JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.2.248

65.111.2.248 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.2.248

Whois 65.111.2.248

IP Abuse Reports for 65.111.2.248:

This IP address has been reported a total of 49 times from 18 distinct sources. 65.111.2.248 was first reported on May 30th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇿 Yunasai	2026-06-13 08:11:00 (6 days ago)	connected to my MEGA account spying on my uploaded videos and pictures	Hacking
🇬🇧 openstrike.co.uk	2026-02-19 06:13:22 (4 months ago)	23 attacks on VC URLs, password grabbing URLs, env grabbing URLs: GET /new/.git/config HTTP/1.1 GET ... show more 23 attacks on VC URLs, password grabbing URLs, env grabbing URLs: GET /new/.git/config HTTP/1.1 GET /.aws/credentials HTTP/1.1 GET /config/.env HTTP/1.1 show less	Hacking
🇺🇸 TPI-Abuse	2026-02-19 03:55:49 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:55:44.932490 2026] [security2:error] [pid 23461:tid 23461] [client 65.111.2.248:21673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnairdwoodworking.com"] [uri "/.env"] [unique_id "aZaJwN_iDqeiewWDTeSzLAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:40:44 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:40:40.329766 2026] [security2:error] [pid 27467:tid 27467] [client 65.111.2.248:55981] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "killeenbarrelsandtotes.com"] [uri "/v2/.git/config"] [unique_id "aZaGOMnyrUGBFPKxWAcLvgAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:55:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:55:25.629608 2026] [security2:error] [pid 17464:tid 17464] [client 65.111.2.248:56053] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kelting.net"] [uri "/api/.env"] [unique_id "aZZ7nYRLLklwjepghHFZAAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 19:57:49 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 14:57:45.309215 2026] [security2:error] [pid 1288110:tid 1288116] [client 65.111.2.248:51773] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "toughcatcompany.com"] [uri "/.git/config"] [unique_id "aZYZue9F_c7x5Ag_cn9YtgAAAUI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dbmwebdesign	2026-02-18 13:35:53 (4 months ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:21:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:21:08.747595 2026] [security2:error] [pid 25816:tid 25816] [client 65.111.2.248:37787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weavergroup.us"] [uri "/dev/.git/config"] [unique_id "aZWutC6kk6sWfzDxfbGItgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:39:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:39:38.427331 2025] [security2:error] [pid 14544:tid 14544] [client 65.111.2.248:44327] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "representacionesthompson.com"] [uri "/.env"] [unique_id "aS9qqjzPVX80-OW3V9O4_wAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:11:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:11:39.852897 2025] [security2:error] [pid 3361:tid 3361] [client 65.111.2.248:55293] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dougrhodes.com"] [uri "/.env"] [unique_id "aS8569T_8WakcjZSOUPkNAAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:42:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:42:02.290590 2025] [security2:error] [pid 3659:tid 3659] [client 65.111.2.248:21493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "10bestrestaurants.com"] [uri "/.git/HEAD"] [unique_id "aS8IykOXLiKZ2v1WwdtsTQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:45:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:45:17.233898 2025] [security2:error] [pid 27343:tid 27343] [client 65.111.2.248:32057] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ginaotto.com"] [uri "/.git/HEAD"] [unique_id "aS6ZDUZuupV9F2I4uxCWVAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 06:05:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 01:05:22.508964 2025] [security2:error] [pid 7193:tid 7193] [client 65.111.2.248:46673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "guitarwisdom.com"] [uri "/.svn/wc.db"] [unique_id "aS6BonED6eW__xSmO2dfWgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:24:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:24:21.574021 2025] [security2:error] [pid 26399:tid 26409] [client 65.111.2.248:32469] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dasperformance.com"] [uri "/.env"] [unique_id "aS54BUhlTJHE6APNwDEnkAAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:09:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.2.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:09:20.810091 2025] [security2:error] [pid 16561:tid 16561] [client 65.111.2.248:59365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mplsmedia.com"] [uri "/.svn/wc.db"] [unique_id "aS5mcHI2DoynWt6249ZvnAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.197

🇨🇷 190.112.222.28

🇺🇸 156.146.39.94

🇨🇳 47.93.233.71

🇳🇱 45.148.10.141

🇺🇸 44.215.219.236

🇳🇬 41.242.115.83

🇬🇧 35.203.211.220

🇨🇳 27.43.207.170

🇺🇸 195.184.76.59

🇸🇪 155.212.111.158

🇨🇳 111.228.0.205

🇱🇹 81.30.98.49

🇬🇧 35.203.210.196

🇧🇷 131.161.249.165

🇨🇳 120.48.123.76

🇮🇷 85.198.19.251

🇺🇸 66.132.172.112

🇺🇸 64.62.197.32

🇺🇸 45.156.129.81