JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.5.2

65.111.5.2 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.5.2

Whois 65.111.5.2

IP Abuse Reports for 65.111.5.2:

This IP address has been reported a total of 42 times from 18 distinct sources. 65.111.5.2 was first reported on July 7th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-06 19:07:45 (1 month ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇳🇱 Savvii	2026-03-23 04:08:11 (2 months ago)	20 attempts against mh_ha-misbehave-ban on sonic	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:24:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:23:59.327040 2026] [security2:error] [pid 32630:tid 304] [client 65.111.5.2:11131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "layoverlocations.com"] [uri "/v2/.git/config"] [unique_id "aY8l7z1fK48W5T6p33ORCwAAAko"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:45:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:45:39.732742 2026] [security2:error] [pid 12998:tid 12998] [client 65.111.5.2:27551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medgi.co"] [uri "/backend/.env"] [unique_id "aY7IkyxN7neVC4R9Sftk_wAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:09:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:09:42.519383 2026] [security2:error] [pid 1343541:tid 1343541] [client 65.111.5.2:52427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mathieu.bouville.name"] [uri "/.git/config"] [unique_id "aY6yFosRnBs8_fB84gfyfQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-13 04:42:07 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 65.111.5.2 (US/United States/-): 1 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 65.111.5.2 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:38:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:38:05.635630 2026] [security2:error] [pid 2402611:tid 2402611] [client 65.111.5.2:44563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "masalamadrid.com"] [uri "/api/.env"] [unique_id "aY6qrV1C8yT0c4xncfRwpwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:47:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:47:35.325552 2026] [security2:error] [pid 26573:tid 26573] [client 65.111.5.2:18291] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mark.rawlings.name"] [uri "/config/.env"] [unique_id "aY6e11IwuXujNnbooRPiRgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:48:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:48:27.903846 2026] [security2:error] [pid 5526:tid 5526] [client 65.111.5.2:31907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "manichri.com"] [uri "/api/.git/config"] [unique_id "aY6Q--S7zCIXFvMv-QQxFQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:18:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:18:14.679691 2026] [security2:error] [pid 17773:tid 17773] [client 65.111.5.2:45695] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magicalgirlcrafts.com"] [uri "/config/.env"] [unique_id "aY571jipmWZ_SYCNAQb3TgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 19:53:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 14:53:07.378423 2026] [security2:error] [pid 10621:tid 10668] [client 65.111.5.2:14463] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "humaehealth.com"] [uri "/.git/config"] [unique_id "aY4vo2Z4KG2OdMP9ZDzLmgAAAJI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:53:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:53:22.919263 2026] [security2:error] [pid 2250:tid 2250] [client 65.111.5.2:41525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dmasoftlab.com"] [uri "/.env"] [unique_id "aY4Tkj6uvA9k278oevFNsQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:25:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:25:02.014696 2026] [security2:error] [pid 26791:tid 26791] [client 65.111.5.2:36279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dealconsultingllc.com"] [uri "/.env"] [unique_id "aY4M7lOEJoRaAitHerV7HgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:23:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:23:51.530920 2026] [security2:error] [pid 5815:tid 5815] [client 65.111.5.2:48959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drgracetomastolentino.com"] [uri "/.git/config"] [unique_id "aY3-l4n7oXHLbw8ekfOwGAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.150.254.32

🇷🇺 185.16.214.226

🇵🇭 119.92.70.82

🇫🇷 62.171.142.254

🇧🇪 34.156.240.52

🇺🇸 198.98.56.227

🇳🇬 197.211.59.225

🇬🇧 195.206.182.199

🇷🇴 193.32.162.211

🇮🇩 180.241.36.253

🇰🇷 175.198.62.180

🇫🇷 141.94.27.49

🇵🇭 124.217.115.151

🇻🇳 103.200.24.17

🇱🇹 81.30.98.49

🇫🇷 51.68.111.243

🇭🇰 47.238.112.123

🇻🇳 203.171.29.193

🇱🇹 188.69.225.188

🇺🇸 184.105.139.89