JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.2.245

65.111.2.245 was found in our database!

This IP was reported 46 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.2.245

Whois 65.111.2.245

IP Abuse Reports for 65.111.2.245:

This IP address has been reported a total of 46 times from 22 distinct sources. 65.111.2.245 was first reported on June 27th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nowyouknow	2026-05-04 15:16:54 (1 month ago)	(From [email protected]) Hi, Quick heads up I’ve just opened a free giveaway and res ... show more (From [email protected]) Hi, Quick heads up I’ve just opened a free giveaway and reserved your spot. Get in here before it’s full: https://suniljaindvg.systeme.io/6850adaf Takes about 10 sec. Hope you catch it, Sunil Propsting (Sunil T Jain) P.S. Don’t wait around: https://suniljaindvg.systeme.io/6850adaf If you don’t want to receive communications from me, please use the form on my website show less	Phishing Web Spam
🇨🇭 TheCoon	2026-04-21 00:30:02 (1 month ago)	Automated: Gzip bomb download attempt	Web App Attack Hacking
🇦🇺 2000cn.com.au	2026-04-18 15:50:59 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-02-15 11:24:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:24:21.869976 2026] [security2:error] [pid 21337:tid 21337] [client 65.111.2.245:22535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "owenbee.com"] [uri "/test/.git/config"] [unique_id "aZGs5bDqUO8Vo-ElqBxa4AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:06:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:06:19.334043 2026] [security2:error] [pid 2778248:tid 2778248] [client 65.111.2.245:35959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seize-the-season.com"] [uri "/.env"] [unique_id "aZGoq7CP-BqgRAbr4z8McwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:48:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:48:47.690691 2026] [security2:error] [pid 3226:tid 3226] [client 65.111.2.245:49823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sdqdesigns.com"] [uri "/.git/config"] [unique_id "aZFsT_11TcCzXKuXTWLaaQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:17:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:17:17.162934 2026] [security2:error] [pid 22763:tid 22763] [client 65.111.2.245:21111] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "promoadvocate.com"] [uri "/admin/.env"] [unique_id "aZFk7Yf9AGaiC9SZfTK63QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 Adorjan Daczo	2026-02-15 05:40:55 (3 months ago)	Probe for vulnerabilities. Path attempted: /.env.local	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:27:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:27:34.752938 2026] [security2:error] [pid 22106:tid 22168] [client 65.111.2.245:12649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prismatik.com"] [uri "/.env"] [unique_id "aZFZRshSZQInS4HdHIcLNQAAAYE"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 poundawebsiteltd	2026-02-15 04:03:49 (3 months ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 65.111.2.245 - - [15/Feb/2026:04: ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 65.111.2.245 - - [15/Feb/2026:04:03:47 +0000] GET /new/.git/config HTTP/1.1 403 213 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 show less	Web App Attack
🇷🇺 sms.ru	2026-02-15 03:55:27 (3 months ago)	/test/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:46:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:46:35.630258 2026] [security2:error] [pid 9508:tid 9508] [client 65.111.2.245:53285] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "portfoliolighting.net"] [uri "/test/.git/config"] [unique_id "aZFBm_1EYuRCowiWY242KwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 03:38:04 (3 months ago)	Bot / scanning and/or hacking attempts: GET /api/.env HTTP/1.1, GET /.env HTTP/1.1, GET /.env.stagin ... show more Bot / scanning and/or hacking attempts: GET /api/.env HTTP/1.1, GET /.env HTTP/1.1, GET /.env.staging HTTP/1.1, GET /.env.production HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:24:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:24:09.348747 2026] [security2:error] [pid 2167:tid 2219] [client 65.111.2.245:22935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nobledyn.com"] [uri "/admin/.git/config"] [unique_id "aZE8WSZIRZBCB3DKHleLRQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 03:05:47 (3 months ago)	Too many Status 40X (11) Scanning/Probing (11)	Brute-Force Web App Attack

Showing 1 to 15 of 46 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 104.155.131.104

🇷🇴 92.118.39.236

🇨🇳 14.103.95.175

🇷🇴 2.57.122.177

🇧🇷 205.210.31.240

🇨🇳 180.153.236.33

🇨🇴 179.33.210.213

🇺🇸 172.236.96.75

🇻🇺 138.226.239.11

🇺🇸 103.144.247.4

🇱🇦 103.43.76.171

🇷🇺 46.18.204.177

🇫🇮 34.88.77.195

🇺🇸 207.90.244.12

🇬🇧 193.163.125.98

🇩🇪 161.35.65.86

🇧🇷 205.210.31.234

🇧🇷 187.107.88.97

🇮🇩 182.8.97.159

🇭🇰 152.32.214.226