JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.5.63

65.111.5.63 was found in our database!

This IP was reported 60 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.5.63

Whois 65.111.5.63

IP Abuse Reports for 65.111.5.63:

This IP address has been reported a total of 60 times from 22 distinct sources. 65.111.5.63 was first reported on July 9th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 ambor	2026-03-28 19:20:08 (2 months ago)	Honeypot triggered on tcpdata.com - Attempted to access /.env.production (config_file_probe). User-A ... show more Honeypot triggered on tcpdata.com - Attempted to access /.env.production (config_file_probe). User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36 show less	Web App Attack
🇬🇧 consul.to	2026-02-15 12:50:51 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:45:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:45:42.841694 2026] [security2:error] [pid 17746:tid 17771] [client 65.111.5.63:9923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "toastandfigs.com"] [uri "/new/.git/config"] [unique_id "aZG_9nFGPLXLwlPPyppTygAAAJM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:28:37 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:28:23.895979 2026] [security2:error] [pid 20076:tid 20076] [client 65.111.5.63:19179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title23.com"] [uri "/new/.git/config"] [unique_id "aZG755u3wtK6qMuCaR4djAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:06:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:06:28.854248 2026] [security2:error] [pid 23287:tid 23327] [client 65.111.5.63:33829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sylvestconsulting.com"] [uri "/.git/config"] [unique_id "aZFiZI6jtjP5LgwlR2nYhAAAAcY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:51:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:51:00.714283 2026] [security2:error] [pid 351332:tid 351332] [client 65.111.5.63:32775] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swetzer.net"] [uri "/api/.env"] [unique_id "aZFexAn7KOqN01xV7jiz9AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:26:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:26:01.159465 2026] [security2:error] [pid 23668:tid 23668] [client 65.111.5.63:37063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "supportourlibrary.org"] [uri "/admin/.git/config"] [unique_id "aZFY6bQ9IziUDKPsAxjpTgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:53:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:53:10.841375 2026] [security2:error] [pid 8181:tid 8181] [client 65.111.5.63:15493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "suffolksystems.com"] [uri "/backend/.env"] [unique_id "aZFRNgQ7FvWLOUAI73-UJwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 04:15:02 (3 months ago)	Bot / scanning and/or hacking attempts: GET /app/.env HTTP/1.1, GET /test/.git/config HTTP/1.1, GET ... show more Bot / scanning and/or hacking attempts: GET /app/.env HTTP/1.1, GET /test/.git/config HTTP/1.1, GET /v2/.git/config HTTP/1.1, GET /config/.env HTTP/1.1, GET /api/.git/config HTTP/1.1, GET /.env.staging HTTP/1.1, GET /admin/.env HTTP/1.1, GET /.env HTTP/1.1, GET /frontend/.env HTTP/1.1, GET /backup/.git/config HTTP/1.1, GET /dev/.git/config HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 mnsf	2026-02-15 03:05:37 (3 months ago)	Scanning/Probing (14)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:45:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:45:26.135556 2026] [security2:error] [pid 729628:tid 729628] [client 65.111.5.63:45585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sprektech.com"] [uri "/.env"] [unique_id "aZEzRjE6_TcPsLESBkdgsAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇴 INTEQ	2026-02-15 02:32:22 (3 months ago)	Web attack from 65.111.5.63	Web App Attack
🇺🇸 myagent.site	2026-02-15 01:47:19 (3 months ago)	Blocking for trying to access an exploit file: /dev/.git/config	Hacking
Anonymous	2026-02-15 01:20:54 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 65.111.5.63 (US/United States/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-15 00:30:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.5.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:30:31.805275 2026] [security2:error] [pid 28378:tid 28378] [client 65.111.5.63:12997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lozzy.net"] [uri "/.env"] [unique_id "aZETp64FLZctlYAsrcOWIwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 60 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 213.166.84.62

🇷🇴 92.118.39.236

🇷🇴 2.57.121.112

🇬🇧 217.146.80.120

🇳🇱 185.66.143.222

🇸🇬 167.71.197.124

🇳🇱 153.80.240.216

🇭🇰 103.146.159.173

🇳🇱 45.148.10.157

🇩🇪 43.165.4.2

🇬🇧 35.203.211.169

🇮🇪 2a05:d018:10df:d401:72de:825a:d2a2:f2ae

🇺🇸 2607:ff68:7:6f:258:7bff:fe73:c43f

🇷🇺 109.63.170.171

🇺🇸 104.168.133.168

🇳🇱 45.148.10.151

🇩🇪 43.228.157.147

🇺🇸 2607:f8b0:4001:c14::123

🇺🇸 206.189.235.67

🇳🇱 204.76.203.206