JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.1.245

65.111.1.245 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.1.245

Whois 65.111.1.245

IP Abuse Reports for 65.111.1.245:

This IP address has been reported a total of 26 times from 14 distinct sources. 65.111.1.245 was first reported on July 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-03-30 06:09:35 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇫🇷 masterguru	2026-03-28 09:39:10 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.1.245 (US/United States/-): 1 in the la ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.1.245 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇺🇸 TPI-Abuse	2026-02-24 00:21:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 19:21:06.598234 2026] [security2:error] [pid 2499:tid 2499] [client 65.111.1.245:31443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "auction.beercanisland.com"] [uri "/.git/config"] [unique_id "aZzu8uJBTr0qBFnHlo4SUQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-02-18 22:16:54 (3 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇦🇺 oncord	2026-01-30 13:22:44 (4 months ago)	Form spam	Web Spam
🇱🇻 garmtech.com	2026-01-16 23:54:07 (4 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-54.65.111.1.245.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-54.65.111.1.245.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-01-11 17:08:55 (4 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-08.65.111.1.245.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-08.65.111.1.245.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇳🇱 MM-bot	2026-01-01 06:24:24 (5 months ago)	URL-probe: HTTP/1.1 GET request on /Telerik.Web.UI.WebResource.axd (2026-01-01 07:24:24 UTC+1)	Hacking Web App Attack
🇺🇸 RLDD	2025-11-23 06:39:48 (6 months ago)	WP probing -nov	Web App Attack
🇺🇸 oncord	2025-11-19 23:10:01 (6 months ago)	Form spam	Web Spam
Anonymous	2025-11-16 22:36:24 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-11 04:44:34 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.11 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.11 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-10 20:18:48 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 65.111.1.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 65.111.1.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 15:18:40.740114 2025] [security2:error] [pid 28883:tid 28883] [client 65.111.1.245:48491] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|timbrazier.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "timbrazier.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRJIoMqeGR-gA5_a2AE-XgAAAAc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 kjaerulff	2025-11-10 11:22:34 (6 months ago)	Failed Wordpress login using xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2025-11-10 08:11:20 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 65.111.1.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 65.111.1.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 03:11:16.212759 2025] [security2:error] [pid 24257:tid 24257] [client 65.111.1.245:60649] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|iberhome.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "iberhome.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aRGeJMO75SjhGFAlfUAqgQAAABI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 188.40.219.135

🇮🇳 157.119.202.205

🇺🇸 3.144.153.69

🇺🇸 206.221.176.152

🇹🇷 185.153.231.44

🇷🇺 109.195.179.94

🇮🇳 103.221.250.202

🇧🇪 34.156.166.229

🇹🇷 2a09:bac5:58bd:d2d::150:b4

🇺🇸 2a03:2880:f36c:8d:face:b00c:0:2

🇺🇸 2607:f8b0:400e:c05::121

🇩🇪 193.124.20.253

🇺🇸 107.170.247.81

🇺🇸 20.168.7.21

🇺🇸 216.180.246.231

🇨🇭 209.99.191.19

🇧🇷 177.38.71.226

🇺🇸 167.71.105.12

🇲🇦 81.192.46.49

🇺🇸 66.118.239.7