JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.7.1

65.111.7.1 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.7.1

Whois 65.111.7.1

IP Abuse Reports for 65.111.7.1:

This IP address has been reported a total of 55 times from 20 distinct sources. 65.111.7.1 was first reported on June 28th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-02 19:16:47 (2 months ago)	Forum/form spam	Web Spam
🇳🇱 jjnxpct	2026-02-16 04:54:25 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /dev/.git/config (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
Anonymous	2026-02-15 13:18:11 (3 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:37:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:37:16.708969 2026] [security2:error] [pid 27412:tid 27412] [client 65.111.7.1:47231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pascoyardsale.com"] [uri "/app/.env"] [unique_id "aZG9_CP2nUS-MsY69_gv2AAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 DocNetzwerk	2026-02-15 12:25:52 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 65.111.7.1 (US/United States/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-15 11:30:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:30:51.720343 2026] [security2:error] [pid 27820:tid 27820] [client 65.111.7.1:49785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ozera.com"] [uri "/app/.env"] [unique_id "aZGuayTC_gLFr6Cz2DybKAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 10:58:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 05:58:21.115647 2026] [security2:error] [pid 22465:tid 22465] [client 65.111.7.1:26283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "osmansirel.com"] [uri "/config/.env"] [unique_id "aZGmzVR4KoNiB-yhTjgb9AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Swiptly	2026-02-15 06:37:19 (3 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:14:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:14:46.884069 2026] [security2:error] [pid 28204:tid 28204] [client 65.111.7.1:40339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "schunagroup.com"] [uri "/admin/.git/config"] [unique_id "aZFkVvLawZXFytytmx-JVQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:07:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:07:23.124807 2026] [security2:error] [pid 25143:tid 25143] [client 65.111.7.1:32387] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "octitlerep.com"] [uri "/.env"] [unique_id "aZFUi_R9thpICqhk7o0fPAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:13:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:12:59.241539 2026] [security2:error] [pid 11620:tid 11620] [client 65.111.7.1:56325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "samelsner.com"] [uri "/app/.env"] [unique_id "aZFHy8gRH6IMtmF-kosXDQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 04:05:57 (3 months ago)	Too many Status 40X (11) Scanning/Probing (11)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:11:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:10:59.506526 2026] [security2:error] [pid 19196:tid 19196] [client 65.111.7.1:46699] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "njoyquilts.com"] [uri "/admin/.env"] [unique_id "aZE5QwTF-lLTQ7clLL4TogAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:18:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:18:33.620862 2026] [security2:error] [pid 26344:tid 26344] [client 65.111.7.1:50079] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "platinumkissband.com"] [uri "/config/.env"] [unique_id "aZEs-X1YRKNGc5SJazFzXQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 01:54:44 (3 months ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 223.228.247.68

🇮🇳 113.193.234.210

🇳🇱 45.148.10.240

🇰🇷 218.156.38.44

🇺🇸 206.0.65.68

🇧🇪 198.235.24.226

🇲🇰 185.226.0.83

🇺🇸 172.93.103.2

🇧🇷 170.238.160.191

🇺🇸 162.216.150.192

🇩🇪 162.158.94.181

🇻🇳 160.30.137.84

🇨🇳 121.40.50.132

🇮🇳 117.252.240.73

🇮🇩 103.214.112.253

🇳🇱 93.174.95.106

🇩🇪 69.5.169.246

🇺🇸 64.62.156.141

🇺🇸 64.62.156.66

🇰🇪 41.139.183.135