JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.8.173

65.111.8.173 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.8.173

Whois 65.111.8.173

IP Abuse Reports for 65.111.8.173:

This IP address has been reported a total of 27 times from 17 distinct sources. 65.111.8.173 was first reported on July 13th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-05-22 23:21:00 (2 weeks ago)		Web Spam
🇩🇪 FeG Deutschland	2026-05-10 16:14:08 (3 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇺🇸 windowsforum	2026-03-27 12:12:13 (2 months ago)	Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, username=PaulGellat	Web Spam Bad Web Bot
Anonymous	2026-03-17 03:05:08 (2 months ago)	Forum/form spam	Web Spam
🇦🇺 MAGIC	2026-03-03 01:50:31 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 oncord	2026-01-14 05:37:36 (4 months ago)	Form spam	Web Spam
🇨🇭 backslash	2026-01-10 01:55:04 (4 months ago)		Web Spam
🇺🇸 TPI-Abuse	2025-12-28 03:04:09 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.173 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 22:04:01.015222 2025] [security2:error] [pid 12856:tid 12856] [client 65.111.8.173:25031] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "804websolutions.com"] [uri "/.svn/wc.db"] [unique_id "aVCeIW7esbcq5S_zFYY54QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 23:18:13 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.173 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:18:09.096772 2025] [security2:error] [pid 3783:tid 3783] [client 65.111.8.173:47057] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dbt4me.com"] [uri "/.env"] [unique_id "aVBpMZ6C9F7u4QS9_znvlgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 22:46:49 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.173 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 17:46:44.661345 2025] [security2:error] [pid 26645:tid 26645] [client 65.111.8.173:19147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "endemic.com"] [uri "/.env"] [unique_id "aVBh1LN4PpJDEOu6wu4niwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 21:23:24 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.173 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:23:16.297322 2025] [security2:error] [pid 4095:tid 4095] [client 65.111.8.173:11741] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "directoryofbikes.com"] [uri "/.svn/wc.db"] [unique_id "aVBORKsioY2_MKTGHJ9uyQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 20:31:57 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.173 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 15:31:52.504748 2025] [security2:error] [pid 27432:tid 27432] [client 65.111.8.173:38245] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "flowergirlbaskets.com"] [uri "/.svn/wc.db"] [unique_id "aVBCOKKq4-wxKOS_dn5UdwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 19:25:21 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.173 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 14:25:13.359774 2025] [security2:error] [pid 24303:tid 24303] [client 65.111.8.173:19817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "b9k9.com"] [uri "/.env"] [unique_id "aVAymWntK0BZc5Rna4tXpQAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-27 14:34:32 (5 months ago)	"GET /.git/HEAD HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-26 03:56:53 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.173 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 25 22:56:44.439611 2025] [security2:error] [pid 7932:tid 7932] [client 65.111.8.173:27303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.aliciagrant.com"] [uri "/.git/HEAD"] [unique_id "aU4HfPAQ-SGfF4TulzLqzgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.160

🇳🇱 192.42.116.64

🇩🇪 185.91.127.85

🇷🇺 185.63.197.177

🇮🇶 169.224.104.153

🇫🇷 141.11.1.134

🇨🇳 123.124.24.114

🇰🇷 112.217.188.122

🇻🇳 103.172.236.15

🇨🇦 85.217.149.68

🇱🇹 85.206.68.80

🇷🇺 46.147.113.91

🇳🇱 45.148.10.151

🇬🇲 41.76.9.206

🇯🇵 34.146.217.105

🇺🇸 208.75.123.198

🇧🇿 190.197.31.203

🇺🇸 166.62.41.190

🇺🇸 146.88.241.155

🇺🇸 134.33.73.107