JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.8.139

65.111.8.139 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.8.139

Whois 65.111.8.139

IP Abuse Reports for 65.111.8.139:

This IP address has been reported a total of 32 times from 18 distinct sources. 65.111.8.139 was first reported on July 2nd 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Mangelot Hosting	2026-05-07 21:32:31 (1 month ago)	(bad_user_agent) srv102 Bad User-Agent 65.111.8.139 (US/United States/-): 10 in the last 3600 secs; ... show more (bad_user_agent) srv102 Bad User-Agent 65.111.8.139 (US/United States/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 fbarela	2026-01-24 22:00:59 (4 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:28 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇸🇪 Johan Finn	2025-12-02 04:01:46 (6 months ago)	malicious activity	Web App Attack
🇺🇸 TPI-Abuse	2025-11-29 01:02:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.139 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 20:02:47.057865 2025] [security2:error] [pid 14447:tid 14447] [client 65.111.8.139:53823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abramczuk.me"] [uri "/wp-config.php"] [unique_id "aSpGN1vhQO4HK6YawtKRWAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-29 00:45:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.139 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 19:45:37.700589 2025] [security2:error] [pid 6497:tid 6497] [client 65.111.8.139:37321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aboutio.com"] [uri "/.env.production"] [unique_id "aSpCMZXShS5nTO7AnzBtJgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 Gem	2025-11-28 23:12:28 (6 months ago)	Unauthorized web scan.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 16:54:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.139 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 11:53:56.468657 2025] [security2:error] [pid 3125343:tid 3125366] [client 65.111.8.139:59253] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "a2zlns.com"] [uri "/wp-config.php.old"] [unique_id "aSnTpErmOkcX0iMXjhdtmwAAANQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 13:59:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.139 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 08:59:36.199923 2025] [security2:error] [pid 8506:tid 8506] [client 65.111.8.139:25379] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "amazingwelding.com"] [uri "/.env.local"] [unique_id "aSmqyHgTL8XduD0ItzLUWQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 13:35:34 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 65.111.8.139 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 65.111.8.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 08:35:28.280125 2025] [security2:error] [pid 17172:tid 17172] [client 65.111.8.139:19693] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|amazeconsultants.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "amazeconsultants.org"] [uri "/database.sql"] [unique_id "aSmlIGmJgIgZ7q_1fz70kAAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-18 04:13:48 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.18 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.18 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-15 00:40:55 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.15 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.15 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 09:09:46 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-10 12:20:27 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.10 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.10 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-20 05:34:34 (7 months ago)	SSH BruteForce attack	SSH

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 202.29.220.106

🇻🇪 190.6.32.107

🇪🇨 186.69.247.106

🇺🇸 54.226.192.86

🇺🇸 50.116.72.133

🇩🇪 213.209.159.226

🇧🇷 201.76.120.30

🇵🇰 119.152.228.249

🇺🇸 113.20.0.58

🇱🇹 81.30.98.158

🇺🇸 66.132.186.232

🇺🇸 47.88.33.136

🇸🇬 47.84.103.153

🇩🇪 46.224.239.112

🇳🇱 45.148.10.141

🇭🇰 43.128.61.114

🇦🇺 40.127.67.83

🇮🇪 3.252.75.103

🇷🇺 217.150.76.59

🇭🇰 199.45.154.183