JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.3.168

65.111.3.168 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.3.168

Whois 65.111.3.168

IP Abuse Reports for 65.111.3.168:

This IP address has been reported a total of 32 times from 14 distinct sources. 65.111.3.168 was first reported on June 27th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 LotPhantom	2026-04-10 20:25:14 (1 month ago)	2026/04/10 20:25:14 [error] 510848#510848: 5036 connect() failed (111: Connection refused) while co ... show more 2026/04/10 20:25:14 [error] 510848#510848: 5036 connect() failed (111: Connection refused) while connecting to upstream, client: 65.111.3.168, server: wynnesmiles.com, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:4001/", host: "wynnesmiles.com" ... show less	Web App Attack
🇺🇸 oncord	2026-04-06 06:41:54 (2 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-12 04:33:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 23:33:02.304798 2026] [security2:error] [pid 3803:tid 3803] [client 65.111.3.168:38721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arthynatarajan.com"] [uri "/.git/config"] [unique_id "aY1X_tU9GeQCLUavW88mSwAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 23:21:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 18:21:30.090528 2026] [security2:error] [pid 14218:tid 14241] [client 65.111.3.168:52325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arizonasolutionsgroup.com"] [uri "/.env.save"] [unique_id "aY0O-vvIjo78ljAEn4CJ_AAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:10:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:10:16.072251 2026] [security2:error] [pid 24120:tid 24120] [client 65.111.3.168:37401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anthraxbook.com"] [uri "/api/.env"] [unique_id "aYtKWFsJWZUP1MqvmxhYbAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:56:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:56:37.845133 2026] [security2:error] [pid 16753:tid 16753] [client 65.111.3.168:9887] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kiubo.net"] [uri "/new/.git/config"] [unique_id "aYqsdSyE_nMjAPSiayF3DQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:28:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:28:39.570701 2026] [security2:error] [pid 10966:tid 10966] [client 65.111.3.168:12223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirklandplumbing.ca"] [uri "/backup/.git/config"] [unique_id "aYql5-i4cyLJO2GN8opcxgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:21:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:21:05.496810 2026] [security2:error] [pid 25919:tid 25919] [client 65.111.3.168:42411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kim-porter.com"] [uri "/v2/.git/config"] [unique_id "aYqWEdEVJRc_9HI62zA4oQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:54:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:54:23.679782 2026] [security2:error] [pid 18472:tid 18472] [client 65.111.3.168:54811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kenmalone.com"] [uri "/.env.production"] [unique_id "aYpzr5gMVkn4OHY9FdiKTQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:33:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:33:17.353817 2026] [security2:error] [pid 14649:tid 14649] [client 65.111.3.168:19627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kaylamaclaincounseling.com"] [uri "/admin/.env"] [unique_id "aYpgraB0gkRrpXlxMvi6XwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:12:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.3.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:12:43.340636 2026] [security2:error] [pid 3317:tid 3317] [client 65.111.3.168:16375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karieva.com"] [uri "/admin/.env"] [unique_id "aYpNy8KpQJwxgRQFyho59AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-17 05:50:36 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.17 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.17 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-13 16:59:39 (6 months ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.11.13 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.11.13 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-08 19:15:48 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.08 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.08 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-02 16:54:35 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:02:52	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.65

🇮🇶 185.56.194.87

🇧🇷 69.6.251.43

🇻🇪 186.14.169.199

🇧🇷 152.32.200.243

🇯🇵 103.163.220.234

🇻🇳 103.131.71.158

🇻🇳 103.131.71.143

🇻🇳 103.131.71.54

🇱🇹 45.227.254.170

🇮🇪 2a05:d018:10df:d401:3709:4f60:c72f:4f74

🇲🇾 2a02:4780:5c:2154:0:c8c:e7a1:1

🇻🇳 180.93.43.225

🇳🇱 156.255.1.208

🇺🇸 149.18.11.176

🇱🇹 141.98.9.121

🇳🇱 45.148.10.151

🇺🇸 43.162.98.142

🇨🇦 204.50.21.67

🇬🇧 193.163.125.21