JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.2.169

65.111.2.169 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.2.169

Whois 65.111.2.169

IP Abuse Reports for 65.111.2.169:

This IP address has been reported a total of 25 times from 14 distinct sources. 65.111.2.169 was first reported on July 9th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇷 setupgr	2026-06-25 03:17:53 (3 days ago)	(mod_security) mod_security (id:900001) triggered by 65.111.2.169 (US/United States/Virginia/Ashburn ... show more (mod_security) mod_security (id:900001) triggered by 65.111.2.169 (US/United States/Virginia/Ashburn/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 25 06:17:50.597135 2026] [security2:error] [pid 358185:tid 358278] [client 65.111.2.169:46755] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: villa-izabela.com"] [severity "CRITICAL"] [tag "security"] [hostname "villa-izabela.com"] [uri "/wp-login.php"] [unique_id "ajyd3jpPCootS5mrGd6cnQAAAYQ"], referer: https://villa-izabela.com/wp-login.php show less	Port Scan
🇦🇺 RedBear IT	2026-03-26 10:00:37 (3 months ago)	"DDoS against public endpoint"	DDoS Attack
🇳🇱 i-turnradio.nl	2026-01-07 14:55:57 (5 months ago)	2026-01-07 @ 15:55:57 (CET) ~ Blocked based on risk assessment and prior abuse reports	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:58:40 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-11-30 20:24:46 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 02:24:54 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:24:46.495806 2025] [security2:error] [pid 11049:tid 11049] [client 65.111.2.169:58411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hrmroofing.wholesalelivelobsters.com"] [uri "/.env"] [unique_id "aSZk7hlfvmP53W_tHN1tlwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:03:12 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:03:05.047953 2025] [security2:error] [pid 4344:tid 4344] [client 65.111.2.169:27621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.lexingtonlimobus.com"] [uri "/.git/HEAD"] [unique_id "aSZRyfq7s1QgRpT_J1unowAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:23:08 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:23:03.831383 2025] [security2:error] [pid 911805:tid 911805] [client 65.111.2.169:24413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.albioncapitalfund.com"] [uri "/.git/HEAD"] [unique_id "aSVLR8nvNy0pzqc0sRiTggAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:56:23 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:56:18.959875 2025] [security2:error] [pid 9726:tid 9726] [client 65.111.2.169:26449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.michaelholdaway.com"] [uri "/.env"] [unique_id "aSU28hcZCJHtsu67dl5a9QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:01:58 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:01:46.034424 2025] [security2:error] [pid 15589:tid 15626] [client 65.111.2.169:47323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.newleafpro.com"] [uri "/.git/HEAD"] [unique_id "aSUcGiIjVFKa_KFJ49hxvQAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:41:51 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:41:37.039272 2025] [security2:error] [pid 7825:tid 7825] [client 65.111.2.169:34935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.gdg1.com"] [uri "/.svn/wc.db"] [unique_id "aSUXYZ-YoaJDuly6nUOkDQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:23:23 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:23:16.428168 2025] [security2:error] [pid 8542:tid 8542] [client 65.111.2.169:48187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fluff.infolinkqr.com"] [uri "/.svn/wc.db"] [unique_id "aSUTFAZUK35y7ETF-aIsBAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:23:56 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:23:52.193712 2025] [security2:error] [pid 25564:tid 25564] [client 65.111.2.169:58261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.seese.us"] [uri "/.git/HEAD"] [unique_id "aSUFKJKOljJE1ZbMPolvMwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:47:58 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:47:30.019592 2025] [security2:error] [pid 21276:tid 21276] [client 65.111.2.169:34809] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.davidharrisgriffith.com"] [uri "/.git/HEAD"] [unique_id "aSQbosOgHZe0_4WpNElZFgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 03:06:57 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 45.79.109.130

🇺🇸 167.172.142.198

🇮🇹 151.115.165.172

🇺🇸 147.182.183.153

🇮🇩 103.155.47.50

🇺🇸 45.130.83.77

🇰🇷 43.155.134.4

🇺🇸 216.26.224.5

🇩🇪 209.50.184.13

🇺🇸 209.50.172.207

🇺🇸 209.50.171.90

🇸🇪 185.217.1.242

🇺🇸 152.32.182.41

🇩🇪 65.111.30.245

🇳🇱 45.148.10.152

🇩🇪 45.135.141.21

🇺🇸 45.3.39.131

🇮🇳 223.29.201.213

🇭🇰 168.76.131.178

🇮🇳 103.214.132.11