JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.11.35

65.111.11.35 was found in our database!

This IP was reported 57 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.11.35

Whois 65.111.11.35

IP Abuse Reports for 65.111.11.35:

This IP address has been reported a total of 57 times from 29 distinct sources. 65.111.11.35 was first reported on July 12th 2024, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 4server	2026-06-25 22:13:41 (9 hours ago)	[FriJun2600:13:35.4692682026][security2:error][pid1432289:tid1432298][client65.111.11.35:0]ModSecuri ... show more [FriJun2600:13:35.4692682026][security2:error][pid1432289:tid1432298][client65.111.11.35:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"www.giuristifriburgo.ch\"][uri\"/xmlrpc.php\"][unique_id\"aj2oDwohKkc3BX9m2RmWJQAAAIc\"] show less	Hacking Web App Attack
🇫🇮 inlink.ltd	2026-05-19 22:30:40 (1 month ago)	Known malicious PHP file or CMS probe	Web App Attack
🇪🇸 librebit	2026-05-17 03:56:30 (1 month ago)	Brute force	Brute-Force
🇱🇻 garmtech.com	2026-04-15 02:48:55 (2 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-48.65.111.11.35.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-48.65.111.11.35.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 oralunal	2026-03-09 10:53:32 (3 months ago)	IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds ...	Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-02-15 12:12:29 (4 months ago)	. Matched phrase "/.env" at REQUEST_URI. (210492-123)	Web App Attack
🇺🇸 mnsf	2026-02-15 06:06:38 (4 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:32:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.35 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:32:04.439691 2026] [security2:error] [pid 1388:tid 1388] [client 65.111.11.35:60039] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "surprise-bonus.com"] [uri "/site/.git/config"] [unique_id "aZFaVNRsRUIfHRu2tl5YNAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:19:34 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.35 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:19:30.688972 2026] [security2:error] [pid 1627:tid 1627] [client 65.111.11.35:44861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "straypointers.com"] [uri "/frontend/.env"] [unique_id "aZFJUoMjbYZlojCy2Qr8GwAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 04:02:12 (4 months ago)	Try to access /api/.env	Web App Attack
🇩🇪 Carsten	2026-02-15 02:02:54 (4 months ago)	GET [.env.save]	Port Scan
🇺🇸 TPI-Abuse	2026-02-15 01:55:52 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.35 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:55:47.139422 2026] [security2:error] [pid 26943:tid 26943] [client 65.111.11.35:50485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mydobdate.com"] [uri "/dev/.git/config"] [unique_id "aZEno27wwxVA3YXE4enT3gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:38:52 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.35 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:38:48.372895 2026] [security2:error] [pid 4684:tid 4684] [client 65.111.11.35:34547] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mvpbees.com"] [uri "/backup/.git/config"] [unique_id "aZEjqJnT7Feb6_0wG6GL8QAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:19:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.35 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:18:58.986223 2026] [security2:error] [pid 21467:tid 21467] [client 65.111.11.35:44491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mumawvickers.com"] [uri "/admin/.env"] [unique_id "aZEfAlGPG_7Aty63PLH1sgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:58:52 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.35 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:58:47.388887 2026] [security2:error] [pid 4944:tid 4944] [client 65.111.11.35:53503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lunginjurylaw.com"] [uri "/config/.env"] [unique_id "aZEaR9pIjc3FkWDGuSsYuQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 57 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇭 2001:4454:1da:ad00:110:a42f:3bc1:7787

🇺🇸 193.56.116.131

🇭🇰 172.253.5.17

🇨🇳 171.37.190.157

🇺🇸 162.216.149.247

🇨🇳 139.9.191.197

🇺🇸 91.230.168.1

🇺🇸 43.135.134.180

🇻🇳 42.96.20.16

🇯🇵 20.243.208.191

🇸🇦 212.215.235.108

🇪🇨 205.235.2.176

🇭🇰 199.45.154.150

🇺🇸 162.216.150.233

🇺🇸 147.185.132.225

🇺🇸 147.182.177.180

🇩🇪 139.19.117.197

🇺🇸 91.230.168.14

🇳🇱 45.148.10.157

🇷🇺 45.91.64.7