JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.110.40.245

65.110.40.245 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 100%: ?

100%

ISP	OCTOPUS WEB SOLUTION INC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS22295
Domain Name	ows.us
Country	🇺🇸 United States of America
City	North Kansas City, Missouri

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.110.40.245

Whois 65.110.40.245

IP Abuse Reports for 65.110.40.245:

This IP address has been reported a total of 49 times from 35 distinct sources. 65.110.40.245 was first reported on June 24th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-25 22:00:53 (1 hour ago)	Auto-ban: >3000 req/min op 2026-06-25	Web App Attack SSH Hacking
🇫🇷 GoodOldTOS	2026-06-25 12:32:05 (11 hours ago)	Highly suspect IP	Hacking Web App Attack
🇬🇧 Celtic	2026-06-25 11:16:44 (12 hours ago)	Blocked by Fail2Ban with Jail (plesk-apache)	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-25 10:05:26 (13 hours ago)	(mod_security) mod_security (id:210492) triggered by 65.110.40.245 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.110.40.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 06:05:19.999727 2026] [security2:error] [pid 30004:tid 30004] [client 65.110.40.245:47212] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.aquadom.aguasolar.com"] [uri "/.env.local.save"] [unique_id "ajz9XwWbC4s8GNJxbhQc4AAAAJQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 07:20:36 (16 hours ago)	(mod_security) mod_security (id:210492) triggered by 65.110.40.245 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.110.40.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 03:20:32.304575 2026] [security2:error] [pid 24152:tid 24152] [client 65.110.40.245:26104] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.tinseltownartificials.com"] [uri "/.env.production.copy"] [unique_id "ajzWwJvKtRpnPlFL_J04IgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-25 06:13:38 (17 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 05:01:46 (18 hours ago)	(mod_security) mod_security (id:210492) triggered by 65.110.40.245 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.110.40.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 01:01:39.408351 2026] [security2:error] [pid 30550:tid 30550] [client 65.110.40.245:35680] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "burningdownthevillger.com.tremulant.com"] [uri "/.env.swp"] [unique_id "ajy2M4TW0uXKmGNmV6EqRgAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 NoaQT	2026-06-25 04:04:25 (19 hours ago)	2026-06-25T04:04:24.152773+00:00 ingress-1 haproxy[290]: 65.110.40.245:36732 [25/Jun/2026:04:04:24.1 ... show more 2026-06-25T04:04:24.152773+00:00 ingress-1 haproxy[290]: 65.110.40.245:36732 [25/Jun/2026:04:04:24.152] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 194/193/0/0/0 0/0 "GET /gcp-credentials.json HTTP/1.1" 2026-06-25T04:04:24.152798+00:00 ingress-1 haproxy[290]: 65.110.40.245:36678 [25/Jun/2026:04:04:24.152] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 194/193/0/0/0 0/0 "GET /service-account.json HTTP/1.1" 2026-06-25T04:04:24.152835+00:00 ingress-1 haproxy[290]: 65.110.40.245:36740 [25/Jun/2026:04:04:24.152] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 194/193/0/0/0 0/0 "GET /gcp-service-account.json HTTP/1.1" 2026-06-25T04:04:24.152959+00:00 ingress-1 haproxy[290]: 65.110.40.245:36752 [25/Jun/2026:04:04:24.152] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 194/193/0/0/0 0/0 "GET /firebase.json HTTP/1.1" 2026-06-25T04:04:24.152993+00:00 ingress-1 haproxy[290]: 65.110.40.245:36756 [25/Jun/2026:04:04:24.152] https_in~ https_in/<NOSRV> 0/-1/-1/ ... show less	DDoS Attack
🇲🇾 Rizzy	2026-06-25 02:32:38 (21 hours ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 02:18:16 (21 hours ago)	(mod_security) mod_security (id:210492) triggered by 65.110.40.245 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.110.40.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 22:18:13.202060 2026] [security2:error] [pid 20766:tid 20766] [client 65.110.40.245:10048] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.nancybcatering.com"] [uri "/.env.local.backup"] [unique_id "ajyP5W6_zSoGkHNm3JRNqQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 WebNiraj	2026-06-25 02:16:26 (21 hours ago)	(mod_security) mod_security (id:949110) triggered by 65.110.40.245 (CA/Canada/-): 5 in the last 3600 ... show more (mod_security) mod_security (id:949110) triggered by 65.110.40.245 (CA/Canada/-): 5 in the last 3600 secs [SIGMA] show less	Brute-Force
Anonymous	2026-06-25 02:15:46 (21 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 65.110.40.245 (US/United States/-)	SQL Injection
🇱🇻 garmtech.com	2026-06-25 01:50:26 (22 hours ago)	Attempted access to sensitive endpoint (/.env.backup) detected. Automated scan or unauthorized probi ... show more Attempted access to sensitive endpoint (/.env.backup) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇩🇪 raph	2026-06-25 00:58:22 (23 hours ago)	[URL BRUTE-FROCE] >50 404 in <1 min	Brute-Force Bad Web Bot Web App Attack
🇺🇸 its101	2026-06-25 00:50:06 (23 hours ago)	Automated detection by LockdownAccess security system. Attack type(s): framework_probe, config_probe ... show more Automated detection by LockdownAccess security system. Attack type(s): framework_probe, config_probe, env_grab. Reason: Nginx: env_grab attack. Path targeted: unknown. Blocked in Cloudflare. show less	Web App Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 181.140.16.227

🇮🇳 103.187.78.189

🇷🇺 87.103.242.123

🇫🇮 80.223.163.253

🇺🇸 48.211.210.115

🇺🇸 44.209.40.191

🇺🇸 44.163.13.161

🇬🇧 35.203.211.247

🇵🇾 181.123.62.210

🇺🇸 147.185.132.156

🇰🇷 125.130.102.172

🇧🇷 45.229.91.34

🇺🇸 44.63.136.233

🇳🇱 176.65.139.181

🇺🇸 44.95.96.141

🇮🇩 182.253.156.173

🇧🇷 143.255.4.136

🇳🇱 91.92.40.6

🇺🇸 44.69.121.173

🇺🇸 34.174.49.100