JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.10.148

65.111.10.148 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.10.148

Whois 65.111.10.148

IP Abuse Reports for 65.111.10.148:

This IP address has been reported a total of 53 times from 25 distinct sources. 65.111.10.148 was first reported on June 27th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-08 22:53:49 (4 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-07 06:20:45 (1 month ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-03-15 04:03:12 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 mind5t0rm	2026-02-27 00:02:13 (3 months ago)	(XMLRPC) WP XMLPRC Attack 65.111.10.148 (US/United States/-): 3 in the last 3600 secs; Ports: ; Dir ... show more (XMLRPC) WP XMLPRC Attack 65.111.10.148 (US/United States/-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 65.111.10.148 - - [27/Feb/2026:07:02:08 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "-" "curl/8.6.0" 65.111.10.148 - - [27/Feb/2026:07:02:09 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "-" "curl/7.88.1" 65.111.10.148 - - [27/Feb/2026:07:02:09 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "-" "curl/7.88.1" show less	Port Scan
Anonymous	2026-02-18 08:41:24 (3 months ago)	Forum/form spam	Web Spam
🇹🇷 rtbh.com.tr	2026-02-13 20:11:35 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇬🇧 relianoid.com	2026-02-13 17:06:58 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2026-02-13 08:09:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.10.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.10.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:09:50.264038 2026] [security2:error] [pid 7822:tid 7822] [client 65.111.10.148:54137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "labcomputers.com"] [uri "/site/.git/config"] [unique_id "aY7cTnkSTHLfKl_IfU3StgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:36:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.10.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.10.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:36:11.640896 2026] [security2:error] [pid 20782:tid 20782] [client 65.111.10.148:26401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kv-10.com"] [uri "/.env.staging"] [unique_id "aY7Ua2d65yu0QBON-hZ-rQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:02:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.10.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.10.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:02:50.554448 2026] [security2:error] [pid 30046:tid 30046] [client 65.111.10.148:51559] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kooroshvaziri.com"] [uri "/admin/.git/config"] [unique_id "aY6-ilrSMUH-krEkijffngAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:48:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.10.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.10.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:48:30.920909 2026] [security2:error] [pid 20592:tid 20592] [client 65.111.10.148:59867] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kim-porter.com"] [uri "/app/.env"] [unique_id "aY6fDvcjcSVZpZmf_zzrEwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:14:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.10.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.10.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:13:57.222559 2026] [security2:error] [pid 9200:tid 9200] [client 65.111.10.148:40803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keeftone.com"] [uri "/new/.git/config"] [unique_id "aY6I5Z21nZGPG9J-BK5ddAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ghostwarriors	2026-02-13 01:50:10 (3 months ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ksol-hostmaster	2026-02-13 01:21:11 (3 months ago)	2026/02/13 02:21:11 [error] 79785#100654: 2642089 access forbidden by rule, client: 65.111.10.148, ... show more 2026/02/13 02:21:11 [error] 79785#100654: 2642089 access forbidden by rule, client: 65.111.10.148, server: karolyimusic.com, request: "GET /.env.production HTTP/1.1", host: "karolyimusic.com" ... show less	Web Spam
🇺🇸 TPI-Abuse	2026-02-13 00:48:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.10.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.10.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 19:48:45.059409 2026] [security2:error] [pid 26884:tid 26884] [client 65.111.10.148:16841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kamrynbever.com"] [uri "/.env"] [unique_id "aY507XLdrRw7FlxGOKztnwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 107.150.103.155

🇮🇹 2a00:1450:4025:1805::12c

🇺🇸 172.174.165.3

🇨🇳 171.36.6.241

🇫🇷 128.78.190.104

🇻🇳 113.164.66.10

🇳🇱 103.161.34.59

🇨🇳 101.126.81.213

🇲🇾 47.250.80.121

🇺🇸 20.127.195.254

🇩🇪 217.154.173.63

🇨🇴 201.233.145.101

🇲🇽 201.149.53.243

🇬🇧 193.163.125.143

🇨🇱 181.42.137.130

🇺🇸 165.154.172.249

🇸🇬 103.189.235.114

🇺🇸 91.230.168.83

🇨🇳 14.103.117.173

🇰🇭 202.79.29.108