JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.4.94

65.111.4.94 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.4.94

Whois 65.111.4.94

IP Abuse Reports for 65.111.4.94:

This IP address has been reported a total of 29 times from 13 distinct sources. 65.111.4.94 was first reported on June 28th 2024, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-05 17:06:17 (9 hours ago)	Scanning/Probing (34)	Brute-Force Web App Attack
Anonymous	2026-04-11 17:01:10 (1 month ago)	Forum/form spam	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-13 23:47:12 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-12 08:45:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.94 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 03:44:56.347275 2026] [security2:error] [pid 32350:tid 32350] [client 65.111.4.94:24085] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aschmidtconsulting.com"] [uri "/wp/.git/config"] [unique_id "aY2TCFBQX_slOAagOAgqcwAAADY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 21:00:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.94 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 15:59:58.242601 2026] [security2:error] [pid 5326:tid 5378] [client 65.111.4.94:12335] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ardentsi.com"] [uri "/api/.git/config"] [unique_id "aYztzv2kGrnOESJX597AGgAAARc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:14:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.94 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:13:58.706999 2026] [security2:error] [pid 3151:tid 3151] [client 65.111.4.94:42409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ichi51e.net"] [uri "/dev/.git/config"] [unique_id "aYqwhu3to0gNdmaqBfapjwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:21:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.94 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:21:19.891156 2026] [security2:error] [pid 16565:tid 16583] [client 65.111.4.94:22279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keetons.net"] [uri "/new/.git/config"] [unique_id "aYpr75LZUbR28tGicLQ1hAAAAEs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:01:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.94 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:01:54.318783 2026] [security2:error] [pid 29135:tid 29135] [client 65.111.4.94:34107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kdgsf.xyz"] [uri "/.env.production"] [unique_id "aYpnYlc1Ci4CM-gxNF81HAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 22:05:30 (3 months ago)	Blocking for trying to access an exploit file: /.env.staging	Hacking
🇺🇸 TPI-Abuse	2026-02-09 21:08:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.4.94 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.4.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:08:39.731682 2026] [security2:error] [pid 19918:tid 19918] [client 65.111.4.94:17359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karenbernsteinlaw.net"] [uri "/test/.git/config"] [unique_id "aYpM10InR3jISJ1wWOEx4wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 20:06:42 (3 months ago)	Blocking for trying to access an exploit file: /app/.git/config	Hacking
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:00:51 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-11-14 17:41:14 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-02 19:28:58 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:10:49	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 80.91.79.223

🇮🇳 180.149.246.86

🇲🇾 47.250.43.129

🇩🇪 45.13.186.32

🇬🇧 31.14.254.6

🇻🇳 27.79.46.13

🇬🇧 2a06:4880:2000::34

🇬🇧 193.32.209.228

🇨🇳 180.76.176.249

🇳🇱 178.62.213.252

🇳🇱 176.65.139.229

🇩🇪 176.65.132.76

🇧🇴 161.138.94.143

🇱🇹 81.30.98.142

🇱🇹 81.30.98.62

🇬🇧 35.203.211.3

🇳🇱 20.71.254.235

🇨🇦 209.235.136.136

🇪🇹 196.189.236.216

🇦🇷 190.111.226.20