JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.6.18

65.111.6.18 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.6.18

Whois 65.111.6.18

IP Abuse Reports for 65.111.6.18:

This IP address has been reported a total of 37 times from 19 distinct sources. 65.111.6.18 was first reported on June 28th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 oncord	2026-05-05 12:27:18 (1 month ago)	Form spam	Web Spam
🇬🇧 oncord	2026-04-30 17:01:04 (1 month ago)	Form spam	Web Spam
🇺🇸 nowyouknow	2026-04-30 04:08:57 (1 month ago)	(From [email protected]) Hi, Fast update I opened a free giveaway and kept a spot for you. ... show more (From [email protected]) Hi, Fast update I opened a free giveaway and kept a spot for you. Jump in before it closes: https://suniljaindvg.systeme.io/6850adaf Takes about 10 sec. Good luck getting in, Sunil Ferrell (Sunil T Jain) P.S. Don’t leave it too late: https://suniljaindvg.systeme.io/6850adaf If you would rather not receive any more communications from me, please fill out the form on my site show less	Phishing Web Spam
🇳🇱 GabrielJST	2026-01-08 06:19:16 (5 months ago)	(wordpress) Failed wordpress login from 65.111.6.18 (US/United States/-)	Brute-Force
🇳🇱 homeshowdomain.nl	2026-01-02 23:01:10 (5 months ago)	Auto-ban: >3000 req/min op 2026-01-02	Hacking Web App Attack SSH
🇳🇱 BlueWire Hosting	2025-12-31 05:14:22 (5 months ago)	Probing websites for vulnerabilities	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:58:02 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇹 VHosting	2025-12-29 22:40:09 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇪🇸 10dencehispahard SL	2025-12-03 07:39:40 (6 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-11-27 21:44:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:44:09.551336 2025] [security2:error] [pid 3544:tid 3544] [client 65.111.6.18:55603] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fredlandia.com"] [uri "/.env"] [unique_id "aSjGKb1S8j5zMx9XCpkljQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:46:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:46:28.727447 2025] [security2:error] [pid 10841:tid 10841] [client 65.111.6.18:23089] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.intelerium.com"] [uri "/.git/HEAD"] [unique_id "aSQpdMjaDSGM7C-oi47JmAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:43:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:42:48.234233 2025] [security2:error] [pid 978:tid 978] [client 65.111.6.18:49245] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.genevainvestors.com"] [uri "/.env"] [unique_id "aSQaiHiCWd5XuvOAT8O8kgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:45:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:44:59.784942 2025] [security2:error] [pid 7025:tid 7025] [client 65.111.6.18:41849] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.nationaljar.com"] [uri "/.git/HEAD"] [unique_id "aSP-61qKSXY3YQoPH03DAgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:18:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:18:23.121743 2025] [security2:error] [pid 15670:tid 15670] [client 65.111.6.18:47441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "amazinggraceministries.net"] [uri "/.svn/wc.db"] [unique_id "aSP4r2oFfo0GtkofTjlPhgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:41:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:41:17.462156 2025] [security2:error] [pid 20323:tid 20323] [client 65.111.6.18:45217] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.crep-psych.org"] [uri "/.git/HEAD"] [unique_id "aSPh7TKUKvBFmM3awQrKKAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 104.152.52.110

🇳🇱 185.242.226.166

🇮🇩 103.165.139.145

🇺🇸 93.152.208.42

🇨🇦 85.217.149.69

🇺🇸 64.236.153.145

🇵🇭 49.145.73.60

🇺🇸 34.48.165.236

🇺🇸 2604:a880:400:d1::91e4:b001

🇺🇸 195.184.76.24

🇹🇱 180.189.174.146

🇩🇪 178.104.42.207

🇩🇪 167.94.146.43

🇭🇰 154.221.20.92

🇺🇸 154.83.197.7

🇳🇱 107.189.27.179

🇮🇳 103.12.135.35

🇺🇸 66.132.224.24

🇫🇷 62.210.142.176

🇨🇳 14.103.218.183