JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.11.238

65.111.11.238 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.11.238

Whois 65.111.11.238

IP Abuse Reports for 65.111.11.238:

This IP address has been reported a total of 37 times from 15 distinct sources. 65.111.11.238 was first reported on June 26th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-06 19:05:06 (1 month ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇪🇸 10dencehispahard SL	2025-12-29 09:35:48 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-12-15 16:49:18 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-08 14:33:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.238 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 09:33:48.722351 2025] [security2:error] [pid 17286:tid 17286] [client 65.111.11.238:12153] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "smartstylehair.com"] [uri "/.svn/wc.db"] [unique_id "aTbhzJCBte24kVGqqK0BdwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2025-12-08 04:48:31 (6 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 10:53:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.238 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 05:53:12.104274 2025] [security2:error] [pid 1142:tid 1142] [client 65.111.11.238:52293] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carl-fink.name"] [uri "/.svn/wc.db"] [unique_id "aTQLGLY6trxOgpIKH1EDBQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 17:00:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.238 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 12:00:37.245320 2025] [security2:error] [pid 314:tid 314] [client 65.111.11.238:21835] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bernescobar.com"] [uri "/.env"] [unique_id "aTMPtZtYPN4TBuQWPwC_0AAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:09:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.238 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:09:54.959299 2025] [security2:error] [pid 7614:tid 7614] [client 65.111.11.238:20645] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "murciafm.com"] [uri "/.svn/wc.db"] [unique_id "aTKvcjCUSqRGzdA2mXlW-QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 02:16:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.238 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 21:16:48.062651 2025] [security2:error] [pid 21823:tid 21823] [client 65.111.11.238:14505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "owlcapone.com"] [uri "/.svn/wc.db"] [unique_id "aTJAkEqSsI1Bj1Sht0jcQwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 ALPHANET	2025-12-03 02:15:02 (6 months ago)	Botnet or web spider not respecting robots.txt	DDoS Attack Exploited Host
🇺🇸 TPI-Abuse	2025-11-27 20:38:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.238 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 15:38:37.597414 2025] [security2:error] [pid 10797:tid 10797] [client 65.111.11.238:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cloudex.click"] [uri "/.git/HEAD"] [unique_id "aSi2ze4sXDXzuozNgXm0bwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-01 01:21:47 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.01 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.01 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-29 14:24:24 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-28 19:48:54 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.28 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.28 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-22 01:08:05 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.22 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.22 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 138.68.238.72

🇧🇫 102.179.163.152

🇺🇸 66.132.186.166

🇳🇱 45.148.10.147

🇺🇸 20.65.193.206

🇦🇷 190.196.250.35

🇿🇦 105.184.188.77

🇸🇦 93.178.24.129

🇩🇪 92.208.68.120

🇸🇦 82.197.58.135

🇺🇸 50.116.49.221

🇦🇺 40.82.214.8

🇬🇧 35.203.210.96

🇨🇳 14.103.117.75

🇺🇸 2607:f8b0:4001:c1c::120

🇧🇴 190.129.122.12

🇦🇷 186.132.172.49

🇹🇭 167.179.242.178

🇺🇸 149.88.105.238

🇱🇹 141.98.10.162