JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.7.137

65.111.7.137 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.7.137

Whois 65.111.7.137

IP Abuse Reports for 65.111.7.137:

This IP address has been reported a total of 48 times from 21 distinct sources. 65.111.7.137 was first reported on May 31st 2024, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-16 01:48:47 (1 hour ago)	Web App Attack	Web App Attack
🇱🇻 garmtech.com	2026-04-23 10:20:13 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 13-20.65.111.7.137.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 13-20.65.111.7.137.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇪🇸 10dencehispahard SL	2026-01-16 08:16:03 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇫🇷 mrcrassi	2025-12-08 02:27:27 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-07 22:41:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.137 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 17:41:37.190372 2025] [security2:error] [pid 3130:tid 3130] [client 65.111.7.137:44829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whmlradio.com"] [uri "/.env"] [unique_id "aTYCoUJ8E78IL5DlowAObQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 13:54:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.137 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 08:54:54.037202 2025] [security2:error] [pid 1937:tid 1937] [client 65.111.7.137:44923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "primecomputer.net"] [uri "/.svn/wc.db"] [unique_id "aTQ1rpvPsK5cQQf3QF41HAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:21:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.137 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:21:31.165752 2025] [security2:error] [pid 13688:tid 13688] [client 65.111.7.137:41231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mindchill.net"] [uri "/.git/HEAD"] [unique_id "aTQRu4uMUJIGn0h8qLPgOAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 02:50:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.137 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 21:50:42.446434 2025] [security2:error] [pid 15747:tid 15747] [client 65.111.7.137:38479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cafelimelight.info"] [uri "/.env"] [unique_id "aTOaAg3jgpfhcTx-fZVaNQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:43:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.137 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:43:24.830938 2025] [security2:error] [pid 29051:tid 29051] [client 65.111.7.137:21425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "handshadowpuppets.com"] [uri "/.env"] [unique_id "aTK3TDY7gafO-ll7giNTcQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:33:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.137 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:33:47.027406 2025] [security2:error] [pid 11119:tid 11119] [client 65.111.7.137:58477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "metcomarine.com"] [uri "/.env"] [unique_id "aTJuu7RMBd6sAirUKM2uggAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 02:47:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.7.137 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.7.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 21:47:13.750001 2025] [security2:error] [pid 5498:tid 5503] [client 65.111.7.137:50529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aafmglobal.com"] [uri "/.svn/wc.db"] [unique_id "aTJHsW7X3fCXD5Yl2i58bwAAAMM"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2025-12-05 00:27:13 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
Anonymous	2025-12-02 16:08:29 (6 months ago)	botnet	DDoS Attack
🇭🇺 zolav8	2025-11-10 01:16:20 (7 months ago)	SQL injection / web attack attempt	Hacking SQL Injection

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.198

🇺🇸 192.3.16.60

🇳🇱 160.119.76.48

🇨🇱 216.155.93.75

🇫🇮 204.168.240.142

🇳🇱 178.16.54.237

🇩🇪 167.94.146.49

🇺🇸 156.235.89.153

🇧🇩 103.135.252.20

🇸🇬 47.84.100.21

🇮🇱 46.116.145.8

🇭🇰 38.76.171.153

🇺🇸 35.239.152.182

🇺🇸 3.21.52.165

🇺🇸 2607:f8b0:4001:c20::125

🇲🇽 187.191.48.24

🇺🇸 151.246.207.37

🇫🇮 147.185.133.182

🇫🇷 141.101.68.59

🇰🇷 110.10.176.24