JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.0.180

65.111.0.180 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.0.180

Whois 65.111.0.180

IP Abuse Reports for 65.111.0.180:

This IP address has been reported a total of 24 times from 14 distinct sources. 65.111.0.180 was first reported on June 28th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-03-01 12:09:28 (3 months ago)	IM360 WAF: Attempt to upload malware	Hacking
Anonymous	2026-02-23 14:46:16 (3 months ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 19:48:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.180 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 14:48:12.040524 2026] [security2:error] [pid 717735:tid 717749] [client 65.111.0.180:38389] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gafm.org"] [uri "/admin/.git/config"] [unique_id "aYo5_Fe2saaLoPBOZVo69AAAAEM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 18:47:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.180 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 13:47:34.120257 2026] [security2:error] [pid 903363:tid 903363] [client 65.111.0.180:44553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fxbgsanta.com"] [uri "/admin/.env"] [unique_id "aYorxqGEearakIwBHlQpugAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 17:18:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.180 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 12:18:40.660842 2026] [security2:error] [pid 1240:tid 1240] [client 65.111.0.180:17183] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fullyevil.com"] [uri "/new/.git/config"] [unique_id "aYoW8NPW2gfByJ4z8PpuRgAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 12:47:06 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.180 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 07:46:59.455469 2026] [security2:error] [pid 18343:tid 18343] [client 65.111.0.180:20839] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fundingangelinvestors.com"] [uri "/.env.production"] [unique_id "aYnXQ6TESOsSUD0UUUHApwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 10:25:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.0.180 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.0.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 05:25:04.883022 2026] [security2:error] [pid 8866:tid 8866] [client 65.111.0.180:19247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gadgeteer.net"] [uri "/api/.git/config"] [unique_id "aYm2AG1MIKpGS_5X-D0mQgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-02-08 20:59:25 (4 months ago)	IM360 WAF: Laravel .env file access	Web App Attack
🇺🇸 nowyouknow	2026-01-01 15:52:54 (5 months ago)	(From [email protected]) Hello there, Instead of paying high local rates, you can outsou ... show more (From [email protected]) Hello there, Instead of paying high local rates, you can outsource digital marketing tasks to a dedicated assistant for $250/month—full-time support across SEO, Google & Meta Ads, Email Marketing, Social Media, and more. The first month is free. Submit the form below to start. Direct Google link: https://docs.google.com/forms/d/e/1FAIpQLSdfVsEbHZ8ONCILtiWxC8Nz4dMDX4XytsWbDm9ZehvJq0dshA/viewform GLE Link to Google Forms: https://forms.gle/hUcK6pGk3DeYNonL7 Short link: https://shorturl.at/sIc0l show less	Phishing Web Spam
🇮🇹 VHosting	2025-12-24 01:40:16 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 nowyouknow	2025-12-20 21:06:33 (5 months ago)	(From [email protected]) Hi there, A single qualified lead can often justify $250. F ... show more (From [email protected]) Hi there, A single qualified lead can often justify $250. For that same cost, you can have a dedicated Digital Marketing Assistant working full-time on SEO, ads, email marketing, social channels, and routine operations. Your first month is free to evaluate results. Complete the form below to claim your virtual assistant free for one month Direct Google link: https://docs.google.com/forms/d/e/1FAIpQLSc0j7_PYJOBpCDJqJEYWDUYRLFuf0fN596h51an A8k8Me0efA/viewform?usp=header GLE Link to Google Forms: https://forms.gle/4uj4nBHTiJVQooFA8 Short link: https://shorturl.at/o4IYf show less	Phishing Web Spam
🇪🇸 10dencehispahard SL	2025-11-19 08:36:36 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-11-13 23:54:58 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇧🇷 hostseries	2025-10-16 12:28:04 (8 months ago)	Trigger: LF_DISTATTACK	Brute-Force
🇨🇦 wil.com	2025-10-14 00:49:26 (8 months ago)	GlobalProtect login attempts with user ddstevens.	VPN IP Brute-Force

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 194.62.107.226

🇰🇷 175.119.225.68

🇮🇩 103.154.178.58

🇷🇺 98.98.137.74

🇷🇴 80.94.92.166

🇳🇱 45.142.193.70

🇺🇸 2607:f8b0:4001:c00::12b

🇺🇸 2001:470:1:c84::2d3

🇺🇸 185.98.169.85

🇧🇷 170.84.147.218

🇭🇰 103.106.188.32

🇮🇹 87.21.38.96

🇮🇷 85.198.19.244

🇺🇸 54.225.31.1

🇲🇾 49.124.153.29

🇳🇱 45.148.10.147

🇨🇳 222.222.73.70

🇳🇱 195.178.110.108

🇫🇷 193.32.126.233

🇵🇭 180.191.23.175