JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.8.38

65.111.8.38 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.8.38

Whois 65.111.8.38

IP Abuse Reports for 65.111.8.38:

This IP address has been reported a total of 31 times from 14 distinct sources. 65.111.8.38 was first reported on July 13th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-13 23:21:45 (3 weeks ago)	RDWeb scan	Web App Attack
Anonymous	2026-04-12 15:43:23 (1 month ago)	Forum/form spam	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-02-16 03:57:37 (3 months ago)	Forum/form spam	Web Spam
Anonymous	2026-01-13 18:31:00 (4 months ago)	Forum/form spam	Web Spam
🇬🇧 relianoid.com	2026-01-10 04:26:49 (4 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:58:00 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 myagent.site	2025-12-09 05:55:22 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-08 17:32:44 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.38 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 12:32:39.852486 2025] [security2:error] [pid 28680:tid 28680] [client 65.111.8.38:39431] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "texasfurnitureinc.com"] [uri "/.git/HEAD"] [unique_id "aTcLt1sADUXq66AMwLIppwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 11:25:37 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.38 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 06:25:34.304864 2025] [security2:error] [pid 10307:tid 10307] [client 65.111.8.38:58483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "socconstruction.com"] [uri "/.env"] [unique_id "aTa1rqufvouruynhX__EMgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 20:56:29 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.38 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 15:56:23.495145 2025] [security2:error] [pid 8047:tid 8047] [client 65.111.8.38:37003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "luxandunion.com"] [uri "/.svn/wc.db"] [unique_id "aTXp95XXq-4UEOzi8XjlUQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 18:59:02 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.38 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 13:58:55.762101 2025] [security2:error] [pid 29646:tid 29646] [client 65.111.8.38:20941] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vaccines4all.net"] [uri "/.git/HEAD"] [unique_id "aTR87zPcqIqJx3YyXn1hygAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 16:24:12 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.38 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 11:24:05.446625 2025] [security2:error] [pid 6324:tid 6324] [client 65.111.8.38:12579] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "suntanner.net"] [uri "/.git/HEAD"] [unique_id "aTRYpUIjQShf2U1tfH62JAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 13:14:00 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.38 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 08:13:54.824507 2025] [security2:error] [pid 12106:tid 12106] [client 65.111.8.38:16581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hyps.net"] [uri "/.env"] [unique_id "aTQsEmnQPzR8R4vUiJWztwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 17:07:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.38 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 12:07:19.310937 2025] [security2:error] [pid 26048:tid 26048] [client 65.111.8.38:45811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "churchbehindthewalls.com"] [uri "/.svn/wc.db"] [unique_id "aTMRR232n-A0LKr2xRuqggAAADA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 2620:171:f:f001:9999::112

🇲🇽 187.140.5.12

🇰🇷 175.202.18.33

🇵🇱 95.214.53.157

🇺🇸 31.105.193.154

🇻🇳 27.71.230.31

🇺🇸 216.73.217.42

🇰🇪 197.248.159.62

🇺🇸 172.98.188.138

🇺🇸 158.94.187.225

🇺🇸 107.172.14.120

🇮🇳 103.216.145.2

🇺🇸 64.95.9.255

🇺🇸 31.98.216.145

🇩🇪 213.209.159.56

🇩🇪 212.30.36.116

🇲🇽 177.229.197.38

🇭🇰 146.70.79.47

🇸🇬 118.194.235.16

🇫🇷 109.199.110.135