32:54.408766 2026] [security2:error] [pid 1326108:tid 1326108] [client 65.111.1.237:15491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nutandboltguy.com"] [uri "/site/.git/config"] [unique_id "aZFMdqUi2CKs0E8fvBJHhgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:59:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.237 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:59:06.747458 2026] [security2:error] [pid 22199:tid 22233] [client 65.111.1.237:50465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "potashbarn.com"] [uri "/.env.production"] [unique_id "aZFEir6k6LPKjSLyJxBbnAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 45 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 208.89.60.61

🇧🇬 193.24.211.107

🇭🇷 154.47.29.7

🇳🇬 102.140.97.134

🇳🇱 45.148.10.147

🇧🇷 20.206.87.81

🇹🇼 198.235.24.109

🇳🇱 193.176.31.220

🇷🇺 185.132.240.100

🇺🇸 162.216.149.198

🇨🇦 156.57.130.104

🇫🇮 147.185.133.211

🇫🇮 147.185.133.84

🇨🇳 115.190.171.196

🇳🇱 5.255.121.146

🇨🇳 223.109.252.157

🇹🇼 198.235.24.10

🇹🇷 195.175.17.246

🇮🇳 182.95.63.10

🇧🇷 177.38.71.226