JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.8.140

65.111.8.140 was found in our database!

This IP was reported 52 times. Confidence of Abuse is 28%: ?

28%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.8.140

Whois 65.111.8.140

IP Abuse Reports for 65.111.8.140:

This IP address has been reported a total of 52 times from 19 distinct sources. 65.111.8.140 was first reported on June 27th 2024, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-07 04:14:44 (8 hours ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇩🇪 findlab	2026-06-05 12:00:01 (2 days ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇫🇷 ELYAZ	2026-06-01 23:52:26 (5 days ago)	(y4) Failed scan -byebye- from 65.111.8.140 (US/United States/-): (CF_ENABLE)	Hacking
🇫🇷 ELYAZ	2026-05-29 21:14:16 (1 week ago)	(y4) Failed scan -byebye- from 65.111.8.140 (US/United States/-): (CF_ENABLE)	Hacking
Anonymous	2026-05-28 19:41:13 (1 week ago)	[server.tmg.gr] httpd-login-spray-site: sites=aidshep2019.gr; logs=/var/log/httpd/domains/aidshep201 ... show more [server.tmg.gr] httpd-login-spray-site: sites=aidshep2019.gr; logs=/var/log/httpd/domains/aidshep2019.gr.log; samples=site_wide=true \| distinct_ips=33 \| /wp-login.php show less	Hacking Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 nowyouknow	2026-02-27 03:25:15 (3 months ago)	(From [email protected]) Stop Wasting Ad Spend: Get Real, Targeted Traffic Tired of low-qu ... show more (From [email protected]) Stop Wasting Ad Spend: Get Real, Targeted Traffic Tired of low-quality traffic? Join GTC and start getting 100% targeted, real visitors who are actively searching for your offer. Boost your conversions and grow your business the smart way. Click to Join & Get Targeted Clicks Today! ----> https://morewebtraffic.online/ show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2025-12-28 00:46:23 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 19:46:18.851964 2025] [security2:error] [pid 2354:tid 2365] [client 65.111.8.140:48099] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anthonydalessandro.com"] [uri "/.env"] [unique_id "aVB92n4T1ps4-roqqvo-bAAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2025-12-27 19:04:02 (5 months ago)	trolling for resource vulnerabilities	Web App Attack
🇪🇸 el-brujo	2025-12-26 06:00:20 (5 months ago)	Cloudflare WAF: Request Path: /.svn/wc.db Request Query: Host: hwagm.elhacker.net userAgent: Mozill ... show more Cloudflare WAF: Request Path: /.svn/wc.db Request Query: Host: hwagm.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15 Action: block Source: firewallManaged ASN Description: DREI-K-TECH-GMBH Country: US Method: GET Timestamp: 2025-12-26T06:00:20Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇮🇹 VHosting	2025-12-23 19:30:16 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-08 22:19:51 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 06:37:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:37:21.048425 2025] [security2:error] [pid 16825:tid 16891] [client 65.111.8.140:48409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.newports.net"] [uri "/.git/HEAD"] [unique_id "aSagIYpGi0qyZ6NgFD3JcwAAAIk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:15:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:15:08.535042 2025] [security2:error] [pid 31733:tid 31733] [client 65.111.8.140:37183] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.decisionsciencetutorials.com"] [uri "/.svn/wc.db"] [unique_id "aSaa7J96FbAQaFO_iQZ75QAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:31:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:31:07.402490 2025] [security2:error] [pid 26990:tid 26990] [client 65.111.8.140:46689] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.drjaymissdiana.com"] [uri "/.env"] [unique_id "aSaQmyx50OY3XOs9vs4OsgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 52 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 164.90.185.157

🇺🇸 65.49.1.139

🇳🇱 45.148.10.183

🇦🇷 190.220.172.154

🇫🇷 161.97.84.188

🇺🇸 159.89.48.89

🇺🇸 152.32.205.184

🇨🇳 111.47.32.240

🇷🇴 92.118.39.236

🇸🇪 82.209.191.11

🇺🇸 66.132.186.177

🇺🇸 2604:a880:400:d1:0:4:8bf2:1001

🇬🇧 178.128.36.92

🇨🇦 178.93.201.29

🇺🇸 173.252.69.115

🇺🇸 162.216.150.47

🇺🇸 162.216.18.113

🇺🇸 143.198.180.183

🇺🇸 143.198.133.74

🇧🇷 138.255.157.62