JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.2.145

65.111.2.145 was found in our database!

This IP was reported 46 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.2.145

Whois 65.111.2.145

IP Abuse Reports for 65.111.2.145:

This IP address has been reported a total of 46 times from 15 distinct sources. 65.111.2.145 was first reported on June 27th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-13 13:41:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:41:47.261933 2026] [security2:error] [pid 30720:tid 30754] [client 65.111.2.145:38793] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lead-sleds.com"] [uri "/.env.local"] [unique_id "aY8qG3LiWKzp-rMQ30LzvAAAAMI"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 Anytech	2026-02-13 12:48:36 (3 months ago)	CrowdSec detected: crowdsecurity/http-sensitive-files	Brute-Force Web App Attack
🇩🇪 Bedios GmbH	2026-02-13 09:06:59 (3 months ago)	Login credentials theft attempt	Hacking
🇺🇸 TPI-Abuse	2026-02-13 07:56:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:56:47.385822 2026] [security2:error] [pid 28480:tid 28480] [client 65.111.2.145:16451] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "melkanbassil.com"] [uri "/.git/config"] [unique_id "aY7ZP3ahhBeZnSqqMQW0MwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:10:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:10:13.053184 2026] [security2:error] [pid 2726661:tid 2726661] [client 65.111.2.145:63521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcefa.org"] [uri "/api/.env"] [unique_id "aY7ARd-zxWpozvvYqTTUfQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:58:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:58:18.726763 2026] [security2:error] [pid 2282752:tid 2282752] [client 65.111.2.145:44079] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "masterpiecemorgans.com"] [uri "/new/.git/config"] [unique_id "aY6vanbLBkL6B8jvtBfZLAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:16:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:16:08.266630 2026] [security2:error] [pid 19515:tid 19515] [client 65.111.2.145:52865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marcedinc.com"] [uri "/backup/.git/config"] [unique_id "aY6XeHODLNnmF4epHbdeOwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 02:06:43 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:52:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:52:03.637116 2026] [security2:error] [pid 1638267:tid 1638267] [client 65.111.2.145:31169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cottrillcyclodyne.com"] [uri "/.env"] [unique_id "aY4FM6UAU7GxJsgZj1A_EAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 15:42:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:41:15.905061 2026] [security2:error] [pid 26289:tid 26289] [client 65.111.2.145:59003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daytonabluemetallic.com"] [uri "/.git/config"] [unique_id "aY30m23sUixQbMRQcItLtQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 07:56:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 02:56:31.522959 2026] [security2:error] [pid 27198:tid 27250] [client 65.111.2.145:57867] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gabegabel.com"] [uri "/.env.staging"] [unique_id "aYw2L3rO574nMe2r4B6WLwAAAoM"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 bcsaba	2026-01-09 01:46:15 (4 months ago)	Joomla spam 65.111.2.145 - - [09/Jan/2026:01:15:24 +0100] "GET /index.php?option=com_easyblog&view=d ... show more Joomla spam 65.111.2.145 - - [09/Jan/2026:01:15:24 +0100] "GET /index.php?option=com_easyblog&view=dashboard&layout=write HTTP/1.1" 404 789 "https://REDACTED" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" show less	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-31 01:01:06 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-25 04:09:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:09:45.485641 2025] [security2:error] [pid 10031:tid 10031] [client 65.111.2.145:38761] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edmontonbuilder.com.weyoungrenovations.com"] [uri "/.svn/wc.db"] [unique_id "aSUsCfiy_kQHOhI5lfUUiAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:37:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:37:24.107174 2025] [security2:error] [pid 20825:tid 20825] [client 65.111.2.145:17711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.existentialfiction.com"] [uri "/.env"] [unique_id "aSUkdNeIQ0Vr1cEDZvyrFwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 46 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.241.177.22

🇳🇱 89.190.156.9

🇺🇸 64.95.14.236

🇺🇸 64.94.156.237

🇩🇪 51.89.39.36

🇷🇴 2.57.121.112

🇮🇳 182.95.173.34

🇱🇧 178.135.16.78

🇯🇵 172.104.105.194

🇻🇳 103.186.101.237

🇬🇧 86.142.68.209

🇨🇦 69.49.112.68

🇺🇸 64.94.159.243

🇨🇳 220.181.108.91

🇺🇸 209.87.169.80

🇮🇳 110.225.255.179

🇺🇸 107.173.172.142

🇧🇬 79.124.56.182

🇳🇱 45.148.10.152

🇲🇺 197.225.146.23